Question 1

How to seed the RNG in nocrypto?

Accepted Answer

You need to call initialization functions such as Nocrypto_entropy_unix.initialize() for Unix or Nocrypto_entropy_lwt.initialize() for Lwt, as specified in the FAQ. This seeds the Fortuna RNG with entropy to prevent unseeded generator errors.

Question 2

nocrypto vs cryptokit: which is better for OCaml?

Accepted Answer

nocrypto emphasizes simplicity, functional style, and timing attack protection, making it ideal for OCaml purists. Cryptokit may offer broader algorithm support or different APIs, so choice depends on whether you prioritize integration with OCaml's paradigm or feature breadth.

Question 3

How to handle illegal instructions with AES acceleration?

Accepted Answer

Disable acceleration at build time using `--accelerate false` or set the NOCRYPTO_ACCELERATE environment variable to false. This prevents SIGILL errors on hardware without SSE2/AES-NI support, ensuring portability.

Question 4

Does nocrypto support elliptic curve cryptography?

Accepted Answer

No, nocrypto currently does not include elliptic curve cryptography; it focuses on RSA, DSA, and DH for public-key operations. For ECC needs, you might need to explore other OCaml libraries or consider extensions.

Question 5

How to build nocrypto with Lwt support?

Accepted Answer

Use the build flag `--with-lwt true` when running `./pkg/pkg.ml build`, as shown in the README. This integrates nocrypto with Lwt for asynchronous operations in OCaml applications.

Question 6

Is nocrypto secure for production use?

Accepted Answer

Yes, with proper configuration: ensure RNG is seeded, use timing attack protections, and match build settings to deployment hardware. Its security features like Fortuna and AES-NI delegation make it robust, but vigilance on compatibility is key.

nocrypto

What is nocrypto?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions