Set of cryptographic functions.


pub type HashAlgorithm {


  • Sha224
  • Sha256
  • Sha384
  • Sha512


pub fn hash(a: HashAlgorithm, b: BitArray) -> BitArray

Computes a digest of the input bit string.

pub fn hmac(
  data: BitArray,
  algorithm: HashAlgorithm,
  key: BitArray,
) -> BitArray

Calculates the HMAC (hash-based message authentication code) for a bit string.

Based on the Erlang crypto:mac function, or the node:crypto.createHmac function on JavaScript.

pub fn secure_compare(left: BitArray, right: BitArray) -> Bool

Compares the two binaries in constant-time to avoid timing attacks.

For more details see:

pub fn sign_message(
  message: BitArray,
  secret: BitArray,
  digest_type: HashAlgorithm,
) -> String

Sign a message which can later be verified using the verify_signed_message function to detect if the message has been tampered with.

A web application could use this verifier to sign HTTP cookies. The data can be read by the user, but cannot be tampered with.

pub fn strong_random_bytes(a: Int) -> BitArray

Generates a specified number of bytes randomly uniform 0..255, and returns the result in a binary.

On Erlang this uses a cryptographically secure prng seeded and periodically mixed with / operating system provided entropy. By default this is the RAND_bytes method from OpenSSL.

On JavaScript the WebCrypto API is used.

pub fn verify_signed_message(
  message: String,
  secret: BitArray,
) -> Result(BitArray, Nil)

Verify a message created by the sign_message function.

Search Document