Algorithms

ocrypto supports the following cryptographic algorithms and key sizes:

Algorithm Specification
SHA (SHA1, SHA224*, SHA256, SHA384*, SHA512) FIPS-PUB-180-4
AEAD-ChaCha20-Poly1305 RFC8439
AES (CTR, CCM, GCM, CBC, ECB, EAX with 128/192/256-bit keys) FIPS-PUB-197, NIST SP 800-38*, EAX
AES-CMAC RFC4493
HMAC (SHA1, SHA256, SHA512) RFC2104
HKDF (SHA1, SHA256, SHA512) RFC5869
PBKDF2 (SHA1, SHA256) RFC8018
ECDH (P224, P256, P384) ** NIST SP 800-56A
ECDSA (P224, P256, P384) ** FIPS-PUB-186-4
X25519 (aka Curve25519) RFC7748
Ed25519 RFC8032
RSA (1024/1536/2048/3072/4096/6144/8192-bit keys, RSAES PKCS-v1.5 / OAEP, RSASSA PKCS-v1.5 / PSS) RFC8017
SRP-6 (SHA512, 3072-bit keys) RFC2945
EC-JPAKE (P256) RFC8236

* SHA256 with output truncated to 224 bit / SHA512 with output truncated to 384 bit.

** P224 (aka prime224v1 and secp224r1), P256 (aka prime256v1 and secp256r1) and P384 (aka prime384v1 and secp384r1) are implemented according to RFC5903.

For all algorithms, ocrypto provides functions that execute in a single call and only use the call stack for storing intermediate values ("single-part functions"). For some algorithms, e.g., Ed25519, additional functions are provided that execute in a single call and use minimal stack space, plus caller-provided context objects for storing intermediate values ("stack-optimized functions"). For some algorithms, e.g., all SHA variants, additional functions are provided that execute in multiple calls for the incremental processing of data streams ("incremental functions"). They use minimal stack space, plus caller-provided context objects for storing intermediate values.