| License | BSD-3-Clause |
|---|---|
| Maintainer | The Haskell Cryptography Group |
| Stability | Stable |
| Portability | GHC only |
| Safe Haskell | Trustworthy |
| Language | Haskell2010 |
LibSodium.Bindings.Secretbox
Description
Synopsis
- cryptoSecretboxKeygen :: Ptr CUChar -> IO ()
- cryptoSecretboxEasy :: Ptr CUChar -> Ptr CUChar -> CULLong -> Ptr CUChar -> Ptr CUChar -> IO CInt
- cryptoSecretboxOpenEasy :: Ptr CUChar -> Ptr CUChar -> CULLong -> Ptr CUChar -> Ptr CUChar -> IO CInt
- cryptoSecretboxDetached :: Ptr CUChar -> Ptr CUChar -> Ptr CUChar -> CULLong -> Ptr CUChar -> Ptr CUChar -> IO CInt
- cryptoSecretboxOpenDetached :: Ptr CUChar -> Ptr CUChar -> Ptr CUChar -> CULLong -> Ptr CUChar -> Ptr CUChar -> IO CInt
- cryptoSecretboxKeyBytes :: CSize
- cryptoSecretboxNonceBytes :: CSize
- cryptoSecretboxMACBytes :: CSize
- cryptoSecretboxPrimitive :: Ptr CChar
- cryptoSecretboxMessageBytesMax :: CSize
Introduction
This API allows encrypting a message using a secret key and a nonce. The ciphertext is accompanied by an authentication tag.
It comes in two flavours:
- easy
- Both the ciphertext and authentication tag are stored in the same buffer.
- detached
- The ciphertext and authentication tag may be stored in separate buffers.
The same key is used for both encryption and decryption, so it must be kept secret.
A key can be generated using the cryptoSecretboxKeygen primitive.
Each message must use a unique nonce, which may be generated with the randombytesBuf primitive.
The nonce does not need to be kept secret but should never be reused with the same secret key.
For more information see the upstream docs: https://doc.libsodium.org/secret-key_cryptography/secretbox
Secretbox
Keygen
cryptoSecretboxKeygen Source #
Arguments
| :: Ptr CUChar | key buffer of length |
| -> IO () |
Generate a key that can be used by the primitives of the secretbox API.
See: crypto_secretbox_keygen()
Since: 0.0.1.0
Easy
Arguments
| :: Ptr CUChar | A pointer to the buffer that will hold the ciphertext.
The length of the ciphertext is the length of the message in bytes plus |
| -> Ptr CUChar | A pointer to the buffer holding the message to be encrypted. |
| -> CULLong | The length of the message in bytes. |
| -> Ptr CUChar | A pointer to the nonce of size |
| -> Ptr CUChar | A pointer to the secret key of size |
| -> IO CInt | Returns 0 on success and -1 on error. |
Encrypt a message using a secret key and nonce.
The message and ciphertext buffers may overlap enabling in-place encryption, but note that the
ciphertext will be cryptoSecretboxMACBytes bytes longer than the message.
Since: 0.0.1.0
cryptoSecretboxOpenEasy Source #
Arguments
| :: Ptr CUChar | A pointer to the buffer that will hold the decrypted message.
The length of the message is the length of the ciphertext in bytes minus |
| -> Ptr CUChar | A pointer to the buffer holding the ciphertext to be verified and decrypted. |
| -> CULLong | The length of the ciphertext in bytes. |
| -> Ptr CUChar | A pointer to the nonce of size |
| -> Ptr CUChar | A pointer to the secret key of size |
| -> IO CInt | Returns 0 on success and -1 on error. |
Verify and decrypt ciphertext using a secret key and nonce.
The message and ciphertext buffers may overlap enabling in-place decryption, but note that the
message will be cryptoSecretboxMACBytes bytes shorter than the ciphertext.
See: crypto_secretbox_open_easy()
Since: 0.0.1.0
Detached
cryptoSecretboxDetached Source #
Arguments
| :: Ptr CUChar | A pointer to the buffer that will hold the ciphertext. This will have the same length as the message. |
| -> Ptr CUChar | A pointer to the buffer that will hold the authentication tag.
This will be of length |
| -> Ptr CUChar | A pointer to the buffer holding the message to be encrypted. |
| -> CULLong | The length of the message in bytes. |
| -> Ptr CUChar | A pointer to the nonce of size |
| -> Ptr CUChar | A pointer to the secret key of size |
| -> IO CInt | Returns 0 on success and -1 on error. |
cryptoSecretboxOpenDetached Source #
Arguments
| :: Ptr CUChar | A pointer to the buffer that will hold the decrypted message. This will have the same length as the ciphertext. |
| -> Ptr CUChar | A pointer to the buffer holding the ciphertext to be decrypted. |
| -> Ptr CUChar | A pointer to the buffer holding the authentication tag to be verified. |
| -> CULLong | The length of the ciphertext in bytes. |
| -> Ptr CUChar | A pointer to the nonce of size |
| -> Ptr CUChar | A pointer to the secret key of size |
| -> IO CInt | Returns 0 on success and -1 on error. |
Verify and decrypt ciphertext using a secret key and nonce
See: crypto_secretbox_open_detached()
Since: 0.0.1.0
Constants
cryptoSecretboxPrimitive :: Ptr CChar Source #
The underlying cryptographic algorithm used to implement the secretbox API.
See: crypto_secretbox_PRIMITIVE
Since: 0.0.1.0
cryptoSecretboxMessageBytesMax :: CSize Source #
Maximum length of a message in bytes that can be encrypted using the secretbox API.
See: crypto_secretbox_MESSAGEBYTES_MAX
Since: 0.0.1.0