crypto-api-0.13.2: A generic interface for cryptographic operations

Safe HaskellNone
LanguageHaskell98

Crypto.Util

Description

A small selection of utilities that might be of use to others working with bytestring/number combinations.

Synopsis

Documentation

incBS :: ByteString -> ByteString Source

incBS bs inefficiently computes the value i2bs (8 * B.length bs) (bs2i bs + 1)

i2bs :: Int -> Integer -> ByteString Source

i2bs bitLen i converts i to a ByteString of bitLen bits (must be a multiple of 8).

i2bs_unsized :: Integer -> ByteString Source

i2bs_unsized i converts i to a ByteString of sufficient bytes to express the integer. The integer must be non-negative and a zero will be encoded in one byte.

throwLeft :: Exception e => Either e a -> a Source

Useful utility to extract the result of a generator operation and translate error results to exceptions.

for :: Tagged a b -> a -> b Source

Obtain a tagged value for a particular instantiated type.

(.::.) :: Tagged a b -> a -> b Source

Infix for operator

constTimeEq :: ByteString -> ByteString -> Bool Source

Checks two bytestrings for equality without breaches for timing attacks.

Semantically, constTimeEq = (==). However, x == y takes less time when the first byte is different than when the first byte is equal. This side channel allows an attacker to mount a timing attack. On the other hand, constTimeEq always takes the same time regardless of the bytestrings' contents, unless they are of difference size.

You should always use constTimeEq when comparing secrets, otherwise you may leave a significant security hole (cf. http://codahale.com/a-lesson-in-timing-attacks/).

bs2i :: ByteString -> Integer Source

Helper function to convert bytestrings to integers

zwp' :: ByteString -> ByteString -> ByteString Source

zipWith xor + Pack As a result of rewrite rules, this should automatically be optimized (at compile time). to use the bytestring libraries zipWith' function.

zwp :: ByteString -> ByteString -> ByteString Source

zipWith xor + Pack

This is written intentionally to take advantage of the bytestring libraries zipWith' rewrite rule but at the extra cost of the resulting lazy bytestring being more fragmented than either of the two inputs.