cryptohash: collection of crypto hashes, fast, pure and practical

[ bsd3, cryptography, data, library ] [ Propose Tags ] [ Report a vulnerability ]

DEPRECATED: this library is still fully functional, but please use cryptonite for new projects and convert old one to use cryptonite. This is where things are at nowadays.

A collection of crypto hashes, with a practical incremental and one-pass, pure APIs, with performance close to the fastest implementations available in other languages.

The implementations are made in C with a haskell FFI wrapper that hide the C implementation.

Simple examples using the unified API:

import Crypto.Hash

sha1 :: ByteString -> Digest SHA1
sha1 = hash

hexSha3_512 :: ByteString -> String
hexSha3_512 bs = show (hash bs :: Digest SHA3_512)

Simple examples using the module API:

import qualified Crypto.Hash.SHA1 as SHA1

main = putStrLn $ show $ SHA1.hash (Data.ByteString.pack [0..255])

import qualified Crypto.Hash.SHA3 as SHA3

main = putStrLn $ show $ digest
  where digest = SHA3.finalize ctx
        ctx    = foldl' SHA3.update iCtx (map Data.ByteString.pack [ [1,2,3], [4,5,6] ]
        iCtx   = SHA3.init 224

[Skip to Readme]

Downloads

cryptohash-0.11.9.tar.gz [browse] (Cabal source package)
Package description (as included in the package)

Maintainer's Corner

Package maintainers

VincentHanquez

For package maintainers and hackage trustees

edit package information

Candidates

No Candidates

Versions [RSS]	0.4, 0.4.1, 0.5, 0.5.1, 0.5.2, 0.5.3, 0.6, 0.6.1, 0.6.2, 0.6.3, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6, 0.7.7, 0.7.8, 0.7.9, 0.7.10, 0.8.0, 0.8.1, 0.8.2, 0.8.3, 0.8.4, 0.9.0, 0.9.1, 0.10.0, 0.11.0, 0.11.1, 0.11.2, 0.11.3, 0.11.4, 0.11.5, 0.11.6, 0.11.7, 0.11.8, 0.11.9
Dependencies	base (>=4 && <6), byteable, bytestring, cryptonite (>=0.13), ghc-prim, memory [details]
License	BSD-3-Clause
Copyright	Vincent Hanquez <vincent@snarc.org>
Author	Vincent Hanquez <vincent@snarc.org>
Maintainer	Vincent Hanquez <vincent@snarc.org>
Category	Data, Cryptography
Home page	http://github.com/vincenthz/hs-cryptohash
Source repo	head: git clone git://github.com/vincenthz/hs-cryptohash
Uploaded	by VincentHanquez at 2016-03-25T17:25:05Z
Distributions	Arch:0.11.9, Debian:0.11.9, Fedora:0.11.9, FreeBSD:0.11.6, LTSHaskell:0.11.9, NixOS:0.11.9, Stackage:0.11.9
Reverse Dependencies	157 direct, 3449 indirect [details]
Downloads	187449 total (248 in the last 30 days)
Rating	1.25 (votes: 1) [estimated by Bayesian average]
Your Rating	λ λ λ
Status	Docs available [build log] Last success reported on 2016-03-25 [all 1 reports]

Readme for cryptohash-0.11.9

[back to package description]

⚠️ this library is now deprecated in favor of cryptonite, which is a superset of this, and also have more functionality. For new projects, you should not use this library anymore, and preferably you should convert old projects to cryptonite too.

⚠️ the SHA3 implementation available in Crypto.Hash.SHA3 is not SHA3 as standardized by NIST, but Keccak as submitted for the SHA3 contest. A matching implementation is available as Keccak in cryptonite, although I would recommend not to use unless you happens to really really need your digest value to be compatible. On the other hand, the centralized Crypto.Hash export a proper SHA3 implementation (as standardized by NIST)

CryptoHash

hs-cryptohash provides many different secure digest algorithms, also called cryptographic hash functions or, simply, cryptohashes. The package exports common hash functions, as well as some more exotic ones, and provides a single API for them all.

The general performance is comparable to the most optimised implementations available.

Here is the complete list of supported algorithms:

MD2, MD4, MD5
RIPEMD160
SHA1
SHA-2 family: 224, 256, 384, 512 and the newer 512t
SHA-3 (aka Keccak)
Skein: 256, 512
Tiger
Whirlpool

You can easily import any hash with the following:

import qualified Crypto.Hash.<HASH> as <Hash>

We recommend using import qualified because the APIs are similar and many of the modules reuse the same names. However, if you are ony using one module, there is no need to qualify the names.

Incremental API

it's based on 4 different functions, similar to the lowlevel operations of a typical hash:

init: create a new hash context
update: update non-destructively a new hash context with a strict bytestring
updates: same as update, except that it takes a list of strict bytestring
finalize: finalize the context and returns a digest bytestring.

all those operations are completely pure, and instead of changing the context as usual in others language, it re-allocates a new context each time.

One Pass API

The one pass API use the incremental API under the hood, but expose common operations to create digests out of a bytestring and lazy bytestring.

hash: create a digest (init+update+finalize) from a strict bytestring
hashlazy: create a digest (init+update+finalize) from a lazy bytestring

More Type safety

A more type safe API is also available from Crypto.Hash. The API provides all the supported hashes in the same namespace, through unified functions.

It introduces 2 new types, the Context type and the Digest type. Both those types are parametrized with the HashAlgorithm used.

The API is very similar to each single hash module, except the types are slightly different.

import Crypto.Hash

-- use the incremental API to hash the byte [1,2,3] with SHA1
-- and print the hexadecimal digest.
example1 = do
    let ctx = hashInit
        ctx' = hashUpdates ctx [ Data.ByteString.pack [1,2,3] ]
        dgt  = hashFinalize ctx' :: Digest SHA1
    putStrLn $ show dgt

-- use the one-pass API to hash the byte 1,2,3 with SHA3_512
-- and print the hexadecimal digest.
example2 = do
    let dgt  = hash (Data.ByteString.pack [1,2,3]) :: Digest SHA3_512
    putStrLn $ show dgt

Performance

Cryptohash uses C implementations to provide maximum performance. see the cbits directory for more information