cryptohash-sha256-0.11.101.0: Fast, pure and practical SHA-256 implementation

LicenseBSD-3
MaintainerHerbert Valerio Riedel <hvr@gnu.org>
Stabilitystable
Safe HaskellTrustworthy
LanguageHaskell2010

Crypto.Hash.SHA256

Contents

Description

A module containing SHA-256 bindings

Synopsis

Incremental API

This API is based on 4 different functions, similar to the lowlevel operations of a typical hash:

  • init: create a new hash context
  • update: update non-destructively a new hash context with a strict bytestring
  • updates: same as update, except that it takes a list of strict bytestrings
  • finalize: finalize the context and returns a digest bytestring.

all those operations are completely pure, and instead of changing the context as usual in others language, it re-allocates a new context each time.

Example:

import qualified Data.ByteString
import qualified Crypto.Hash.SHA256 as SHA256

main = print digest
  where
    digest = SHA256.finalize ctx
    ctx    = foldl SHA256.update ctx0 (map Data.ByteString.pack [ [1,2,3], [4,5,6] ])
    ctx0   = SHA256.init

newtype Ctx Source #

SHA-256 Context

The context data is exactly 104 bytes long, however the data in the context is stored in host-endianness.

The context data is made up of

  • a Word64 representing the number of bytes already feed to hash algorithm so far,
  • a 64-element Word8 buffer holding partial input-chunks, and finally
  • a 8-element Word32 array holding the current work-in-progress digest-value.

Consequently, a SHA-256 digest as produced by hash, hashlazy, or finalize is 32 bytes long.

Constructors

Ctx ByteString 

init :: Ctx Source #

create a new hash context

update :: Ctx -> ByteString -> Ctx Source #

update a context with a bytestring

updates :: Ctx -> [ByteString] -> Ctx Source #

updates a context with multiple bytestrings

finalize :: Ctx -> ByteString Source #

finalize the context into a digest bytestring (32 bytes)

finalizeAndLength :: Ctx -> (ByteString, Word64) Source #

Variant of finalize also returning length of hashed content

Since: 0.11.101.0

Single Pass API

This API use the incremental API under the hood to provide the common all-in-one operations to create digests out of a ByteString and lazy ByteString.

Example:

import qualified Data.ByteString
import qualified Crypto.Hash.SHA256 as SHA256

main = print $ SHA256.hash (Data.ByteString.pack [0..255])

NOTE: The returned digest is a binary ByteString. For converting to a base16/hex encoded digest the base16-bytestring package is recommended.

hash :: ByteString -> ByteString Source #

hash a strict bytestring into a digest bytestring (32 bytes)

hashlazy :: ByteString -> ByteString Source #

hash a lazy bytestring into a digest bytestring (32 bytes)

hashlazyAndLength :: ByteString -> (ByteString, Word64) Source #

Variant of hashlazy which simultaneously computes the hash and length of a lazy bytestring.

Since: 0.11.101.0

HMAC-SHA-256

RFC2104-compatible HMAC-SHA-256 digests

hmac Source #

Arguments

:: ByteString

secret

-> ByteString

message

-> ByteString

digest (32 bytes)

Compute 32-byte RFC2104-compatible HMAC-SHA-256 digest for a strict bytestring message

Since: 0.11.100.0

hmaclazy Source #

Arguments

:: ByteString

secret

-> ByteString

message

-> ByteString

digest (32 bytes)

Compute 32-byte RFC2104-compatible HMAC-SHA-256 digest for a lazy bytestring message

Since: 0.11.100.0

hmaclazyAndLength Source #

Arguments

:: ByteString

secret

-> ByteString

message

-> (ByteString, Word64)

digest (32 bytes) and length of message

Variant of hmaclazy which also returns length of message

Since: 0.11.101.0

HKDF-SHA-256

RFC5869-compatible HKDF-SHA-256 key derivation function

hkdf Source #

Arguments

:: ByteString

IKM Input keying material

-> ByteString

salt Optional salt value, a non-secret random value (can be "")

-> ByteString

info Optional context and application specific information (can be "")

-> Int

L length of output keying material in octets (at most 255*32 bytes)

-> ByteString

OKM Output keying material (L bytes)

RFC6234-compatible HKDF-SHA-256 key derivation function.

Since: 0.11.101.0