| License | BSD-style |
|---|---|
| Maintainer | Brandon Hamilton <brandon.hamilton@gmail.com> |
| Stability | stable |
| Portability | good |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Crypto.Cipher.XSalsa
Description
Implementation of XSalsa20 algorithm https://cr.yp.to/snuffle/xsalsa-20081128.pdf Based on the Salsa20 algorithm with 256 bit key extended with 192 bit nonce
Synopsis
- initialize :: (ByteArrayAccess key, ByteArrayAccess nonce) => Int -> key -> nonce -> State
- derive :: ByteArrayAccess nonce => State -> nonce -> State
- combine :: ByteArray ba => State -> ba -> (ba, State)
- generate :: ByteArray ba => State -> Int -> (ba, State)
- data State
Documentation
Arguments
| :: (ByteArrayAccess key, ByteArrayAccess nonce) | |
| => Int | number of rounds (8,12,20) |
| -> key | the key (256 bits) |
| -> nonce | the nonce (192 bits) |
| -> State | the initial XSalsa state |
Initialize a new XSalsa context with the number of rounds, the key and the nonce associated.
Arguments
| :: ByteArrayAccess nonce | |
| => State | base XSalsa state |
| -> nonce | the remainder nonce (128 bits) |
| -> State | the new XSalsa state |
Use an already initialized context and new nonce material to derive another XSalsa context.
This allows a multi-level cascade where a first key k1 and nonce n1 is
used to get HState(k1,n1), and this value is then used as key k2 to build
XSalsa(k2,n2). Function initialize is to be called with the first 192
bits of n1|n2, and the call to derive should add the remaining 128 bits.
The output context always uses the same number of rounds as the input context.
Arguments
| :: ByteArray ba | |
| => State | the current Salsa state |
| -> ba | the source to xor with the generator |
| -> (ba, State) |
Combine the salsa output and an arbitrary message with a xor, and return the combined output and the new state.