cryptonite-0.13: Cryptography Primitives sink

LicenseBSD-style
MaintainerVincent Hanquez <vincent@snarc.org>
Stabilitystable
Portabilitygood
Safe HaskellNone
LanguageHaskell2010

Crypto.Cipher.ChaChaPoly1305

Description

A simple AEAD scheme using ChaCha20 and Poly1305. See RFC 7539.

The State is not modified in place, so each function changing the State, returns a new State.

Authenticated Data need to be added before any call to encrypt or decrypt, and once all the data has been added, then finalizeAAD need to be called.

Once finalizeAAD has been called, no further appendAAD call should be make.

import Data.ByteString.Char8 as B
import Data.ByteArray
import Crypto.Error
import Crypto.Cipher.ChaChaPoly1305 as C

encrypt
    :: ByteString -- nonce (12 random bytes)
    -> ByteString -- symmetric key
    -> ByteString -- optional associated data (won't be encrypted)
    -> ByteString -- input plaintext to be encrypted
    -> CryptoFailable ByteString -- ciphertext with a 128-bit tag attached
encrypt nonce key header plaintext = do
    st1 <- C.nonce12 nonce >>= C.initialize key
    let
        st2 = C.finalizeAAD $ C.appendAAD header st1
        (out, st3) = C.encrypt plaintext st2
        auth = C.finalize st3
    return $ out `B.append` Data.ByteArray.convert auth

Synopsis

Documentation

data State Source

A ChaChaPoly1305 State.

The state is immutable, and only new state can be created

data Nonce Source

Valid Nonce for ChaChaPoly1305.

It can be created with nonce8 or nonce12

Instances

nonce12 :: ByteArrayAccess iv => iv -> CryptoFailable Nonce Source

Nonce smart constructor 12 bytes IV, nonce constructor

nonce8 Source

Arguments

:: ByteArrayAccess ba 
=> ba

4 bytes constant

-> ba

8 bytes IV

-> CryptoFailable Nonce 

8 bytes IV, nonce constructor

incrementNonce :: Nonce -> Nonce Source

Increment a nonce

initialize :: ByteArrayAccess key => key -> Nonce -> CryptoFailable State Source

Initialize a new ChaChaPoly1305 State

The key length need to be 256 bits, and the nonce procured using either nonce8 or nonce12

appendAAD :: ByteArrayAccess ba => ba -> State -> State Source

Append Authenticated Data to the State and return the new modified State.

Once no further call to this function need to be make, the user should call finalizeAAD

finalizeAAD :: State -> State Source

Finalize the Authenticated Data and return the finalized State

encrypt :: ByteArray ba => ba -> State -> (ba, State) Source

Encrypt a piece of data and returns the encrypted Data and the updated State.

decrypt :: ByteArray ba => ba -> State -> (ba, State) Source

Decrypt a piece of data and returns the decrypted Data and the updated State.

finalize :: State -> Auth Source

Generate an authentication tag from the State.