License | BSD-style |
---|---|
Maintainer | Vincent Hanquez <vincent@snarc.org> |
Stability | Stable |
Portability | Excellent |
Safe Haskell | None |
Language | Haskell2010 |
Symmetric cipher basic types
- class Cipher cipher where
- class Cipher cipher => BlockCipher cipher where
- class BlockCipher cipher => BlockCipher128 cipher where
- class Cipher cipher => StreamCipher cipher where
- type DataUnitOffset = Word32
- data KeySizeSpecifier
- = KeySizeRange Int Int
- | KeySizeEnum [Int]
- | KeySizeFixed Int
- data AEADMode
- data CCM_M
- data CCM_L
- data AEADModeImpl st = AEADModeImpl {
- aeadImplAppendHeader :: forall ba. ByteArrayAccess ba => st -> ba -> st
- aeadImplEncrypt :: forall ba. ByteArray ba => st -> ba -> (ba, st)
- aeadImplDecrypt :: forall ba. ByteArray ba => st -> ba -> (ba, st)
- aeadImplFinalize :: st -> Int -> AuthTag
- data AEAD cipher = AEAD {
- aeadModeImpl :: AEADModeImpl st
- aeadState :: st
- aeadAppendHeader :: ByteArrayAccess aad => AEAD cipher -> aad -> AEAD cipher
- aeadEncrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher)
- aeadDecrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher)
- aeadFinalize :: AEAD cipher -> Int -> AuthTag
- aeadSimpleEncrypt :: (ByteArrayAccess aad, ByteArray ba) => AEAD a -> aad -> ba -> Int -> (AuthTag, ba)
- aeadSimpleDecrypt :: (ByteArrayAccess aad, ByteArray ba) => AEAD a -> aad -> ba -> AuthTag -> Maybe ba
- data IV c
- makeIV :: (ByteArrayAccess b, BlockCipher c) => b -> Maybe (IV c)
- nullIV :: BlockCipher c => IV c
- ivAdd :: BlockCipher c => IV c -> Int -> IV c
- newtype AuthTag = AuthTag {}
Cipher classes
class Cipher cipher where Source #
Symmetric cipher class.
cipherInit :: ByteArray key => key -> CryptoFailable cipher Source #
Initialize a cipher context from a key
cipherName :: cipher -> String Source #
Cipher name
cipherKeySize :: cipher -> KeySizeSpecifier Source #
return the size of the key required for this cipher. Some cipher accept any size for key
class Cipher cipher => BlockCipher cipher where Source #
Symmetric block cipher class
blockSize :: cipher -> Int Source #
Return the size of block required for this block cipher
ecbEncrypt :: ByteArray ba => cipher -> ba -> ba Source #
Encrypt blocks
the input string need to be multiple of the block size
ecbDecrypt :: ByteArray ba => cipher -> ba -> ba Source #
Decrypt blocks
the input string need to be multiple of the block size
cbcEncrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source #
encrypt using the CBC mode.
input need to be a multiple of the blocksize
cbcDecrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source #
decrypt using the CBC mode.
input need to be a multiple of the blocksize
cfbEncrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source #
encrypt using the CFB mode.
input need to be a multiple of the blocksize
cfbDecrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source #
decrypt using the CFB mode.
input need to be a multiple of the blocksize
ctrCombine :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source #
combine using the CTR mode.
CTR mode produce a stream of randomized data that is combined (by XOR operation) with the input stream.
encryption and decryption are the same operation.
input can be of any size
aeadInit :: ByteArrayAccess iv => AEADMode -> cipher -> iv -> CryptoFailable (AEAD cipher) Source #
Initialize a new AEAD State
When Nothing is returns, it means the mode is not handled.
class BlockCipher cipher => BlockCipher128 cipher where Source #
class of block cipher with a 128 bits block size
:: ByteArray ba | |
=> (cipher, cipher) | |
-> IV cipher | Usually represent the Data Unit (e.g. disk sector) |
-> DataUnitOffset | Offset in the data unit in number of blocks |
-> ba | Plaintext |
-> ba | Ciphertext |
encrypt using the XTS mode.
input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only
:: ByteArray ba | |
=> (cipher, cipher) | |
-> IV cipher | Usually represent the Data Unit (e.g. disk sector) |
-> DataUnitOffset | Offset in the data unit in number of blocks |
-> ba | Ciphertext |
-> ba | Plaintext |
decrypt using the XTS mode.
input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only
class Cipher cipher => StreamCipher cipher where Source #
Symmetric stream cipher class
streamCombine :: ByteArray ba => cipher -> ba -> (ba, cipher) Source #
Combine using the stream cipher
type DataUnitOffset = Word32 Source #
Offset inside an XTS data unit, measured in block size.
data KeySizeSpecifier Source #
Different specifier for key size in bytes
KeySizeRange Int Int | in the range [min,max] |
KeySizeEnum [Int] | one of the specified values |
KeySizeFixed Int | a specific size |
AEAD functions
AEAD Mode
data AEADModeImpl st Source #
AEAD Implementation
AEADModeImpl | |
|
Authenticated Encryption with Associated Data algorithms
AEAD | |
|
aeadAppendHeader :: ByteArrayAccess aad => AEAD cipher -> aad -> AEAD cipher Source #
Append some header information to an AEAD context
aeadEncrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher) Source #
Encrypt some data and update the AEAD context
aeadDecrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher) Source #
Decrypt some data and update the AEAD context
aeadFinalize :: AEAD cipher -> Int -> AuthTag Source #
Finalize the AEAD context and return the authentication tag
:: (ByteArrayAccess aad, ByteArray ba) | |
=> AEAD a | A new AEAD Context |
-> aad | Optional Authentication data header |
-> ba | Optional Plaintext |
-> Int | Tag length |
-> (AuthTag, ba) | Authentication tag and ciphertext |
Simple AEAD encryption
:: (ByteArrayAccess aad, ByteArray ba) | |
=> AEAD a | A new AEAD Context |
-> aad | Optional Authentication data header |
-> ba | Ciphertext |
-> AuthTag | The authentication tag |
-> Maybe ba | Plaintext |
Simple AEAD decryption
Initial Vector type and constructor
an IV parametrized by the cipher
Eq (IV c) Source # | |
BlockCipher c => ByteArrayAccess (IV c) Source # | |
makeIV :: (ByteArrayAccess b, BlockCipher c) => b -> Maybe (IV c) Source #
Create an IV for a specified block cipher
nullIV :: BlockCipher c => IV c Source #
Create an IV that is effectively representing the number 0
ivAdd :: BlockCipher c => IV c -> Int -> IV c Source #
Increment an IV by a number.
Assume the IV is in Big Endian format.