-- |
-- Module      : Raaz.AuthEncrypt.Unsafe
-- Copyright   : (c) Piyush P Kurur, 2016
-- License     : Apache-2.0 OR BSD-3-Clause
-- Maintainer  : Piyush P Kurur <ppk@iitpkd.ac.in>
-- Stability   : experimental
--
module Raaz.AuthEncrypt.Unsafe
       ( -- * Explicit computation and taking apart
         -- $unsafe$
         -- ** Specific variants
         -- $specific$
         module Raaz.V1.AuthEncrypt.Unsafe
       ) where

import Raaz.V1.AuthEncrypt.Unsafe

-- $unsafe$
--
-- This module provides two class of unsafe functions:
--
-- 1. Functions to compute AEAD tokens with explicit key and Nounce
--
-- 2. Functions to take apart an AEAD token into their constituents, namely
--    the nounce used, the cipher text, and the authentication tag.
--
-- The former is to help interface with other libraries where as the
-- latter allows us to serialise AEAD tokens.
--
--
-- __WARNING:__ The security of the interface is compromised if
--
-- 1. The key gets revealed to the attacker or
--
-- 2. If the same key/nounce pair is used to lock two different
--    messages.
--
-- 3. Taking apart the AEAD token may compromises type safety.
--
-- Nounces /need not/ be private and may be exposed to the
-- attacker. In fact, in the safe version of these locking function,
-- we pick the nounce at random (using the csprg) and pack it into the
-- AEAD token.

-- $specific$
--
-- For specific algorithms, the unsafe version is also available
--
-- * Raaz.AuthEncrypt.Unsafe.ChaCha20Poly1305
-- * Raaz.AuthEncrypt.Unsafe.XChaCha20Poly1305
--
-- The former has a smaller nounce (96-bits) than the latter
-- (192-bits) and hence there is a slight risk in using it with
-- randomly generated nounces. It is however, slightly faster and is
-- safe to use when there is frequent key resets as in the case of
-- network protocols. As with other cases we recommend the use of the
-- default interface instead of the specific one when ever possible.