Safe Haskell | None |
---|---|
Language | Haskell2010 |
Synopsis
- type PublicKey a = SizedByteArray CRYPTO_SIGN_PUBLICKEYBYTES a
- toPublicKey :: ByteArrayAccess bytes => bytes -> Maybe (PublicKey bytes)
- type SecretKey a = SizedByteArray CRYPTO_SIGN_SECRETKEYBYTES a
- toSecretKey :: ByteArrayAccess bytes => bytes -> Maybe (SecretKey bytes)
- keypair :: IO (PublicKey ByteString, SecretKey ScrubbedBytes)
- create :: (ByteArrayAccess skBytes, ByteArrayAccess ptBytes, ByteArray ctBytes) => SecretKey skBytes -> ptBytes -> ctBytes
- open :: (ByteArrayAccess pkBytes, ByteArray ptBytes, ByteArrayAccess ctBytes) => PublicKey pkBytes -> ctBytes -> Maybe ptBytes
Documentation
type PublicKey a = SizedByteArray CRYPTO_SIGN_PUBLICKEYBYTES a Source #
Public key that can be used for verifyiing a signature.
This type is parametrised by the actual data type that contains
bytes. This can be, for example, a ByteString
.
toPublicKey :: ByteArrayAccess bytes => bytes -> Maybe (PublicKey bytes) Source #
Convert bytes to a public key.
type SecretKey a = SizedByteArray CRYPTO_SIGN_SECRETKEYBYTES a Source #
Secret key that can be used for creating a signature.
This type is parametrised by the actual data type that contains
bytes. This can be, for example, a ByteString
, but, since this
is a secret key, it is better to use ScrubbedBytes
.
toSecretKey :: ByteArrayAccess bytes => bytes -> Maybe (SecretKey bytes) Source #
Convert bytes to a secret key.
keypair :: IO (PublicKey ByteString, SecretKey ScrubbedBytes) Source #
Generate a new SecretKey
together with its PublicKey
.
Note: this function is not thread-safe (since the underlying
C function is not thread-safe both in Sodium and in NaCl)!
Either make sure there are no concurrent calls or see
Crypto.Init
in
crypto-sodium
to learn how to make this function thread-safe.
:: (ByteArrayAccess skBytes, ByteArrayAccess ptBytes, ByteArray ctBytes) | |
=> SecretKey skBytes | Signer’s secret key |
-> ptBytes | Message to sign |
-> ctBytes |
Sign a message.
signed = Sign.create sk message
sk
is the signer’s secret key, used for authentication.This is generated using
keypair
and the public part of the key needs to be given to the verifying party in advance.message
is the data you are signing.
This function will copy the message to a new location
and add a signature, so that open
will refuce to verify it.
:: (ByteArrayAccess pkBytes, ByteArray ptBytes, ByteArrayAccess ctBytes) | |
=> PublicKey pkBytes | Signer’s public key |
-> ctBytes | Signed message |
-> Maybe ptBytes |
Verify a signature.
verified = Sign.open pk signed
pk
is the signer’s public key.signed
is the output ofcreate
.
This function will return Nothing
if the signature on the message
is invalid.