-- |
-- Module      : Amazonka.Crypto
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : provisional
-- Portability : non-portable (GHC extensions)
module Amazonka.Crypto
  ( -- * HMAC
    Key,
    hmacSHA1,
    hmacSHA256,

    -- * Hashing
    hashSHA1,
    hashSHA256,
    hashMD5,
    Hash.hash,
    --- * Incremental Hashing
    sinkSHA256,
    sinkMD5,

    -- * Re-exported
    Hash.HashAlgorithm,
    Hash.Digest,
    Hash.SHA256,
    Hash.MD5,
  )
where

import Amazonka.Prelude
import qualified Crypto.Hash as Hash
import qualified Crypto.MAC.HMAC as HMAC
import Data.ByteArray (ByteArrayAccess)
import Data.Conduit (ConduitM)
import qualified Data.Conduit as Conduit

type Key = ByteString

hmacSHA1 :: ByteArrayAccess a => Key -> a -> HMAC.HMAC Hash.SHA1
hmacSHA1 :: forall a. ByteArrayAccess a => Key -> a -> HMAC SHA1
hmacSHA1 = forall key message a.
(ByteArrayAccess key, ByteArrayAccess message, HashAlgorithm a) =>
key -> message -> HMAC a
HMAC.hmac

hmacSHA256 :: ByteArrayAccess a => Key -> a -> HMAC.HMAC Hash.SHA256
hmacSHA256 :: forall a. ByteArrayAccess a => Key -> a -> HMAC SHA256
hmacSHA256 = forall key message a.
(ByteArrayAccess key, ByteArrayAccess message, HashAlgorithm a) =>
key -> message -> HMAC a
HMAC.hmac

hashSHA1 :: ByteArrayAccess a => a -> Hash.Digest Hash.SHA1
hashSHA1 :: forall a. ByteArrayAccess a => a -> Digest SHA1
hashSHA1 = forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
Hash.hashWith SHA1
Hash.SHA1

hashSHA256 :: ByteArrayAccess a => a -> Hash.Digest Hash.SHA256
hashSHA256 :: forall a. ByteArrayAccess a => a -> Digest SHA256
hashSHA256 = forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
Hash.hashWith SHA256
Hash.SHA256

hashMD5 :: ByteArrayAccess a => a -> Hash.Digest Hash.MD5
hashMD5 :: forall a. ByteArrayAccess a => a -> Digest MD5
hashMD5 = forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
Hash.hashWith MD5
Hash.MD5

-- | Incrementally calculate a 'MD5' 'Digest'.
sinkMD5 :: Monad m => ConduitM ByteString o m (Hash.Digest Hash.MD5)
sinkMD5 :: forall (m :: * -> *) o. Monad m => ConduitM Key o m (Digest MD5)
sinkMD5 = forall (m :: * -> *) a o.
(Monad m, HashAlgorithm a) =>
ConduitM Key o m (Digest a)
sinkHash

-- | Incrementally calculate a 'SHA256' 'Digest'.
sinkSHA256 :: Monad m => ConduitM ByteString o m (Hash.Digest Hash.SHA256)
sinkSHA256 :: forall (m :: * -> *) o. Monad m => ConduitM Key o m (Digest SHA256)
sinkSHA256 = forall (m :: * -> *) a o.
(Monad m, HashAlgorithm a) =>
ConduitM Key o m (Digest a)
sinkHash

-- | A crypton-compatible incremental hash sink.
sinkHash ::
  ( Monad m,
    Hash.HashAlgorithm a
  ) =>
  ConduitM ByteString o m (Hash.Digest a)
sinkHash :: forall (m :: * -> *) a o.
(Monad m, HashAlgorithm a) =>
ConduitM Key o m (Digest a)
sinkHash = forall {m :: * -> *} {a} {ba} {o}.
(Monad m, HashAlgorithm a, ByteArrayAccess ba) =>
Context a -> ConduitT ba o m (Digest a)
sink forall a. HashAlgorithm a => Context a
Hash.hashInit
  where
    sink :: Context a -> ConduitT ba o m (Digest a)
sink Context a
ctx = do
      Maybe ba
mbs <- forall (m :: * -> *) i o. Monad m => ConduitT i o m (Maybe i)
Conduit.await

      case Maybe ba
mbs of
        Maybe ba
Nothing -> forall (f :: * -> *) a. Applicative f => a -> f a
pure forall a b. (a -> b) -> a -> b
$! forall a. HashAlgorithm a => Context a -> Digest a
Hash.hashFinalize Context a
ctx
        Just ba
bs -> Context a -> ConduitT ba o m (Digest a)
sink forall a b. (a -> b) -> a -> b
$! forall ba a.
(ByteArrayAccess ba, HashAlgorithm a) =>
Context a -> ba -> Context a
Hash.hashUpdate Context a
ctx ba
bs