License | BSD-style |
---|---|
Maintainer | Vincent Hanquez <vincent@snarc.org> |
Stability | Stable |
Portability | Excellent |
Safe Haskell | None |
Language | Haskell2010 |
symmetric cipher basic types
- class Cipher cipher where
- cipherInit :: ByteArray key => key -> CryptoFailable cipher
- cipherName :: cipher -> String
- cipherKeySize :: cipher -> KeySizeSpecifier
- class Cipher cipher => BlockCipher cipher where
- blockSize :: cipher -> Int
- ecbEncrypt :: ByteArray ba => cipher -> ba -> ba
- ecbDecrypt :: ByteArray ba => cipher -> ba -> ba
- cbcEncrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba
- cbcDecrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba
- cfbEncrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba
- cfbDecrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba
- ctrCombine :: ByteArray ba => cipher -> IV cipher -> ba -> ba
- aeadInit :: ByteArrayAccess iv => AEADMode -> cipher -> iv -> CryptoFailable (AEAD cipher)
- class BlockCipher cipher => BlockCipher128 cipher where
- xtsEncrypt :: ByteArray ba => (cipher, cipher) -> IV cipher -> DataUnitOffset -> ba -> ba
- xtsDecrypt :: ByteArray ba => (cipher, cipher) -> IV cipher -> DataUnitOffset -> ba -> ba
- class Cipher cipher => StreamCipher cipher where
- streamCombine :: ByteArray ba => cipher -> ba -> (ba, cipher)
- type DataUnitOffset = Word32
- data KeySizeSpecifier
- = KeySizeRange Int Int
- | KeySizeEnum [Int]
- | KeySizeFixed Int
- data AEADMode
- data AEADModeImpl st = AEADModeImpl {
- aeadImplAppendHeader :: forall ba. ByteArrayAccess ba => st -> ba -> st
- aeadImplEncrypt :: forall ba. ByteArray ba => st -> ba -> (ba, st)
- aeadImplDecrypt :: forall ba. ByteArray ba => st -> ba -> (ba, st)
- aeadImplFinalize :: st -> Int -> AuthTag
- data AEAD cipher = forall st . AEAD {
- aeadModeImpl :: AEADModeImpl st
- aeadState :: st
- aeadAppendHeader :: ByteArrayAccess aad => AEAD cipher -> aad -> AEAD cipher
- aeadEncrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher)
- aeadDecrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher)
- aeadFinalize :: AEAD cipher -> Int -> AuthTag
- aeadSimpleEncrypt :: (ByteArrayAccess aad, ByteArray ba) => AEAD a -> aad -> ba -> Int -> (AuthTag, ba)
- aeadSimpleDecrypt :: (ByteArrayAccess aad, ByteArray ba) => AEAD a -> aad -> ba -> AuthTag -> Maybe ba
- data IV c
- makeIV :: (ByteArrayAccess b, BlockCipher c) => b -> Maybe (IV c)
- nullIV :: BlockCipher c => IV c
- ivAdd :: BlockCipher c => IV c -> Int -> IV c
- newtype AuthTag = AuthTag {}
Cipher classes
class Cipher cipher where Source
Symmetric cipher class.
cipherInit :: ByteArray key => key -> CryptoFailable cipher Source
Initialize a cipher context from a key
cipherName :: cipher -> String Source
Cipher name
cipherKeySize :: cipher -> KeySizeSpecifier Source
return the size of the key required for this cipher. Some cipher accept any size for key
class Cipher cipher => BlockCipher cipher where Source
Symmetric block cipher class
blockSize :: cipher -> Int Source
Return the size of block required for this block cipher
ecbEncrypt :: ByteArray ba => cipher -> ba -> ba Source
Encrypt blocks
the input string need to be multiple of the block size
ecbDecrypt :: ByteArray ba => cipher -> ba -> ba Source
Decrypt blocks
the input string need to be multiple of the block size
cbcEncrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source
encrypt using the CBC mode.
input need to be a multiple of the blocksize
cbcDecrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source
decrypt using the CBC mode.
input need to be a multiple of the blocksize
cfbEncrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source
encrypt using the CFB mode.
input need to be a multiple of the blocksize
cfbDecrypt :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source
decrypt using the CFB mode.
input need to be a multiple of the blocksize
ctrCombine :: ByteArray ba => cipher -> IV cipher -> ba -> ba Source
combine using the CTR mode.
CTR mode produce a stream of randomized data that is combined (by XOR operation) with the input stream.
encryption and decryption are the same operation.
input can be of any size
aeadInit :: ByteArrayAccess iv => AEADMode -> cipher -> iv -> CryptoFailable (AEAD cipher) Source
Initialize a new AEAD State
When Nothing is returns, it means the mode is not handled.
class BlockCipher cipher => BlockCipher128 cipher where Source
class of block cipher with a 128 bits block size
Nothing
:: ByteArray ba | |
=> (cipher, cipher) | |
-> IV cipher | Usually represent the Data Unit (e.g. disk sector) |
-> DataUnitOffset | Offset in the data unit in number of blocks |
-> ba | Plaintext |
-> ba | Ciphertext |
encrypt using the XTS mode.
input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only
:: ByteArray ba | |
=> (cipher, cipher) | |
-> IV cipher | Usually represent the Data Unit (e.g. disk sector) |
-> DataUnitOffset | Offset in the data unit in number of blocks |
-> ba | Ciphertext |
-> ba | Plaintext |
decrypt using the XTS mode.
input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only
class Cipher cipher => StreamCipher cipher where Source
Symmetric stream cipher class
streamCombine :: ByteArray ba => cipher -> ba -> (ba, cipher) Source
Combine using the stream cipher
type DataUnitOffset = Word32 Source
Offset inside an XTS data unit, measured in block size.
data KeySizeSpecifier Source
Different specifier for key size in bytes
KeySizeRange Int Int | in the range [min,max] |
KeySizeEnum [Int] | one of the specified values |
KeySizeFixed Int | a specific size |
AEAD functions
data AEADModeImpl st Source
AEAD Implementation
AEADModeImpl | |
|
Authenticated Encryption with Associated Data algorithms
forall st . AEAD | |
|
aeadAppendHeader :: ByteArrayAccess aad => AEAD cipher -> aad -> AEAD cipher Source
Append some header information to an AEAD context
aeadEncrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher) Source
Encrypt some data and update the AEAD context
aeadDecrypt :: ByteArray ba => AEAD cipher -> ba -> (ba, AEAD cipher) Source
Decrypt some data and update the AEAD context
aeadFinalize :: AEAD cipher -> Int -> AuthTag Source
Finalize the AEAD context and return the authentication tag
:: (ByteArrayAccess aad, ByteArray ba) | |
=> AEAD a | A new AEAD Context |
-> aad | Optional Authentication data header |
-> ba | Optional Plaintext |
-> Int | Tag length |
-> (AuthTag, ba) | Authentication tag and ciphertext |
Simple AEAD encryption
:: (ByteArrayAccess aad, ByteArray ba) | |
=> AEAD a | A new AEAD Context |
-> aad | Optional Authentication data header |
-> ba | Ciphertext |
-> AuthTag | The authentication tag |
-> Maybe ba | Plaintext |
Simple AEAD decryption
Initial Vector type and constructor
makeIV :: (ByteArrayAccess b, BlockCipher c) => b -> Maybe (IV c) Source
Create an IV for a specified block cipher
nullIV :: BlockCipher c => IV c Source
Create an IV that is effectively representing the number 0
ivAdd :: BlockCipher c => IV c -> Int -> IV c Source
Increment an IV by a number.
Assume the IV is in Big Endian format.