-- | -- -- Module : Raaz -- Description : High level, type safe, cryptographic library -- Copyright : (c) Piyush P Kurur, 2016 -- License : Apache-2.0 OR BSD-3-Clause -- Maintainer : Piyush P Kurur <ppk@iitpkd.ac.in> -- Stability : experimental -- module Raaz ( -- * Getting started -- $intro$ -- * Supported Cryptographic operations -- $operations$ -- module Raaz.Digest , module Raaz.Auth , module Raaz.AuthEncrypt , module Raaz.Random -- ** Textual and Binary representation -- $textual$ , module Raaz.Core.Encode -- ** Core types and operations of raaz , Key, Nounce, withMemory, withSecureMemory -- * Library information. , version ) where import qualified Paths_raaz as P import Data.Version (Version) import Raaz.Core ( Key, Nounce, withMemory, withSecureMemory) import Raaz.Core.Encode import Raaz.Digest import Raaz.Auth import Raaz.AuthEncrypt import Raaz.Random -- $intro$ -- -- Raaz is a cryptographic library that provides an easy to use, type -- safe interface for cryptographic applications. Applications can get -- their cryptography wrong and this can have disastrous consequences. -- This can be due to the wrong choices of the underlying -- cryptographic primitives, or due to ignoring certain implementation -- details (reusing the key, nounce pair). To prevent this kind of -- issues, raaz, like other modern libraries, give a very high level -- interface with the library taking the responsibility of selecting -- sane primitives and their correct usages. The recommended usage -- there is to import the top level module and get going. -- -- > module Main where -- > -- > import Raaz -- > -- -- In addition, raaz makes use of the type system of Haskell to give -- additional guarantees: -- -- [Type safety:] Instead of representing cryptographic data as plain -- strings, raaz uses distinct types for semantically distinct -- cryptographic data. If the user inadvertently compares a -- 'Raaz.Sha512.Sha512' digest with a `Raaz.Blake2b.Blake2b` digest, -- the compiler will flag this as an error. Compare this with the -- situation in many libraries where both these are just 512-bit -- quantities. -- -- [Timing safe equality:] All cryptographically sensitive data have -- timing safe equality operation `==`. The default comparison is -- therefore safe and we encourage its use. Compare this with many -- other libraries where one has to remember to use specific functions -- sanitised timing safe comparisons. -- -- [Locked memory:] The interface to locked memory is provided through -- the combinators `withMemory` and `withSecureMemory`. These -- combinators take any IO action that expects a memory element -- (captured by the class `Memory`) and runs it by providing such an -- element. The underlying memory buffer is zeroed at the end of the -- action. In addition, `withSecureMeory` ensures that the memory -- allocated for the memory element is locked (and hence not swapped -- out). This gives a relatively higher level interface for locked -- memory. A word of caution though. Interfaces that directly deal -- with memory elements should be considered low-level code and should -- better be left to advanced users. Furthermore certain usages, -- particularly those that involve reading pure values out of the -- memory element, are problematic and a lot of caution needs to be -- employed when using this interface. -- -- $operations$ -- -- The raaz library provides the following cryptographic operations. -- -- [Message Digest:] Compute a short summary of a message that can act -- as an integrity check for the message. A computationally bound -- adversary cannot create two distinct messages with the same -- digest. It /does not/ ensure authentication. -- -- [Message Authentication:] In addition to integrity, we often want -- to ensure that a particular message has indeed come from a know -- peer (with whom we share a secret). Message authentication is for -- this purpose. It however, does not ensure privacy -- -- [Message Locking:] In addition to authentication, often we want to -- ensure that the message is private, i.e. no one other than the -- originator (with whom we share a secret) should be able to know the -- contents of our communication. Message lock (via authenticated encryption) -- is for this purpose. -- -- [Cryptographically secure random data:] We also have an interface to -- provide cryptographically secure bytes/data. -- -- For detailed information on the api supported, please consult the -- documentation of the individual modules. -- $textual$ -- -- Many cryptographic types exposed from this library like hashes, -- message authentication, keys and nounces can be converted from/to -- their textual representation (via the `Show`, `IsString` instances) -- as well as binary representation (via their `Encodable` instance). -- -- == WARNING: textual/binary encoding are not type safe -- -- A user of the raaz library should use the explicit data types -- instead of their encodings. There are a few security consequences -- of violating this principle -- -- 1. The `IsString` instance means that we represent values as string -- within program source (via OverloadedStrings). Do not do this unless -- it is to write unit tests as this can result in runtime bugs. -- -- 2. Timing safe comparison will get compromised if one compares the -- encodings (bytestring) instead of the types themselves -- | Raaz library version number. version :: Version version :: Version version = Version P.version