An occasionally pure, monadic interface to AES
- type AES s a = AEST (ST s) a
- type AEST m a = ReaderT AESCtx (WriterT ByteString m) a
- data Mode
- data Direction
- class Cryptable a where
- runAEST :: MonadUnsafeIO m => Mode -> ByteString -> ByteString -> Direction -> AEST m a -> m (a, ByteString)
- runAES :: Mode -> ByteString -> ByteString -> Direction -> (forall s. AES s a) -> (a, ByteString)
Modes ECB and CBC can only handle full 16-byte frames. This means the length of every strict bytestring passed in must be a multiple of 16; when using lazy bytestrings, its component strict bytestrings must all satisfy this.
Other modes can handle bytestrings of any length. However, encrypting a bytestring of length 5 and then one of length 4 is not the same operation as encrypting a single bytestring of length 9; they are internally padded to a multiple of 16 bytes.
For OFB and CTR, Encrypt and Decrypt are the same operation. For CTR, the IV is the initial value of the counter.
A class of things that can be crypted
The crypt function returns incremental results as well as appending them to the result bytestring.
|:: MonadUnsafeIO m|
The AES key - 16, 24 or 32 bytes
The IV, 16 bytes
|-> AEST m a|
|-> m (a, ByteString)|
Run an AES computation