A small selection of utilities that might be of use to others working with bytestring/number combinations.
- incBS :: ByteString -> ByteString
- i2bs :: Int -> Integer -> ByteString
- i2bs_unsized :: Integer -> ByteString
- throwLeft :: Exception e => Either e a -> a
- for :: Tagged a b -> a -> b
- (.::.) :: Tagged a b -> a -> b
- constTimeEq :: ByteString -> ByteString -> Bool
- c_constTimeEq :: Ptr CChar -> Ptr CChar -> CInt -> IO CInt
- bs2i :: ByteString -> Integer
- zwp' :: ByteString -> ByteString -> ByteString
incBS bs inefficiently computes the value
i2bs (8 * B.length bs) (bs2i bs + 1)
i2bs bitLen i converts
i to a
bitLen bits (must be a multiple of 8).
i2bs_unsized i converts
i to a
ByteString of sufficient bytes to express the integer.
The integer must be non-negative and a zero will be encoded in one byte.
Useful utility to extract the result of a generator operation and translate error results to exceptions.
Checks two bytestrings for equality without breaches for timing attacks.
constTimeEq = (==). However,
x == y takes less
time when the first byte is different than when the first byte
is equal. This side channel allows an attacker to mount a
timing attack. On the other hand,
constTimeEq always takes the
same time regardless of the bytestrings' contents, unless they are
of difference size.
You should always use
constTimeEq when comparing secrets,
otherwise you may leave a significant security hole