cryptocipher-0.6.2: Symmetrical block and stream ciphers.

Portabilitygood
Stabilitystable
MaintainerVincent Hanquez <vincent@snarc.org>
Safe HaskellNone

Crypto.Cipher

Contents

Description

All the cipher functionalities are available through the BlockCipher and StreamCipher classes.

A simplified example (with simplified error handling): 

 import Crypto.Cipher
 import Data.ByteString (ByteString)
 import qualified Data.ByteString as B

 initAES256 :: ByteString -> AES256
 initAES256 = either (error . show) cipherInit . makeKey

 cbcEncryption :: AES256 -> ByteString -> ByteString -> ByteString
 cbcEncryption ctx ivRaw plainText = cbcEncrypt ctx iv plainText
   where iv = maybe (error "invalid IV") id $ ivRaw

Synopsis

Cipher classes

class Cipher cipher where

Symmetric cipher class.

Methods

cipherInit :: Key cipher -> cipher

Initialize a cipher context from a key

cipherName :: cipher -> String

Cipher name

cipherKeySize :: cipher -> KeySizeSpecifier

return the size of the key required for this cipher. Some cipher accept any size for key

Instances

class Cipher cipher => BlockCipher cipher where

Symmetric block cipher class

Methods

blockSize :: cipher -> Int

Return the size of block required for this block cipher

ecbEncrypt :: cipher -> ByteString -> ByteString

Encrypt blocks

the input string need to be multiple of the block size

ecbDecrypt :: cipher -> ByteString -> ByteString

Decrypt blocks

the input string need to be multiple of the block size

cbcEncrypt :: cipher -> IV cipher -> ByteString -> ByteString

encrypt using the CBC mode.

input need to be a multiple of the blocksize

cbcDecrypt :: cipher -> IV cipher -> ByteString -> ByteString

decrypt using the CBC mode.

input need to be a multiple of the blocksize

cfbEncrypt :: cipher -> IV cipher -> ByteString -> ByteString

encrypt using the CFB mode.

input need to be a multiple of the blocksize

cfbDecrypt :: cipher -> IV cipher -> ByteString -> ByteString

decrypt using the CFB mode.

input need to be a multiple of the blocksize

ctrCombine :: cipher -> IV cipher -> ByteString -> ByteString

combine using the CTR mode.

CTR mode produce a stream of randomized data that is combined (by XOR operation) with the input stream.

encryption and decryption are the same operation.

input can be of any size

xtsEncrypt

Arguments

:: (cipher, cipher) 
-> IV cipher

Usually represent the Data Unit (e.g. disk sector)

-> DataUnitOffset

Offset in the data unit in number of blocks

-> ByteString

Plaintext

-> ByteString

Ciphertext

encrypt using the XTS mode.

input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only

xtsDecrypt

Arguments

:: (cipher, cipher) 
-> IV cipher

Usually represent the Data Unit (e.g. disk sector)

-> DataUnitOffset

Offset in the data unit in number of blocks

-> ByteString

Ciphertext

-> ByteString

Plaintext

decrypt using the XTS mode.

input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only

aeadInit :: Byteable iv => AEADMode -> cipher -> iv -> Maybe (AEAD cipher)

Initialize a new AEAD State

When Nothing is returns, it means the mode is not handled.

Instances

class Cipher cipher => StreamCipher cipher where

Symmetric stream cipher class

Methods

streamCombine :: cipher -> ByteString -> (ByteString, cipher)

Combine using the stream cipher

Key

data Key c

a Key parametrized by the cipher

Instances

Eq (Key c) 
Byteable (Key c) 
ToSecureMem (Key c) 

makeKey :: (ToSecureMem b, Cipher c) => b -> Either KeyError (Key c)

Create a Key for a specified cipher

Initialization Vector (IV)

data IV c

an IV parametrized by the cipher

Instances

Eq (IV c) 
Byteable (IV c) 

makeIV :: (Byteable b, BlockCipher c) => b -> Maybe (IV c)

Create an IV for a specified block cipher

nullIV :: BlockCipher c => IV c

Create an IV that is effectively representing the number 0

ivAdd :: BlockCipher c => IV c -> Int -> IV c

Increment an IV by a number.

Assume the IV is in Big Endian format.

Authenticated Encryption with Associated Data (AEAD)

data AEAD cipher

Authenticated Encryption with Associated Data algorithms

aeadAppendHeader :: BlockCipher a => AEAD a -> ByteString -> AEAD a

Append associated data into the AEAD state

aeadEncrypt :: BlockCipher a => AEAD a -> ByteString -> (ByteString, AEAD a)

Encrypt input and append into the AEAD state

aeadDecrypt :: BlockCipher a => AEAD a -> ByteString -> (ByteString, AEAD a)

Decrypt input and append into the AEAD state

aeadFinalize :: BlockCipher a => AEAD a -> Int -> AuthTag

Finalize the AEAD state and create an authentification tag

Cipher implementations

data AES128

AES with 128 bit key

Instances

data AES192

AES with 192 bit key

Instances

data AES256

AES with 256 bit key

Instances

data Blowfish

variable keyed blowfish state

Instances

data Blowfish64

64 bit keyed blowfish state

Instances

data Blowfish128

128 bit keyed blowfish state

Instances

data Blowfish256

256 bit keyed blowfish state

Instances

data Blowfish448

448 bit keyed blowfish state

Instances

data DES

DES Context

Instances

data DES_EEE3

3DES with 3 different keys used all in the same direction

Instances

data DES_EDE3

3DES with 3 different keys used in alternative direction

Instances

data DES_EEE2

3DES where the first and third keys are equal, used in the same direction

Instances

data DES_EDE2

3DES where the first and third keys are equal, used in alternative direction

Instances

data Camellia128

Camellia block cipher with 128 bit key

Instances