saltine-0.2.0.1: Cryptography that's easy to digest (NaCl/libsodium bindings).
Copyright(c) Joseph Abrahamson 2013
LicenseMIT
Maintainermax@lambdalifting.org
Stabilityexperimental
Portabilitynon-portable
Safe HaskellNone
LanguageHaskell2010

Crypto.Saltine.Core.SecretBox

Description

Secret-key authenticated encryption: Crypto.Saltine.Core.SecretBox

The secretbox function encrypts and authenticates a message ByteString using a secret key and a nonce. The secretboxOpen function verifies and decrypts a ciphertext ByteString using a secret key and a nonce. If the ciphertext fails validation, secretboxOpen returns Nothing.

The Crypto.Saltine.Core.SecretBox module is designed to meet the standard notions of privacy and authenticity for a secret-key authenticated-encryption scheme using nonces. For formal definitions see, e.g., Bellare and Namprempre, "Authenticated encryption: relations among notions and analysis of the generic composition paradigm," Lecture Notes in Computer Science 1976 (2000), 531–545, http://www-cse.ucsd.edu/~mihir/papers/oem.html.

Note that the length is not hidden. Note also that it is the caller's responsibility to ensure the uniqueness of nonces—for example, by using nonce 1 for the first message, nonce 2 for the second message, etc. Nonces are long enough that randomly generated nonces have negligible risk of collision.

Crypto.Saltine.Core.SecretBox is crypto_secretbox_xsalsa20poly1305, a particular combination of Salsa20 and Poly1305 specified in "Cryptography in NaCl" (http://nacl.cr.yp.to/valid.html). This function is conjectured to meet the standard notions of privacy and authenticity.

This is version 2010.08.30 of the secretbox.html web page.

Synopsis

Documentation

data Key Source #

An opaque secretbox cryptographic key.

Instances

Instances details
Eq Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

(==) :: Key -> Key -> Bool #

(/=) :: Key -> Key -> Bool #

Data Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> Key -> c Key #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c Key #

toConstr :: Key -> Constr #

dataTypeOf :: Key -> DataType #

dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c Key) #

dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Key) #

gmapT :: (forall b. Data b => b -> b) -> Key -> Key #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> Key -> r #

gmapQr :: forall r r'. (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> Key -> r #

gmapQ :: (forall d. Data d => d -> u) -> Key -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> Key -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> Key -> m Key #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> Key -> m Key #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> Key -> m Key #

Ord Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

compare :: Key -> Key -> Ordering #

(<) :: Key -> Key -> Bool #

(<=) :: Key -> Key -> Bool #

(>) :: Key -> Key -> Bool #

(>=) :: Key -> Key -> Bool #

max :: Key -> Key -> Key #

min :: Key -> Key -> Key #

Show Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

showsPrec :: Int -> Key -> ShowS #

show :: Key -> String #

showList :: [Key] -> ShowS #

Generic Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Associated Types

type Rep Key :: Type -> Type #

Methods

from :: Key -> Rep Key x #

to :: Rep Key x -> Key #

NFData Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

rnf :: Key -> () #

Hashable Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

hashWithSalt :: Int -> Key -> Int #

hash :: Key -> Int #

IsEncoding Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

type Rep Key Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

type Rep Key = D1 ('MetaData "Key" "Crypto.Saltine.Internal.SecretBox" "saltine-0.2.0.1-inplace" 'True) (C1 ('MetaCons "Key" 'PrefixI 'True) (S1 ('MetaSel ('Just "unKey") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 ByteString)))

data Nonce Source #

An opaque secretbox nonce.

Instances

Instances details
Eq Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

(==) :: Nonce -> Nonce -> Bool #

(/=) :: Nonce -> Nonce -> Bool #

Data Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> Nonce -> c Nonce #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c Nonce #

toConstr :: Nonce -> Constr #

dataTypeOf :: Nonce -> DataType #

dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c Nonce) #

dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Nonce) #

gmapT :: (forall b. Data b => b -> b) -> Nonce -> Nonce #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> Nonce -> r #

gmapQr :: forall r r'. (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> Nonce -> r #

gmapQ :: (forall d. Data d => d -> u) -> Nonce -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> Nonce -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> Nonce -> m Nonce #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> Nonce -> m Nonce #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> Nonce -> m Nonce #

Ord Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

compare :: Nonce -> Nonce -> Ordering #

(<) :: Nonce -> Nonce -> Bool #

(<=) :: Nonce -> Nonce -> Bool #

(>) :: Nonce -> Nonce -> Bool #

(>=) :: Nonce -> Nonce -> Bool #

max :: Nonce -> Nonce -> Nonce #

min :: Nonce -> Nonce -> Nonce #

Show Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

showsPrec :: Int -> Nonce -> ShowS #

show :: Nonce -> String #

showList :: [Nonce] -> ShowS #

Generic Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Associated Types

type Rep Nonce :: Type -> Type #

Methods

from :: Nonce -> Rep Nonce x #

to :: Rep Nonce x -> Nonce #

NFData Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

rnf :: Nonce -> () #

Hashable Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

hashWithSalt :: Int -> Nonce -> Int #

hash :: Nonce -> Int #

IsNonce Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

IsEncoding Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

type Rep Nonce Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

type Rep Nonce = D1 ('MetaData "Nonce" "Crypto.Saltine.Internal.SecretBox" "saltine-0.2.0.1-inplace" 'True) (C1 ('MetaCons "Nonce" 'PrefixI 'True) (S1 ('MetaSel ('Just "unNonce") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 ByteString)))

data Authenticator Source #

An Authenticator for a Message

Instances

Instances details
Eq Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Data Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> Authenticator -> c Authenticator #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c Authenticator #

toConstr :: Authenticator -> Constr #

dataTypeOf :: Authenticator -> DataType #

dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c Authenticator) #

dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Authenticator) #

gmapT :: (forall b. Data b => b -> b) -> Authenticator -> Authenticator #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> Authenticator -> r #

gmapQr :: forall r r'. (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> Authenticator -> r #

gmapQ :: (forall d. Data d => d -> u) -> Authenticator -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> Authenticator -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> Authenticator -> m Authenticator #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> Authenticator -> m Authenticator #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> Authenticator -> m Authenticator #

Ord Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Show Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Generic Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Associated Types

type Rep Authenticator :: Type -> Type #

NFData Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

Methods

rnf :: Authenticator -> () #

Hashable Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

IsEncoding Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

type Rep Authenticator Source # 
Instance details

Defined in Crypto.Saltine.Internal.SecretBox

type Rep Authenticator = D1 ('MetaData "Authenticator" "Crypto.Saltine.Internal.SecretBox" "saltine-0.2.0.1-inplace" 'True) (C1 ('MetaCons "Au" 'PrefixI 'True) (S1 ('MetaSel ('Just "unAu") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 ByteString)))

secretbox Source #

Arguments

:: Key 
-> Nonce 
-> ByteString

Message

-> ByteString

Ciphertext

Encrypts a message. It is infeasible for an attacker to decrypt the message so long as the Nonce is never repeated.

secretboxOpen Source #

Arguments

:: Key 
-> Nonce 
-> ByteString

Ciphertext

-> Maybe ByteString

Message

Decrypts a message. Returns Nothing if the keys and message do not match.

secretboxDetached Source #

Arguments

:: Key 
-> Nonce 
-> ByteString

Message

-> (Authenticator, ByteString)

(Authentication Tag, Ciphertext)

Encrypts a message. In contrast with secretbox, the result is not serialized as one element and instead provided as an authentication tag and ciphertext.

secretboxOpenDetached Source #

Arguments

:: Key 
-> Nonce 
-> Authenticator

Auth Tag

-> ByteString

Ciphertext

-> Maybe ByteString

Message

Decrypts a message. Returns Nothing if the keys and message do not match.

newKey :: IO Key Source #

Creates a random key of the correct size for secretbox.

newNonce :: IO Nonce Source #

Creates a random nonce of the correct size for secretbox.