| Copyright | (c) Joseph Abrahamson 2013 |
|---|---|
| License | MIT |
| Maintainer | max@lambdalifting.org |
| Stability | experimental |
| Portability | non-portable |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Crypto.Saltine.Core.SecretBox
Description
Secret-key authenticated encryption: Crypto.Saltine.Core.SecretBox
The secretbox function encrypts and authenticates a message
ByteString using a secret key and a nonce. The secretboxOpen
function verifies and decrypts a ciphertext ByteString using a
secret key and a nonce. If the ciphertext fails validation,
secretboxOpen returns Nothing.
The Crypto.Saltine.Core.SecretBox module is designed to meet the standard notions of privacy and authenticity for a secret-key authenticated-encryption scheme using nonces. For formal definitions see, e.g., Bellare and Namprempre, "Authenticated encryption: relations among notions and analysis of the generic composition paradigm," Lecture Notes in Computer Science 1976 (2000), 531–545, http://www-cse.ucsd.edu/~mihir/papers/oem.html.
Note that the length is not hidden. Note also that it is the caller's responsibility to ensure the uniqueness of nonces—for example, by using nonce 1 for the first message, nonce 2 for the second message, etc. Nonces are long enough that randomly generated nonces have negligible risk of collision.
Crypto.Saltine.Core.SecretBox is
crypto_secretbox_xsalsa20poly1305, a particular combination of
Salsa20 and Poly1305 specified in "Cryptography in NaCl"
(http://nacl.cr.yp.to/valid.html). This function is conjectured
to meet the standard notions of privacy and authenticity.
This is version 2010.08.30 of the secretbox.html web page.
Synopsis
- data Key
- data Nonce
- data Authenticator
- secretbox :: Key -> Nonce -> ByteString -> ByteString
- secretboxOpen :: Key -> Nonce -> ByteString -> Maybe ByteString
- secretboxDetached :: Key -> Nonce -> ByteString -> (Authenticator, ByteString)
- secretboxOpenDetached :: Key -> Nonce -> Authenticator -> ByteString -> Maybe ByteString
- newKey :: IO Key
- newNonce :: IO Nonce
Documentation
An opaque secretbox cryptographic key.
Instances
| Data Key Source # | |
Defined in Crypto.Saltine.Internal.SecretBox Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> Key -> c Key # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c Key # dataTypeOf :: Key -> DataType # dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c Key) # dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Key) # gmapT :: (forall b. Data b => b -> b) -> Key -> Key # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> Key -> r # gmapQr :: forall r r'. (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> Key -> r # gmapQ :: (forall d. Data d => d -> u) -> Key -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> Key -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> Key -> m Key # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> Key -> m Key # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> Key -> m Key # | |
| Generic Key Source # | |
| Show Key Source # | |
| NFData Key Source # | |
Defined in Crypto.Saltine.Internal.SecretBox | |
| Eq Key Source # | |
| Ord Key Source # | |
| Hashable Key Source # | |
Defined in Crypto.Saltine.Internal.SecretBox | |
| IsEncoding Key Source # | |
Defined in Crypto.Saltine.Internal.SecretBox Methods encode :: Key -> ByteString Source # decode :: ByteString -> Maybe Key Source # encoded :: (Choice p, Applicative f) => p Key (f Key) -> p ByteString (f ByteString) Source # | |
| type Rep Key Source # | |
Defined in Crypto.Saltine.Internal.SecretBox type Rep Key = D1 ('MetaData "Key" "Crypto.Saltine.Internal.SecretBox" "saltine-0.2.1.0-inplace" 'True) (C1 ('MetaCons "Key" 'PrefixI 'True) (S1 ('MetaSel ('Just "unKey") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 ByteString))) | |
An opaque secretbox nonce.
Instances
| Data Nonce Source # | |
Defined in Crypto.Saltine.Internal.SecretBox Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> Nonce -> c Nonce # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c Nonce # dataTypeOf :: Nonce -> DataType # dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c Nonce) # dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Nonce) # gmapT :: (forall b. Data b => b -> b) -> Nonce -> Nonce # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> Nonce -> r # gmapQr :: forall r r'. (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> Nonce -> r # gmapQ :: (forall d. Data d => d -> u) -> Nonce -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> Nonce -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> Nonce -> m Nonce # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> Nonce -> m Nonce # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> Nonce -> m Nonce # | |
| Generic Nonce Source # | |
| Show Nonce Source # | |
| NFData Nonce Source # | |
Defined in Crypto.Saltine.Internal.SecretBox | |
| Eq Nonce Source # | |
| Ord Nonce Source # | |
| Hashable Nonce Source # | |
Defined in Crypto.Saltine.Internal.SecretBox | |
| IsEncoding Nonce Source # | |
Defined in Crypto.Saltine.Internal.SecretBox Methods encode :: Nonce -> ByteString Source # decode :: ByteString -> Maybe Nonce Source # encoded :: (Choice p, Applicative f) => p Nonce (f Nonce) -> p ByteString (f ByteString) Source # | |
| IsNonce Nonce Source # | |
| type Rep Nonce Source # | |
Defined in Crypto.Saltine.Internal.SecretBox type Rep Nonce = D1 ('MetaData "Nonce" "Crypto.Saltine.Internal.SecretBox" "saltine-0.2.1.0-inplace" 'True) (C1 ('MetaCons "Nonce" 'PrefixI 'True) (S1 ('MetaSel ('Just "unNonce") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 ByteString))) | |
data Authenticator Source #
An Authenticator for a Message
Instances
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Message |
| -> ByteString | Ciphertext |
Encrypts a message. It is infeasible for an attacker to decrypt
the message so long as the Nonce is never repeated.
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Ciphertext |
| -> Maybe ByteString | Message |
Decrypts a message. Returns Nothing if the keys and message do
not match.
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Message |
| -> (Authenticator, ByteString) | (Authentication Tag, Ciphertext) |
Encrypts a message. In contrast with secretbox, the result is not
serialized as one element and instead provided as an authentication tag and
ciphertext.
secretboxOpenDetached Source #
Arguments
| :: Key | |
| -> Nonce | |
| -> Authenticator | Auth Tag |
| -> ByteString | Ciphertext |
| -> Maybe ByteString | Message |
Decrypts a message. Returns Nothing if the keys and message do
not match.