Safe Haskell | Safe-Inferred |
---|---|
Language | GHC2021 |
You will need to import this module if you are planning to define an
Encryption
scheme other than the defaults provided by this library.
Synopsis
- class (KnownNat (KeyLength e), Eq (Key e)) => Encryption (e :: k) where
- data Key e :: Type
- type KeyLength e :: Natural
- data Encrypt e :: Type
- data Decrypt e :: Type
- genKey :: MonadRandom m => m (Key e)
- keyFromBytes :: ByteArrayAccess raw => raw -> Either String (Key e)
- keyToBytes :: ByteArrayN (KeyLength e) raw => Key e -> raw
- initial :: MonadRandom m => Key e -> m (Encrypt e, Decrypt e)
- advance :: Encrypt e -> Encrypt e
- encrypt :: Encrypt e -> ByteString -> ByteString
- decrypt :: Decrypt e -> ByteString -> Either String ByteString
- autoKeyFileBase16 :: forall e m. (Encryption e, MonadIO m) => FilePath -> m (Key e)
- readKeyFileBase16 :: forall e m. (Encryption e, MonadIO m) => FilePath -> m (Key e)
- readKeyFile :: forall e m. (Encryption e, MonadIO m) => (ScrubbedBytes -> Either String ScrubbedBytes) -> FilePath -> m (Key e)
- writeKeyFile :: forall e m. (Encryption e, MonadIO m) => (SizedByteArray (KeyLength e) ScrubbedBytes -> ScrubbedBytes) -> FilePath -> Key e -> m ()
Documentation
class (KnownNat (KeyLength e), Eq (Key e)) => Encryption (e :: k) where Source #
Encryption method.
Key used for encryption. You can obtain an initial random
Key
using genKey
. As long as you have access to
said Key
, you will be able to decrypt data previously
encrypted with it. For this reason, be sure to save and load the key
using keyToBytes
and keyFromBytes
.
type KeyLength e :: Natural Source #
Statically known Key
length.
data Encrypt e :: Type Source #
Encryption context used by encrypt
.
data Decrypt e :: Type Source #
Decryption context used by decrypt
.
genKey :: MonadRandom m => m (Key e) Source #
Generate a random encryption Key
.
keyFromBytes :: ByteArrayAccess raw => raw -> Either String (Key e) Source #
Load a Key
from its bytes representation, if possible.
keyToBytes :: ByteArrayN (KeyLength e) raw => Key e -> raw Source #
Dump the bytes representation of a Key
.
initial :: MonadRandom m => Key e -> m (Encrypt e, Decrypt e) Source #
Generate initial Encrypt
ion and Decrypt
ion context for a Key
.
The Encrypt
ion context could carry for example the next
randomly generated nonce to use for encrypt
ion, the Key
itself or its derivative used during the actual encrypt
ion
process, or a deterministic random number generator.
The Decrypt
ion context could carry for example the Key
itself or its
derivative used during the decrypt
ion process.
advance :: Encrypt e -> Encrypt e Source #
After each encrypt
ion, the Encrypt
ion context will be automatically
advance
d through this function. For example, if your Encrypt
ion
context carries a nonce or a deterministic random number generator,
this is the place to update them.
encrypt :: Encrypt e -> ByteString -> ByteString Source #
Encrypt a plaintext message according to the Encrypt
ion context.
decrypt :: Decrypt e -> ByteString -> Either String ByteString Source #
Instances
Encryption "AEAD_AES_128_GCM_SIV" Source # |
|
Defined in Wai.CryptoCookie.Encryption.AEAD_AES_128_GCM_SIV data Key "AEAD_AES_128_GCM_SIV" Source # type KeyLength "AEAD_AES_128_GCM_SIV" :: Natural Source # genKey :: MonadRandom m => m (Key "AEAD_AES_128_GCM_SIV") Source # keyFromBytes :: ByteArrayAccess raw => raw -> Either String (Key "AEAD_AES_128_GCM_SIV") Source # keyToBytes :: ByteArrayN (KeyLength "AEAD_AES_128_GCM_SIV") raw => Key "AEAD_AES_128_GCM_SIV" -> raw Source # initial :: MonadRandom m => Key "AEAD_AES_128_GCM_SIV" -> m (Encrypt "AEAD_AES_128_GCM_SIV", Decrypt "AEAD_AES_128_GCM_SIV") Source # advance :: Encrypt "AEAD_AES_128_GCM_SIV" -> Encrypt "AEAD_AES_128_GCM_SIV" Source # encrypt :: Encrypt "AEAD_AES_128_GCM_SIV" -> ByteString -> ByteString Source # decrypt :: Decrypt "AEAD_AES_128_GCM_SIV" -> ByteString -> Either String ByteString Source # | |
Encryption "AEAD_AES_256_GCM_SIV" Source # |
|
Defined in Wai.CryptoCookie.Encryption.AEAD_AES_256_GCM_SIV data Key "AEAD_AES_256_GCM_SIV" Source # type KeyLength "AEAD_AES_256_GCM_SIV" :: Natural Source # genKey :: MonadRandom m => m (Key "AEAD_AES_256_GCM_SIV") Source # keyFromBytes :: ByteArrayAccess raw => raw -> Either String (Key "AEAD_AES_256_GCM_SIV") Source # keyToBytes :: ByteArrayN (KeyLength "AEAD_AES_256_GCM_SIV") raw => Key "AEAD_AES_256_GCM_SIV" -> raw Source # initial :: MonadRandom m => Key "AEAD_AES_256_GCM_SIV" -> m (Encrypt "AEAD_AES_256_GCM_SIV", Decrypt "AEAD_AES_256_GCM_SIV") Source # advance :: Encrypt "AEAD_AES_256_GCM_SIV" -> Encrypt "AEAD_AES_256_GCM_SIV" Source # encrypt :: Encrypt "AEAD_AES_256_GCM_SIV" -> ByteString -> ByteString Source # decrypt :: Decrypt "AEAD_AES_256_GCM_SIV" -> ByteString -> Either String ByteString Source # |
autoKeyFileBase16 :: forall e m. (Encryption e, MonadIO m) => FilePath -> m (Key e) Source #
readKeyFileBase16 :: forall e m. (Encryption e, MonadIO m) => FilePath -> m (Key e) Source #
Read a base-16 encoded Key
from a file. Ignores trailing newlines.
:: forall e m. (Encryption e, MonadIO m) | |
=> (ScrubbedBytes -> Either String ScrubbedBytes) | Convert the raw content of the file into input suitable
for |
-> FilePath | |
-> m (Key e) |
Read a Key
from a file.
:: forall e m. (Encryption e, MonadIO m) | |
=> (SizedByteArray (KeyLength e) ScrubbedBytes -> ScrubbedBytes) | Convert the raw |
-> FilePath | |
-> Key e | |
-> m () |
Save a key to a file.