Primitive (in IO) AES operations
Documentation
:: Mode | |
-> ByteString | A 16, 24 or 32-byte AES key |
-> ByteString | A 16-byte IV |
-> Direction | |
-> IO AESCtx |
Create an encryption/decryption context for incremental encryption/decryption
You may create an ECB context this way, in which case you may pass undefined for the IV
:: ByteString | A 16, 24 or 32-byte AES key |
-> Direction | |
-> IO AESCtx |
Create a context for ECB, which doesn't need an IV
Modes ECB and CBC can only handle full 16-byte frames. This means the length of every strict bytestring passed in must be a multiple of 16; when using lazy bytestrings, its component strict bytestrings must all satisfy this.
Other modes can handle bytestrings of any length. However, encrypting a bytestring of length 5 and then one of length 4 is not the same operation as encrypting a single bytestring of length 9; they are internally padded to a multiple of 16 bytes.
For OFB and CTR, Encrypt and Decrypt are the same operation. For CTR, the IV is the initial value of the counter.
crypt :: AESCtx -> ByteString -> IO ByteStringSource
Incrementally encrypt/decrypt bytestrings
crypt is definitely not thread-safe. Don't even think about it.