-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Fast AES encryption/decryption for bytestrings
--   
--   A zero-copy binding to Brian Gladman's AES implementation, including a
--   copy of that implementation
@package AES
@version 0.2.9


-- | Primitive (in IO) AES operations
module Codec.Crypto.AES.IO

-- | Create an encryption/decryption context for incremental
--   encryption/decryption
--   
--   You may create an ECB context this way, in which case you may pass
--   undefined for the IV
newCtx :: Mode -> ByteString -> ByteString -> Direction -> IO AESCtx

-- | Create a context for ECB, which doesn't need an IV
newECBCtx :: ByteString -> Direction -> IO AESCtx
data Direction
Encrypt :: Direction
Decrypt :: Direction

-- | Modes ECB and CBC can only handle full 16-byte frames. This means the
--   length of every strict bytestring passed in must be a multiple of 16;
--   when using lazy bytestrings, its <i>component</i> strict bytestrings
--   must all satisfy this.
--   
--   Other modes can handle bytestrings of any length. However, encrypting
--   a bytestring of length 5 and then one of length 4 is not the same
--   operation as encrypting a single bytestring of length 9; they are
--   internally padded to a multiple of 16 bytes.
--   
--   For OFB and CTR, Encrypt and Decrypt are the same operation. For CTR,
--   the IV is the initial value of the counter.
data Mode
ECB :: Mode
CBC :: Mode
CFB :: Mode
OFB :: Mode
CTR :: Mode
data AESCtx

-- | Incrementally encrypt/decrypt bytestrings
--   
--   crypt is definitely not thread-safe. Don't even think about it.
crypt :: AESCtx -> ByteString -> IO ByteString
instance Show AESKey
instance Storable DecryptCtxStruct
instance Storable EncryptCtxStruct


-- | This module provides a cryptographically secure PRNG based on AES,
--   reading the seed from <i>dev</i>urandom
module Codec.Crypto.AES.Random

-- | Randomness from a system source of nonsense such as <i>dev</i>urandom
randBytes :: Int -> IO ByteString

-- | Cryptographic pseudorandomness from an AES cipher. This function is
--   currently inefficient for non-multiple-of-16 sized bytestrings.
prandBytes :: Int -> IO ByteString

-- | A random number generator that gets its input from prandBytes,
--   ensuring purity by storing those bytes for later if you don't discard
--   the generator.
--   
--   Using split on this generator isn't supported, but could be.
--   
--   Please note that if an asynchronous exception is caught while a random
--   number is being generated, the generator will be wrecked forevermore.
data AESGen
newAESGen :: IO AESGen
instance RandomGen AESGen
instance Show AESGen


-- | Just like MonadIO, but codifying <i>unsafe</i> IO execution. Exists
--   for safety.
module Control.Monad.UnsafeIO
class Monad m => MonadUnsafeIO m
liftUnsafeIO :: MonadUnsafeIO m => IO a -> m a
instance (Monoid w, MonadUnsafeIO m) => MonadUnsafeIO (WriterT w m)
instance MonadUnsafeIO m => MonadUnsafeIO (ReaderT r m)
instance MonadUnsafeIO (ST s)
instance MonadUnsafeIO (ST s)
instance MonadUnsafeIO IO


-- | An occasionally pure, monadic interface to AES
module Codec.Crypto.AES.Monad
type AES s a = AEST (ST s) a
type AEST m a = ReaderT AESCtx (WriterT ByteString m) a

-- | Modes ECB and CBC can only handle full 16-byte frames. This means the
--   length of every strict bytestring passed in must be a multiple of 16;
--   when using lazy bytestrings, its <i>component</i> strict bytestrings
--   must all satisfy this.
--   
--   Other modes can handle bytestrings of any length. However, encrypting
--   a bytestring of length 5 and then one of length 4 is not the same
--   operation as encrypting a single bytestring of length 9; they are
--   internally padded to a multiple of 16 bytes.
--   
--   For OFB and CTR, Encrypt and Decrypt are the same operation. For CTR,
--   the IV is the initial value of the counter.
data Mode
ECB :: Mode
CBC :: Mode
CFB :: Mode
OFB :: Mode
CTR :: Mode
data Direction
Encrypt :: Direction
Decrypt :: Direction

-- | A class of things that can be crypted
--   
--   The crypt function returns incremental results as well as appending
--   them to the result bytestring.
class Cryptable a
crypt :: Cryptable a => a -> AES s a

-- | Run an AES computation
runAEST :: MonadUnsafeIO m => Mode -> ByteString -> ByteString -> Direction -> AEST m a -> m (a, ByteString)

-- | Run an AES computation
runAES :: Mode -> ByteString -> ByteString -> Direction -> (forall s. AES s a) -> (a, ByteString)
instance Cryptable ByteString
instance Cryptable ByteString


-- | A pure interface to AES
module Codec.Crypto.AES

-- | Modes ECB and CBC can only handle full 16-byte frames. This means the
--   length of every strict bytestring passed in must be a multiple of 16;
--   when using lazy bytestrings, its <i>component</i> strict bytestrings
--   must all satisfy this.
--   
--   Other modes can handle bytestrings of any length. However, encrypting
--   a bytestring of length 5 and then one of length 4 is not the same
--   operation as encrypting a single bytestring of length 9; they are
--   internally padded to a multiple of 16 bytes.
--   
--   For OFB and CTR, Encrypt and Decrypt are the same operation. For CTR,
--   the IV is the initial value of the counter.
data Mode
ECB :: Mode
CBC :: Mode
CFB :: Mode
OFB :: Mode
CTR :: Mode
data Direction
Encrypt :: Direction
Decrypt :: Direction

-- | Encryption/decryption for lazy bytestrings
crypt :: Mode -> ByteString -> ByteString -> Direction -> ByteString -> ByteString

-- | Encryption/decryption for strict bytestrings
crypt' :: Mode -> ByteString -> ByteString -> Direction -> ByteString -> ByteString