-- Hoogle documentation, generated by Haddock -- See Hoogle, http://www.haskell.org/hoogle/ -- | Common Cryptographic Algorithms in Pure Haskell -- -- This packages provides many of the commonly used cryptographic -- algorithms, such as -- -- -- -- Moreover, this package also provides an implementation of the -- Bubble Babble Binary Data Encoding specification and -- miscellaneous utilties. -- -- The library in this package is implemented in pure Haskell2010 -- (plus currently the FlexibleInstances and -- TypeSynonymInstances extensions) and thus should be fairly -- portable. However, it shouldn't be expected to be the most performant -- possible Haskell cryptographic library; for instance, for optimized -- implementations of Hash algorithms, see the cryptohash-* -- family. @package Crypto @version 4.2.5.2 -- | Takes the DES module supplied by Ian Lynagh and wraps it so it can -- used with the standard modes. -- -- See http://web.comlab.ox.ac.uk/oucl/work/ian.lynagh/. module Codec.Encryption.DES -- | Basic DES encryption which takes a key and a block of plaintext and -- returns the encrypted block of ciphertext according to the standard. encrypt :: Word64 -> Word64 -> Word64 -- | Basic DES decryption which takes a key and a block of ciphertext and -- returns the decrypted block of plaintext according to the standard. decrypt :: Word64 -> Word64 -> Word64 -- | This module currently supports Cipher Block Chaining (CBC) mode. See -- http://www.itl.nist.gov/fipspubs/fip81.htm for further details. module Codec.Encryption.Modes -- | In CBC or Cipher Block Chaining mode each block is XORed with the -- previous enciphered block before encryption. For the first block, -- start with an initialization vector. Take an encryption function, an -- initialisation vector, a key and a list of blocks and return the -- encrypted blocks using CBC. cbc :: Bits block => (key -> block -> block) -> block -> key -> [block] -> [block] -- | To decipher in CBC or Cipher Block Chaining mode, decipher each block, -- then XOR the result with the previous block of plaintext result. Note -- that the initialization vector is treated as the zeroth block of -- plaintext. Take a decryption function, an initialisation vector, a key -- and a list of encrypted blocks using CBC and return plaintext blocks. unCbc :: Bits block => (key -> block -> block) -> block -> key -> [block] -> [block] module Codec.Encryption.RSA.NumberTheory inverse :: Integer -> Integer -> Integer extEuclGcd :: Integer -> Integer -> (Integer, Integer) simplePrimalityTest :: Integer -> Bool getPrime :: Int -> IO Integer pg :: Integer -> Integer -> Integer -> IO Integer isPrime :: Integer -> IO Bool rabinMillerPrimalityTest :: Integer -> IO Bool expmod :: Integer -> Integer -> Integer -> Integer factor :: Integer -> [Int] testInverse :: Integer -> Integer -> Bool primes :: [Integer] (/|) :: Integer -> Integer -> Bool randomOctet :: Int -> IO String -- | Implementation of the TEA tiny encryption algorithm module Codec.Encryption.TEA data TEAKey TEAKey :: {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> TEAKey encrypt :: TEAKey -> Word64 -> Word64 decrypt :: TEAKey -> Word64 -> Word64 -- | Utilities for coding and decoding. module Codec.Utils -- | The basic 8-bit type for encoding and decoding. type Octet = Word8 -- | The most significant bit of an Octet. msb :: Int -- | Convert from twos complement. fromTwosComp :: Integral a => [Octet] -> a toTwosComp :: Integral a => a -> [Octet] -- | Take a number x convert it to base n as a list of -- octets. toOctets :: (Integral a, Integral b) => a -> b -> [Octet] -- | Take a list of octets (a number expressed in base n) and convert it to -- a number. fromOctets :: (Integral a, Integral b) => a -> [Octet] -> b -- | See listToOctets. listFromOctets :: (Integral a, Bits a) => [Octet] -> [a] -- | Converts a list of numbers into a list of octets. The resultant list -- has nulls trimmed from the end to make this the dual of listFromOctets -- (except when the original octet list ended with nulls; see -- trimNulls). listToOctets :: (Bits a, Integral a) => [a] -> [Octet] -- | Take the length of the required number of octets and convert the -- number to base 256 padding it out to the required length. If the -- required length is less than the number of octets of the converted -- number then return the converted number. NB this is different from the -- standard -- ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf but -- mimics how replicate behaves. i2osp :: Integral a => Int -> a -> [Octet] module Codec.Text.Raw hexdump :: OctetsPerLine -> [Octet] -> Doc hexdumpBy :: String -> OctetsPerLine -> [Octet] -> Doc -- | Implements the mask generation function as specified in: -- ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf module Codec.Encryption.RSA.MGF -- | Take a hash function, a seed and the intended length of the the mask -- and deliver a mask of the requested length. mgf :: ([Octet] -> [Octet]) -> [Octet] -> Int -> [Octet] -- | A modified version of the EMEOAEP module supplied by David J. Sankel -- (http://www.electronconsulting.com/rsa-haskell). -- -- As the original code is GPL, this has to be. This code is free -- software; you can redistribute it and/or modify it under the terms of -- the GNU General Public License as published by the Free Software -- Foundation; either version 2 of the License, or (at your option) any -- later version. -- -- This code is distributed in the hope that it will be useful, but -- WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this code; if not, write to the Free Software Foundation, -- Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA module Codec.Encryption.RSA.EMEOAEP -- | Take a mask generating function, a hash function, a label (which may -- be null), a random seed, the modulus of the key and the message and -- returns an encoded message. NB you could pass in the length of the -- modulus but it seems safer to pass in the modulus itself and calculate -- the length when required. See -- ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf for -- more details. encode :: (([Octet] -> [Octet]) -> [Octet] -> Int -> [Octet]) -> ([Octet] -> [Octet]) -> [Octet] -> [Octet] -> [Octet] -> [Octet] -> [Octet] -- | Take a mask generating function, a hash function, a label (which may -- be null) and the message and returns the decoded. decode :: (([Octet] -> [Octet]) -> [Octet] -> Int -> [Octet]) -> ([Octet] -> [Octet]) -> [Octet] -> [Octet] -> [Octet] -- | A modified version of the RSA module supplied by David J. Sankel -- (http://www.electronconsulting.com/rsa-haskell). -- -- As the original code is GPL, this has to be. This code is free -- software; you can redistribute it and/or modify it under the terms of -- the GNU General Public License as published by the Free Software -- Foundation; either version 2 of the License, or (at your option) any -- later version. -- -- This code is distributed in the hope that it will be useful, but -- WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this code; if not, write to the Free Software Foundation, -- Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA module Codec.Encryption.RSA -- | Take the modulus of the RSA key and the public exponent expressed as -- lists of octets and the plaintext also expressed as a list of octets -- and return the ciphertext as a list of octets. Of course, these are -- all large integers but using lists of octets makes everything easier. -- See http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/index.html -- for more details. encrypt :: ([Octet], [Octet]) -> [Octet] -> [Octet] -- | Take the modulus of the RSA key and the private exponent expressed as -- lists of octets and the ciphertext also expressed as a list of octets -- and return the plaintext as a list of octets. decrypt :: ([Octet], [Octet]) -> [Octet] -> [Octet] -- | Padding algorithms for use with block ciphers. -- -- This module currently supports: -- -- module Codec.Encryption.Padding -- | When the last block of plaintext is shorter than the block size then -- it must be padded. PKCS5 specifies that the padding octets should each -- contain the number of octets which must be stripped off. So, for -- example, with a block size of 8, "0a0b0c" will be padded with "05" -- resulting in "0a0b0c0505050505". If the final block is a full block of -- 8 octets then a whole block of "0808080808080808" is appended. pkcs5 :: (Integral a, Bits a) => [Octet] -> [a] -- | Take a list of blocks padded using the method described in PKCS5 (see -- http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5) and return the -- list of unpadded octets. NB this function does not currently check -- that the padded block is correctly formed and should only be used for -- blocks that have been padded correctly. unPkcs5 :: (Bits a, Integral a) => [a] -> [Octet] -- | When the last block of plaintext is shorter than the block size then -- it must be padded. Nulls padding specifies that the padding octets -- should each contain a null. So, for example, with a block size of 8, -- "0a0b0c" will be padded to "0a0b0c0000000000". If the final block is a -- full block of 8 octets then a whole block of "0000000000000000" is -- appended. NB this is only suitable for data which does not contain -- nulls, for example, ASCII. padNulls :: (Integral a, Bits a) => [Octet] -> [a] -- | Take a list of blocks padded with nulls and return the list of -- unpadded octets. NB if the blocks contain a null then the result is -- unpredictable. unPadNulls :: (Bits a, Integral a) => [a] -> [Octet] -- | Takes the Blowfish module supplied by Doug Hoyte and wraps it so it -- can used with the standard modes. module Codec.Encryption.Blowfish -- | Basic Blowfish encryption which takes a key and a block of plaintext -- and returns the encrypted block of ciphertext according to the -- standard. Typical keys are Word8, Word16, Word32, Word64, Word128. See -- http://www.counterpane.com/vectors.txt. encrypt :: Integral a => a -> Word64 -> Word64 -- | Basic Blowfish decryption which takes a key and a block of ciphertext -- and returns the decrypted block of plaintext. decrypt :: Integral a => a -> Word64 -> Word64 module Codec.Binary.BubbleBabble -- | Encode binary data into the Bubble Babble human readable -- encoding. Bubble Babble is an encoding that represents binary -- data as psuedowords which are more pronouncable and memorable than -- standard hexadecimal encoding. -- -- It is mainly used for representing cryptographic fingerprints. In -- addition, there is an amount of redundancy and error correction built -- into the representation so that transcription errors can be more -- readily identified. -- -- See also "The Bubble Babble Binary Data Encoding" specification -- for more details. encode :: [Octet] -> String -- | Takes the MD5 module supplied by Ian Lynagh and wraps it so it takes -- [Octet] and returns [Octet] where the length of the result is always -- 16. See http://web.comlab.ox.ac.uk/oucl/work/ian.lynagh/ and -- http://www.ietf.org/rfc/rfc1321.txt. module Data.Digest.MD5 -- | Take [Octet] and return [Octet] according to the standard. The length -- of the result is always 16 octets or 128 bits as required by the -- standard. hash :: [Octet] -> [Octet] -- | Take [Word8] and return Word160. See -- http://www.itl.nist.gov/fipspubs/fip180-1.htm for the -- specification. module Data.Digest.SHA1 data Word160 Word160 :: {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> {-# UNPACK #-} !Word32 -> Word160 hash :: [Word8] -> Word160 lift2 :: (Word32 -> Word32 -> Word32) -> Word160 -> Word160 -> Word160 toInteger :: Word160 -> Integer instance GHC.Show.Show Data.Digest.SHA1.Word160 instance GHC.Classes.Eq Data.Digest.SHA1.Word160 -- | Implements SHA-256, SHA-384, SHA-512, and SHA-224 as defined in FIPS -- 180-2 -- http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf. module Data.Digest.SHA2 -- | sha224 currently requires that the bitSize of a -- divide 32 sha224 :: (Bits a, Integral a) => [a] -> Hash224 -- | sha224Ascii assumes that all characters of the strings are -- ISO-latin-1 characters. ie. each characters fits in one octet. sha224Ascii :: String -> Hash224 data Hash224 -- | sha256 currently requires that the bitSize of a -- divide 32 sha256 :: (Bits a, Integral a) => [a] -> Hash256 -- | sha256Ascii assumes that all characters of the strings are -- ISO-latin-1 characters. ie. each characters fits in one octet. sha256Ascii :: String -> Hash256 type Hash256 = Hash8 Word32 -- | sha384 currently requires that the bitSize of a -- divide 64 sha384 :: (Bits a, Integral a) => [a] -> Hash384 -- | sha384Ascii assumes that all characters of the strings are -- ISO-latin-1 characters. ie. each characters fits in one octet. sha384Ascii :: String -> Hash384 data Hash384 -- | sha384 currently requires that the bitSize of a -- divide 64 sha512 :: (Bits a, Integral a) => [a] -> Hash512 -- | sha512Ascii assumes that all characters of the strings are -- ISO-latin-1 characters. ie. each characters fits in one octet. sha512Ascii :: String -> Hash512 type Hash512 = Hash8 Word64 toOctets :: Hash h => h -> [Word8] instance GHC.Classes.Ord w => GHC.Classes.Ord (Data.Digest.SHA2.Hash8 w) instance GHC.Classes.Eq w => GHC.Classes.Eq (Data.Digest.SHA2.Hash8 w) instance GHC.Classes.Ord Data.Digest.SHA2.Hash384 instance GHC.Classes.Eq Data.Digest.SHA2.Hash384 instance GHC.Classes.Ord Data.Digest.SHA2.Hash224 instance GHC.Classes.Eq Data.Digest.SHA2.Hash224 instance (GHC.Real.Integral h, GHC.Bits.Bits h, GHC.Show.Show h) => Data.Digest.SHA2.Hash (Data.Digest.SHA2.Hash8 h) instance Data.Digest.SHA2.Hash Data.Digest.SHA2.Hash384 instance Data.Digest.SHA2.Hash Data.Digest.SHA2.Hash224 instance GHC.Show.Show Data.Digest.SHA2.Hash224 instance GHC.Show.Show Data.Digest.SHA2.Hash384 instance (GHC.Real.Integral a, GHC.Show.Show a) => GHC.Show.Show (Data.Digest.SHA2.Hash8 a) instance Data.Digest.SHA2.ShaData GHC.Word.Word32 instance Data.Digest.SHA2.ShaData GHC.Word.Word64 -- | Takes the SHA2 module supplied and wraps it so it takes [Octet] and -- returns [Octet] where the length of the result is always 28. and -- http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf. module Data.Digest.SHA224 -- | Take [Octet] and return [Octet] according to the standard. The length -- of the result is always 28 octets or 224 bits as required by the -- standard. hash :: [Octet] -> [Octet] -- | Takes the SHA2 module supplied and wraps it so it takes [Octet] and -- returns [Octet] where the length of the result is always 32. and -- http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf. module Data.Digest.SHA256 -- | Take [Octet] and return [Octet] according to the standard. The length -- of the result is always 32 octets or 256 bits as required by the -- standard. hash :: [Octet] -> [Octet] -- | Takes the SHA2 module supplied and wraps it so it takes [Octet] and -- returns [Octet] where the length of the result is always 48. and -- http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf. module Data.Digest.SHA384 -- | Take [Octet] and return [Octet] according to the standard. The length -- of the result is always 48 octets or 384 bits as required by the -- standard. hash :: [Octet] -> [Octet] -- | Takes the SHA2 module supplied and wraps it so it takes [Octet] and -- returns [Octet] where the length of the result is always 64. and -- http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf. module Data.Digest.SHA512 -- | Take [Octet] and return [Octet] according to the standard. The length -- of the result is always 64 octets or 512 bits as required by the -- standard. hash :: [Octet] -> [Octet] -- | Implements HMAC (hashed message authentication code) as defined in -- FIPS 198 -- http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf. module Data.HMAC -- | Generalized function for creating HMACs on a specified hash function. hmac :: HashMethod -> [Octet] -> [Octet] -> [Octet] -- | Compute an HMAC using SHA-1 as the underlying hash function. hmac_sha1 :: [Octet] -> [Octet] -> [Octet] -- | Compute an HMAC using MD5 as the underlying hash function. hmac_md5 :: [Octet] -> [Octet] -> [Octet] -- | HMAC works over any hash function, which is represented by HashMethod. -- A hash function and input block size must be specified. data HashMethod HashMethod :: ([Octet] -> [Octet]) -> Int -> HashMethod -- | An arbitrary hash function [digest] :: HashMethod -> [Octet] -> [Octet] -- | Bit size of an input block to the hash function [input_blocksize] :: HashMethod -> Int -- | Provides Word128, Word192 and Word256 and a way of producing other -- large words if required. module Data.LargeWord data LargeKey a b type Word96 = LargeKey Word32 Word64 type Word128 = LargeKey Word64 Word64 type Word160 = LargeKey Word32 Word128 type Word192 = LargeKey Word64 Word128 type Word224 = LargeKey Word32 Word192 type Word256 = LargeKey Word64 Word192 instance (GHC.Classes.Ord a, GHC.Classes.Ord b) => GHC.Classes.Ord (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Eq a, GHC.Classes.Eq b) => GHC.Classes.Eq (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, Data.LargeWord.LargeWord a, GHC.Bits.Bits b, Data.LargeWord.LargeWord b) => Data.LargeWord.LargeWord (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, Data.LargeWord.LargeWord a, GHC.Bits.Bits b, Data.LargeWord.LargeWord b) => GHC.Show.Show (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, Data.LargeWord.LargeWord a, GHC.Bits.Bits b, Data.LargeWord.LargeWord b) => GHC.Num.Num (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, Data.LargeWord.LargeWord a, GHC.Bits.Bits b, Data.LargeWord.LargeWord b) => GHC.Bits.Bits (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, GHC.Enum.Bounded a, GHC.Real.Integral a, Data.LargeWord.LargeWord a, GHC.Bits.Bits b, GHC.Enum.Bounded b, GHC.Real.Integral b, Data.LargeWord.LargeWord b) => GHC.Enum.Bounded (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, Data.LargeWord.LargeWord a, GHC.Classes.Ord b, GHC.Bits.Bits b, Data.LargeWord.LargeWord b) => GHC.Real.Integral (Data.LargeWord.LargeKey a b) instance (GHC.Classes.Ord a, GHC.Bits.Bits a, Data.LargeWord.LargeWord a, GHC.Classes.Ord b, GHC.Bits.Bits b, Data.LargeWord.LargeWord b) => GHC.Real.Real (Data.LargeWord.LargeKey a b) instance GHC.Enum.Enum (Data.LargeWord.LargeKey a b) instance Data.LargeWord.LargeWord GHC.Word.Word32 instance Data.LargeWord.LargeWord GHC.Word.Word64 -- | Takes the AES module supplied by Lukasz Anforowicz and wraps it so it -- can used with the standard modes. module Codec.Encryption.AES -- | Basic AES encryption which takes a key and a block of plaintext and -- returns the encrypted block of ciphertext according to the standard. encrypt :: AESKey a => a -> Word128 -> Word128 -- | Basic AES decryption which takes a key and a block of ciphertext and -- returns the decrypted block of plaintext according to the standard. decrypt :: AESKey a => a -> Word128 -> Word128 class AESKeyIndirection a => AESKey a instance Codec.Encryption.AES.AESKey Data.LargeWord.Word128 instance Codec.Encryption.AES.AESKey Data.LargeWord.Word192 instance Codec.Encryption.AES.AESKey Data.LargeWord.Word256 instance Codec.Encryption.AES.AESKeyIndirection Data.LargeWord.Word128 instance Codec.Encryption.AES.AESKeyIndirection Data.LargeWord.Word192 instance Codec.Encryption.AES.AESKeyIndirection Data.LargeWord.Word256