| Copyright | YouShi Dong Han 2021 |
|---|---|
| License | BSD |
| Maintainer | winterland1989@gmail.com |
| Stability | experimental |
| Portability | non-portable |
| Safe Haskell | None |
| Language | Haskell2010 |
Z.Crypto.MAC
Description
A Message Authentication Code algorithm computes a tag over a message utilizing a shared secret key. Thus a valid tag confirms the authenticity and integrity of the message. Only entities in possession of the shared secret key are able to verify the tag.
Synopsis
- data MACType
- data MAC
- macName :: MAC -> CBytes
- macSize :: MAC -> Int
- newMAC :: HasCallStack => MACType -> IO MAC
- setKeyMAC :: HasCallStack => MAC -> Bytes -> IO ()
- updateMAC :: HasCallStack => MAC -> Bytes -> IO ()
- finalMAC :: HasCallStack => MAC -> IO Bytes
- clearMAC :: HasCallStack => MAC -> IO ()
- mac :: HasCallStack => MACType -> Bytes -> Bytes -> Bytes
- macChunks :: HasCallStack => MACType -> Bytes -> [Bytes] -> Bytes
- sinkToMAC :: HasCallStack => MAC -> Sink Bytes
- macTypeToCBytes :: MACType -> CBytes
- withMAC :: MAC -> (BotanStructT -> IO r) -> IO r
MAC type
Constructors
| CMAC BlockCipherType | A modern CBC-MAC variant that avoids the security problems of plain CBC-MAC. Approved by NIST. Also sometimes called OMAC. |
| GMAC BlockCipherType | GMAC is related to the GCM authenticated cipher mode. It is quite slow unless hardware support for carryless multiplications is available. A new nonce must be used with each message authenticated, or otherwise all security is lost. |
| CBC_MAC BlockCipherType | An older authentication code based on a block cipher. Serious security problems, in particular insecure if messages of several different lengths are authenticated. Avoid unless required for compatibility. |
| HMAC HashType | A message authentication code based on a hash function. Very commonly used. |
| Poly1305 | A polynomial mac (similar to GMAC). Very fast, but tricky to use safely. Forms part of the ChaCha20Poly1305 AEAD mode. A new key must be used for each message, or all security is lost. |
| SipHash Int Int | A modern and very fast PRF. Produces only a 64-bit output. Defaults to “SipHash(2,4)” which is the recommended configuration, using 2 rounds for each input block and 4 rounds for finalization. |
| X9'19_MAC | A CBC-MAC variant sometimes used in finance. Always uses DES. Sometimes called the “DES retail MAC”, also standardized in ISO 9797-1. It is slow and has known attacks. Avoid unless required. |
Instances
Instances
| Show MAC Source # | |
| Generic MAC Source # | |
| Print MAC Source # | |
Defined in Z.Crypto.MAC Methods toUTF8BuilderP :: Int -> MAC -> Builder () # | |
| type Rep MAC Source # | |
Defined in Z.Crypto.MAC type Rep MAC = D1 ('MetaData "MAC" "Z.Crypto.MAC" "Z-Botan-0.3.1.0-GbapUVQUdq6A2uFR3TMVx6" 'False) (C1 ('MetaCons "MAC" 'PrefixI 'True) (S1 ('MetaSel ('Just "macStruct") 'SourceUnpack 'SourceStrict 'DecidedStrict) (Rec0 BotanStruct) :*: (S1 ('MetaSel ('Just "macName") 'SourceUnpack 'SourceStrict 'DecidedStrict) (Rec0 CBytes) :*: S1 ('MetaSel ('Just "macSize") 'SourceUnpack 'SourceStrict 'DecidedStrict) (Rec0 Int)))) | |
IUF interface
clearMAC :: HasCallStack => MAC -> IO () Source #
Reset the state of MAC object back to clean, as if no input has been supplied.
function interface
Arguments
| :: HasCallStack | |
| => MACType | |
| -> Bytes | key |
| -> Bytes | input |
| -> Bytes |
Directly compute a message's mac
macChunks :: HasCallStack => MACType -> Bytes -> [Bytes] -> Bytes Source #
Directly compute a chunked message's mac.
BIO interface
Internal helper
macTypeToCBytes :: MACType -> CBytes Source #