botan-0.0.1.0: High-level Botan bindings
Copyright(c) Leo D 2023
LicenseBSD-3-Clause
Maintainerleo@apotheca.io
Stabilityexperimental
PortabilityPOSIX
Safe HaskellNone
LanguageHaskell2010

Botan.MAC

Description

A Message Authentication Code algorithm computes a tag over a message utilizing a shared secret key. Thus a valid tag confirms the authenticity and integrity of the message. Only entities in possession of the shared secret key are able to verify the tag.

Note

When combining a MAC with unauthenticated encryption mode, prefer to first encrypt the message and then MAC the ciphertext. The alternative is to MAC the plaintext, which depending on exact usage can suffer serious security issues. For a detailed discussion of this issue see the paper “The Order of Encryption and Authentication for Protecting Communications” by Hugo Krawczyk

The Botan MAC computation is split into five stages.

  • Instantiate the MAC algorithm.
  • Set the secret key.
  • Process IV.
  • Process data.
  • Finalize the MAC computation.
Synopsis

Message Authentication Codes

 

Usage

 

Idiomatic interface

Data type

data MAC Source #

Constructors

CMAC BlockCipher 
GMAC BlockCipher

CBC_MAC BlockCipher -- No longer supported (possibly due to security issues)

HMAC CryptoHash 
Poly1305

KMAC_128 Int -- Output length | KMAC_256 Int -- Output length

SipHash Int Int 
X9_19_MAC 

Instances

Instances details
Show MAC Source # 
Instance details

Defined in Botan.MAC

Methods

showsPrec :: Int -> MAC -> ShowS #

show :: MAC -> String #

showList :: [MAC] -> ShowS #

Eq MAC Source # 
Instance details

Defined in Botan.MAC

Methods

(==) :: MAC -> MAC -> Bool #

(/=) :: MAC -> MAC -> Bool #

Enumerations

macs :: [MAC] Source #

Associated types

type MACKeySpec = KeySpec Source #

type MACKey = ByteString Source #

newMACKey :: MonadRandomIO m => MAC -> m MACKey Source #

newMACKeyMaybe :: MonadRandomIO m => Int -> MAC -> m (Maybe MACKey) Source #

type MACDigest = ByteString Source #

Accessors

macName :: MAC -> ByteString Source #

macKeySpec :: MAC -> KeySpec Source #

macDigestLength :: MAC -> Int Source #

Idiomatic algorithm

mac :: MAC -> MACKey -> ByteString -> Maybe MACDigest Source #

gmac :: MAC -> MACKey -> GMACNonce -> ByteString -> Maybe MACDigest Source #

macLazy :: MAC -> MACKey -> ByteString -> Maybe MACDigest Source #

Mutable interface

Tagged mutable context

data MutableMAC Source #

Constructors

MkMutableMAC 

Fields

Destructor

destroyMAC :: MonadIO m => MutableMAC -> m () Source #

Initializers

newMAC :: MonadIO m => MAC -> m MutableMAC Source #

Accessors

getMACName :: MonadIO m => MutableMAC -> m MACName Source #

getMACKeySpec :: MonadIO m => MutableMAC -> m MACKeySpec Source #

getMACDigestLength :: MonadIO m => MutableMAC -> m Int Source #

setMACKey :: MonadIO m => MACKey -> MutableMAC -> m Bool Source #

GMAC-specific functions

type GMACNonce = ByteString Source #

setGMACNonce :: MonadIO m => GMACNonce -> MutableMAC -> m () Source #

Accessory functions

clearMAC :: MonadIO m => MutableMAC -> m () Source #

Mutable algorithm

updateMAC :: MonadIO m => MutableMAC -> ByteString -> m () Source #

finalizeMAC :: MonadIO m => MutableMAC -> m MACDigest Source #

updateFinalizeMAC :: MonadIO m => MutableMAC -> ByteString -> m MACDigest Source #

updateFinalizeClearMAC :: MonadIO m => MutableMAC -> ByteString -> m MACDigest Source #

Algorithm references

cmac :: BlockCipher -> MAC Source #

GMAC BlockCipher -- Requires a nonce "GMAC can accept initialization vectors of arbitrary length" | HMAC Hash -- Must be a (CS)Hash, and not a Checksum -- New in 3.2 -- | KMAC_128 Int -- Output length -- | KMAC_256 Int -- Output length | Poly1305 -- Requires a unique key per message (key r and nonce s have been combined) | SipHash Int Int -- Number of input and finalization rounds | X9_19_MAC

hmac :: CryptoHash -> MAC Source #

poly1305 :: MAC Source #

sipHash :: MAC Source #

x9_19_mac :: MAC Source #