CommSec is a package that provides communication security for use with Haskell sockets. Using an ephemeral shared secret you can build contexts for sending or receiving data between one or more peers.
Do not reuse the shared secret! Key agreement mechanisms that leverage PKI might be added later.
- data OutContext
- data InContext
- data CommSecError
- data SequenceMode
- newInContext :: ByteString -> SequenceMode -> InContext
- newOutContext :: ByteString -> OutContext
- inContext :: Word64 -> Word32 -> AESKey128 -> InContext
- outContext :: Word64 -> Word32 -> AESKey128 -> OutContext
- decode :: InContext -> ByteString -> Either CommSecError (ByteString, InContext)
- encode :: OutContext -> ByteString -> (ByteString, OutContext)
- decodePtr :: InContext -> Ptr Word8 -> Ptr Word8 -> Int -> IO (Either CommSecError (Int, InContext))
- encodePtr :: OutContext -> Ptr Word8 -> Ptr Word8 -> Int -> IO OutContext
- encBytes :: Int -> Int
- decBytes :: Int -> Int
- peekBE32 :: Ptr Word8 -> IO Word32
- pokeBE32 :: Ptr Word8 -> Word32 -> IO ()
- peekBE :: Ptr Word8 -> IO Word64
- pokeBE :: Ptr Word8 -> Word64 -> IO ()
Errors that can be returned by the decoding/receicing operations.
Policy for misordered packets. Notice StrictOrdering does not mean every sequence numbered packet will be received, only that the sequence number will always increase.
Build contexts for use sending and receiving
Given at least 20 bytes of entropy, produce an in context that can communicate with an identically initialized out context.
Given at least 24 bytes of entropy, produce an out context that can communicate with an identically initialized in context.
Construct an in context from a counter, salt, and AES key.
The in context will be
Construct an out context from a counter, salt, and AES key.
Pure / ByteString based encryption and decryption routines
IO / Pointer based encryption and decryption routines
decodePtr inCtx pkg msg pkgLen decrypts and verifies a package at
pkg of size
pkgLen. The resulting message is placed at
msg and its size is returned along with a new context (or
encodePtr outCtx msg result msgLen will encode
msgLen bytes at
msg, placing the result at location
result. The buffer
pointed to by
result must be at least
encBytes msgLen bytes large,
the actual package will be exactly
encBytes msgLen in size.
Given a message length, returns the number of bytes an encoded message will consume.
Given a package length, returns the number of bytes in the underlying message.