Copyright | (c) 2018 Chris Coffey (c) 2018 CollegeVine |
---|---|
License | MIT |
Maintainer | Chris Coffey |
Stability | experimental |
Portability | portable |
Safe Haskell | None |
Language | Haskell2010 |
This exposes the interface and instances for handling encryption/decryption. The interface for each operation is intentionally split.
Synopsis
- class KeyProjection key
- project :: KeyProjection key => KeyPair -> key
- data TextKey key where
- data RemoteKey key where
- data Encrypted
- renderEncrypted :: Encrypted -> Text
- class (Monad m, MonadError ConfCryptError m) => MonadEncrypt m k
- encryptValue :: MonadEncrypt m k => k -> Text -> m Text
- class (Monad m, MonadError ConfCryptError m) => MonadDecrypt m k
- decryptValue :: MonadDecrypt m k => k -> Text -> m Text
- loadRSAKey :: (MonadIO m, Monad m, MonadError ConfCryptError m, KeyProjection key) => FilePath -> m key
- unpackPrivateRSAKey :: MonadError ConfCryptError m => ByteString -> m KeyPair
Working with RSA keys
class KeyProjection key Source #
This class provides the ability to extract specific parts of a keypair from a given RSA KeyPair
Instances
KeyProjection PublicKey Source # | |
KeyProjection PrivateKey Source # | |
Defined in ConfCrypt.Encryption project :: KeyPair -> PrivateKey Source # |
project :: KeyProjection key => KeyPair -> key Source #
data TextKey key where Source #
Represents the textual contents of any key stored on the local machine
Instances
(MonadRandom m, MonadError ConfCryptError m, Monad m) => MonadEncrypt m (TextKey PublicKey) Source # | |
Defined in ConfCrypt.Encryption | |
(MonadError ConfCryptError m, Monad m) => MonadDecrypt m (TextKey PrivateKey) Source # | |
Defined in ConfCrypt.Encryption decryptValue :: TextKey PrivateKey -> Text -> m Text Source # |
data RemoteKey key where Source #
Represents a KMS key remotely managed by a third party service provider.
Instances
MonadEncrypt (ConfCryptM IO (RemoteKey AWSCtx)) (RemoteKey AWSCtx) Source # | |
Defined in ConfCrypt.Encryption | |
MonadDecrypt (ConfCryptM IO (RemoteKey AWSCtx)) (RemoteKey AWSCtx) Source # | |
Defined in ConfCrypt.Encryption |
Working with values
renderEncrypted :: Encrypted -> Text Source #
class (Monad m, MonadError ConfCryptError m) => MonadEncrypt m k Source #
The interface for encrypting a value is simply a function from a key + plaintext -> ciphertext.
Instances
(Monad m, MonadRandom m, MonadError ConfCryptError m) => MonadEncrypt m PublicKey Source # | |
Defined in ConfCrypt.Encryption | |
(MonadRandom m, MonadError ConfCryptError m, Monad m) => MonadEncrypt m (TextKey PublicKey) Source # | |
Defined in ConfCrypt.Encryption | |
MonadEncrypt (ConfCryptM IO (RemoteKey AWSCtx)) (RemoteKey AWSCtx) Source # | |
Defined in ConfCrypt.Encryption |
encryptValue :: MonadEncrypt m k => k -> Text -> m Text Source #
Encrypts a value and either returns the ciphertext or throws a ConfCryptError
class (Monad m, MonadError ConfCryptError m) => MonadDecrypt m k Source #
Decrypts an encrypted block of text
Instances
(Monad m, MonadError ConfCryptError m) => MonadDecrypt m PrivateKey Source # | |
Defined in ConfCrypt.Encryption decryptValue :: PrivateKey -> Text -> m Text Source # | |
(MonadError ConfCryptError m, Monad m) => MonadDecrypt m (TextKey PrivateKey) Source # | |
Defined in ConfCrypt.Encryption decryptValue :: TextKey PrivateKey -> Text -> m Text Source # | |
MonadDecrypt (ConfCryptM IO (RemoteKey AWSCtx)) (RemoteKey AWSCtx) Source # | |
Defined in ConfCrypt.Encryption |
decryptValue :: MonadDecrypt m k => k -> Text -> m Text Source #
Given a key and some encrypted ciphertext, returns either the decrypted plaintext or
raises a ConfCryptError
Utilities
loadRSAKey :: (MonadIO m, Monad m, MonadError ConfCryptError m, KeyProjection key) => FilePath -> m key Source #
Given a file on disk that contains the textual representation of an RSA private key (as generated by openssh or ssh-keygen), extract the key from the file and project it into the type of key required.
Exported for Testing
unpackPrivateRSAKey :: MonadError ConfCryptError m => ByteString -> m KeyPair Source #
A private function to actually unpack the RSA key. Only used for testing
Orphan instances
KMSKey AWSCtx Source # | |
LocalKey PublicKey Source # | |
LocalKey PrivateKey Source # | |
MonadRandom m => MonadRandom (ExceptT e m) Source # | |
getRandomBytes :: ByteArray byteArray => Int -> ExceptT e m byteArray # | |
MonadRandom m => MonadRandom (ConfCryptM m k) Source # | |
getRandomBytes :: ByteArray byteArray => Int -> ConfCryptM m k byteArray # |