confcrypt-0.1.0.4

Copyright(c) 2018 Chris Coffey
(c) 2018 CollegeVine
LicenseMIT
MaintainerChris Coffey
Stabilityexperimental
Portabilityportable
Safe HaskellNone
LanguageHaskell2010

ConfCrypt.Encryption

Contents

Description

This exposes the interface and instances for handling encryption/decryption. The interface for each operation is intentionally split.

Synopsis

Working with RSA keys

class KeyProjection key Source #

This class provides the ability to extract specific parts of a keypair from a given RSA KeyPair

Minimal complete definition

project

Instances
KeyProjection PublicKey Source # 
Instance details

Defined in ConfCrypt.Encryption

KeyProjection PrivateKey Source # 
Instance details

Defined in ConfCrypt.Encryption

data TextKey key where Source #

Represents the textual contents of any key stored on the local machine

Constructors

TextKey :: LocalKey key => key -> TextKey key 

data RemoteKey key where Source #

Represents a KMS key remotely managed by a third party service provider.

Constructors

RemoteKey :: KMSKey key => key -> RemoteKey key 

Working with values

data Encrypted Source #

Instances
Eq Encrypted Source # 
Instance details

Defined in ConfCrypt.Encryption

Show Encrypted Source # 
Instance details

Defined in ConfCrypt.Encryption

class (Monad m, MonadError ConfCryptError m) => MonadEncrypt m k Source #

The interface for encrypting a value is simply a function from a key + plaintext -> ciphertext.

Minimal complete definition

encryptValue

encryptValue :: MonadEncrypt m k => k -> Text -> m Text Source #

Encrypts a value and either returns the ciphertext or throws a ConfCryptError

class (Monad m, MonadError ConfCryptError m) => MonadDecrypt m k Source #

Decrypts an encrypted block of text

Minimal complete definition

decryptValue

decryptValue :: MonadDecrypt m k => k -> Text -> m Text Source #

Given a key and some encrypted ciphertext, returns either the decrypted plaintext or raises a ConfCryptError

Utilities

loadRSAKey :: (MonadIO m, Monad m, MonadError ConfCryptError m, KeyProjection key) => FilePath -> m key Source #

Given a file on disk that contains the textual representation of an RSA private key (as generated by openssh or ssh-keygen), extract the key from the file and project it into the type of key required.

Exported for Testing

unpackPrivateRSAKey :: MonadError ConfCryptError m => ByteString -> m KeyPair Source #

A private function to actually unpack the RSA key. Only used for testing

Orphan instances

KMSKey AWSCtx Source # 
Instance details

LocalKey PublicKey Source # 
Instance details

LocalKey PrivateKey Source # 
Instance details

MonadRandom m => MonadRandom (ExceptT e m) Source # 
Instance details

Methods

getRandomBytes :: ByteArray byteArray => Int -> ExceptT e m byteArray #

MonadRandom m => MonadRandom (ConfCryptM m k) Source # 
Instance details

Methods

getRandomBytes :: ByteArray byteArray => Int -> ConfCryptM m k byteArray #