crypto-api-0.13.3: A generic interface for cryptographic operations

MaintainerThomas.DuBuisson@gmail.com
Stabilitybeta
Portabilityportable
Safe HaskellNone
LanguageHaskell98

Crypto.Random

Contents

Description

This module is for instantiating cryptographicly strong determinitic random bit generators (DRBGs, aka PRNGs) For the simple use case of using the system random number generator (Entropy) to seed the DRBG:

   g <- newGenIO

Users needing to provide their own entropy can call newGen directly

    entropy <- getEntropy nrBytes
    let generator = newGen entropy

Synopsis

Basic Interface

class CryptoRandomGen g where Source #

A class of random bit generators that allows for the possibility of failure, reseeding, providing entropy at the same time as requesting bytes

Minimum complete definition: newGen, genSeedLength, genBytes, reseed, reseedInfo, reseedPeriod.

Minimal complete definition

newGen, genSeedLength, genBytes, reseedInfo, reseedPeriod, reseed

Methods

newGen :: ByteString -> Either GenError g Source #

Instantiate a new random bit generator. The provided bytestring should be of length >= genSeedLength. If the bytestring is shorter then the call may fail (suggested error: NotEnoughEntropy). If the bytestring is of sufficent length the call should always succeed.

genSeedLength :: Tagged g ByteLength Source #

Length of input entropy necessary to instantiate or reseed a generator

genBytes :: ByteLength -> g -> Either GenError (ByteString, g) Source #

genBytes len g generates a random ByteString of length len and new generator. The MonadCryptoRandom package has routines useful for converting the ByteString to commonly needed values (but "cereal" or other deserialization libraries would also work).

This routine can fail if the generator has gone too long without a reseed (usually this is in the ball-park of 2^48 requests). Suggested error in this cases is NeedReseed

reseedInfo :: g -> ReseedInfo Source #

Indicates how soon a reseed is needed

reseedPeriod :: g -> ReseedInfo Source #

Indicates the period between reseeds (constant for most generators).

genBytesWithEntropy :: ByteLength -> ByteString -> g -> Either GenError (ByteString, g) Source #

genBytesWithEntropy g i entropy generates i random bytes and use the additional input entropy in the generation of the requested data to increase the confidence our generated data is a secure random stream.

Some generators use entropy to perturb the state of the generator, meaning:

    (_,g2') <- genBytesWithEntropy len g1 ent
    (_,g2 ) <- genBytes len g1
    g2 /= g2'

But this is not required.

Default:

    genBytesWithEntropy g bytes entropy = xor entropy (genBytes g bytes)

reseed :: ByteString -> g -> Either GenError g Source #

If the generator has produced too many random bytes on its existing seed it will return NeedReseed. In that case, reseed the generator using this function and a new high-entropy seed of length >= genSeedLength. Using bytestrings that are too short can result in an error (NotEnoughEntropy).

newGenIO :: IO g Source #

By default this uses System.Entropy to obtain entropy for newGen. WARNING: The default implementation opens a file handle which will never be closed!

data GenError Source #

Generator failures should always return the appropriate GenError. Note GenError in an instance of exception but wether or not an exception is thrown depends on if the selected generator (read: if you don't want execptions from code that uses throw then pass in a generator that never has an error for the used functions)

Constructors

GenErrorOther String

Misc

RequestedTooManyBytes

Requested more bytes than a single pass can generate (The maximum request is generator dependent)

RangeInvalid

When using genInteger g (l,h) and logBase 2 (h - l) > (maxBound :: Int).

NeedReseed

Some generators cease operation after too high a count without a reseed (ex: NIST SP 800-90)

NotEnoughEntropy

For instantiating new generators (or reseeding)

NeedsInfiniteSeed

This generator can not be instantiated or reseeded with a finite seed (ex: SystemRandom)

Instances

Eq GenError Source # 
Data GenError Source # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> GenError -> c GenError #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c GenError #

toConstr :: GenError -> Constr #

dataTypeOf :: GenError -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c GenError) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c GenError) #

gmapT :: (forall b. Data b => b -> b) -> GenError -> GenError #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> GenError -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> GenError -> r #

gmapQ :: (forall d. Data d => d -> u) -> GenError -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> GenError -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> GenError -> m GenError #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> GenError -> m GenError #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> GenError -> m GenError #

Ord GenError Source # 
Read GenError Source # 
Show GenError Source # 
Exception GenError Source # 

data ReseedInfo Source #

Constructors

InXBytes !Word64

Generator needs reseeded in X bytes

InXCalls !Word64

Generator needs reseeded in X calls

NotSoon

The bound is over 2^64 bytes or calls

Never

This generator never reseeds (ex: SystemRandom)

Instances

Eq ReseedInfo Source # 
Data ReseedInfo Source # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> ReseedInfo -> c ReseedInfo #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c ReseedInfo #

toConstr :: ReseedInfo -> Constr #

dataTypeOf :: ReseedInfo -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c ReseedInfo) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c ReseedInfo) #

gmapT :: (forall b. Data b => b -> b) -> ReseedInfo -> ReseedInfo #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> ReseedInfo -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> ReseedInfo -> r #

gmapQ :: (forall d. Data d => d -> u) -> ReseedInfo -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> ReseedInfo -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> ReseedInfo -> m ReseedInfo #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> ReseedInfo -> m ReseedInfo #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> ReseedInfo -> m ReseedInfo #

Ord ReseedInfo Source # 
Read ReseedInfo Source # 
Show ReseedInfo Source # 

Helper functions and expanded interface

splitGen :: CryptoRandomGen g => g -> Either GenError (g, g) Source #

While the safety and wisdom of a splitting function depends on the properties of the generator being split, several arguments from informed people indicate such a function is safe for NIST SP 800-90 generators. (see libraries@haskell.org discussion around Sept, Oct 2010). You can find implementations of such generators in the DRBG package.

throwLeft :: Exception e => Either e a -> a Source #

Useful utility to extract the result of a generator operation and translate error results to exceptions.

Instances

data SystemRandom Source #

Not that it is technically correct as an instance of CryptoRandomGen, but simply because it's a reasonable engineering choice here is a CryptoRandomGen which streams the system randoms. Take note:

  • It uses the default definition of genByteWithEntropy
  • newGen will always fail!
  • reseed will always fail!
  • the handle to the system random is never closed