| License | BSD-style |
|---|---|
| Maintainer | Vincent Hanquez <vincent@snarc.org> |
| Stability | experimental |
| Portability | Good |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.PubKey.RSA.PKCS15
Description
Synopsis
- pad :: (MonadRandom m, ByteArray message) => Int -> message -> m (Either Error message)
- padSignature :: ByteArray signature => Int -> signature -> Either Error signature
- unpad :: ByteArray bytearray => bytearray -> Either Error bytearray
- decrypt :: Maybe Blinder -> PrivateKey -> ByteString -> Either Error ByteString
- decryptSafer :: MonadRandom m => PrivateKey -> ByteString -> m (Either Error ByteString)
- sign :: HashAlgorithmASN1 hashAlg => Maybe Blinder -> Maybe hashAlg -> PrivateKey -> ByteString -> Either Error ByteString
- signSafer :: (HashAlgorithmASN1 hashAlg, MonadRandom m) => Maybe hashAlg -> PrivateKey -> ByteString -> m (Either Error ByteString)
- encrypt :: MonadRandom m => PublicKey -> ByteString -> m (Either Error ByteString)
- verify :: HashAlgorithmASN1 hashAlg => Maybe hashAlg -> PublicKey -> ByteString -> ByteString -> Bool
- class HashAlgorithm hashAlg => HashAlgorithmASN1 hashAlg
Padding and unpadding
pad :: (MonadRandom m, ByteArray message) => Int -> message -> m (Either Error message) Source #
This produce a standard PKCS1.5 padding for encryption
padSignature :: ByteArray signature => Int -> signature -> Either Error signature Source #
Produce a standard PKCS1.5 padding for signature
unpad :: ByteArray bytearray => bytearray -> Either Error bytearray Source #
Try to remove a standard PKCS1.5 encryption padding.
Private key operations
Arguments
| :: Maybe Blinder | optional blinder |
| -> PrivateKey | RSA private key |
| -> ByteString | cipher text |
| -> Either Error ByteString |
decrypt message using the private key.
When the decryption is not in a context where an attacker could gain information from the timing of the operation, the blinder can be set to None.
If unsure always set a blinder or use decryptSafer
The message is returned un-padded.
Arguments
| :: MonadRandom m | |
| => PrivateKey | RSA private key |
| -> ByteString | cipher text |
| -> m (Either Error ByteString) |
decrypt message using the private key and by automatically generating a blinder.
Arguments
| :: HashAlgorithmASN1 hashAlg | |
| => Maybe Blinder | optional blinder |
| -> Maybe hashAlg | hash algorithm |
| -> PrivateKey | private key |
| -> ByteString | message to sign |
| -> Either Error ByteString |
sign message using private key, a hash and its ASN1 description
When the signature is not in a context where an attacker could gain information from the timing of the operation, the blinder can be set to None.
If unsure always set a blinder or use signSafer
Arguments
| :: (HashAlgorithmASN1 hashAlg, MonadRandom m) | |
| => Maybe hashAlg | Hash algorithm |
| -> PrivateKey | private key |
| -> ByteString | message to sign |
| -> m (Either Error ByteString) |
sign message using the private key and by automatically generating a blinder.
Public key operations
encrypt :: MonadRandom m => PublicKey -> ByteString -> m (Either Error ByteString) Source #
encrypt a bytestring using the public key.
The message needs to be smaller than the key size - 11. The message should not be padded.
verify :: HashAlgorithmASN1 hashAlg => Maybe hashAlg -> PublicKey -> ByteString -> ByteString -> Bool Source #
verify message with the signed message
Hash ASN1 description
class HashAlgorithm hashAlg => HashAlgorithmASN1 hashAlg Source #
A specialized class for hash algorithm that can product a ASN1 wrapped description the algorithm plus the content of the digest.
Minimal complete definition
hashDigestASN1