cryptonite-0.9: Cryptography Primitives sink

License	BSD-style
Maintainer	Vincent Hanquez <vincent@snarc.org>
Stability	stable
Portability	good
Safe Haskell	None
Language	Haskell2010

Crypto.Cipher.ChaChaPoly1305

Description

A simple AEAD scheme using ChaCha20 and Poly1305. See RFC7539.

The State is not modified in place, so each function changing the State, returns a new State.

Authenticated Data need to be added before any call to encrypt or decrypt, and once all the data has been added, then finalizeAAD need to be called.

Once finalizeAAD has been called, no further appendAAD call should be make.

encrypt nonce key hdr inp =
   let st1        = ChaChaPoly1305.initialize key nonce
       st2        = ChaChaPoly1305.finalizeAAD $ ChaChaPoly1305.appendAAD hdr st1
       (out, st3) = ChaChaPoly1305.encrypt inp st2
       auth       = ChaChaPoly1305.finalize st3
    in out `B.append` Data.ByteArray.convert auth

Synopsis

Documentation

data State Source

A ChaChaPoly1305 State.

The state is immutable, and only new state can be created

data Nonce Source

Valid Nonce for ChaChaPoly1305.

It can be created with nonce8 or nonce12

Instances

ByteArrayAccess Nonce Source

nonce12 :: ByteArrayAccess iv => iv -> CryptoFailable Nonce Source

Nonce smart constructor 12 bytes IV, nonce constructor

Arguments

:: ByteArrayAccess ba
=> ba	4 bytes constant
-> ba	8 bytes IV
-> CryptoFailable Nonce

8 bytes IV, nonce constructor

incrementNonce :: Nonce -> Nonce Source

Increment a nonce

initialize :: ByteArrayAccess key => key -> Nonce -> CryptoFailable State Source

Initialize a new ChaChaPoly1305 State

The key length need to be 256 bits, and the nonce procured using either nonce8 or nonce12

appendAAD :: ByteArrayAccess ba => ba -> State -> State Source

Append Authenticated Data to the State and return the new modified State.

Once no further call to this function need to be make, the user should call finalizeAAD

finalizeAAD :: State -> State Source

Finalize the Authenticated Data and return the finalized State

encrypt :: ByteArray ba => ba -> State -> (ba, State) Source

Encrypt a piece of data and returns the encrypted Data and the updated State.

decrypt :: ByteArray ba => ba -> State -> (ba, State) Source

Decrypt a piece of data and returns the decrypted Data and the updated State.

finalize :: State -> Auth Source

Generate an authentication tag from the State.