paseto-0.1.1.1: Platform-Agnostic Security Tokens
Safe HaskellSafe-Inferred
LanguageHaskell2010

Crypto.Paseto.Keys

Description

PASETO cryptographic keys.

Synopsis

Symmetric keys

data SymmetricKey v where Source #

Symmetric key.

Note that this type's Eq instance performs a constant-time equality check.

Constructors

SymmetricKeyV3 :: !ScrubbedBytes32 -> SymmetricKey V3

Version 3 symmetric key.

SymmetricKeyV4 :: !ScrubbedBytes32 -> SymmetricKey V4

Version 4 symmetric key.

Instances

Instances details
Eq (SymmetricKey v) Source # 
Instance details

Defined in Crypto.Paseto.Keys

Methods

(==) :: SymmetricKey v -> SymmetricKey v -> Bool #

(/=) :: SymmetricKey v -> SymmetricKey v -> Bool #

symmetricKeyToBytes :: SymmetricKey v -> ScrubbedBytes Source #

Get the raw bytes associated with a symmetric key.

bytesToSymmetricKeyV3 :: ScrubbedBytes -> Maybe (SymmetricKey V3) Source #

Construct a version 3 symmetric key from bytes.

If the provided byte string does not have a length of 32 (256 bits), Nothing is returned.

bytesToSymmetricKeyV4 :: ScrubbedBytes -> Maybe (SymmetricKey V4) Source #

Construct a version 4 symmetric key from bytes.

If the provided byte string does not have a length of 32 (256 bits), Nothing is returned.

generateSymmetricKeyV3 :: IO (SymmetricKey V3) Source #

Randomly generate a version 3 symmetric key.

generateSymmetricKeyV4 :: IO (SymmetricKey V4) Source #

Randomly generate a version 4 symmetric key.

Asymmetric keys

Signing keys

data SigningKey v where Source #

Signing key (also known as a private/secret key).

Note that this type's Eq instance performs a constant-time equality check.

Constructors

SigningKeyV3 :: !PrivateKeyP384 -> SigningKey V3

Version 3 signing key.

SigningKeyV4 :: !SecretKey -> SigningKey V4

Version 3 signing key.

Instances

Instances details
Eq (SigningKey v) Source # 
Instance details

Defined in Crypto.Paseto.Keys

Methods

(==) :: SigningKey v -> SigningKey v -> Bool #

(/=) :: SigningKey v -> SigningKey v -> Bool #

signingKeyToBytes :: SigningKey v -> ScrubbedBytes Source #

Get the raw bytes associated with a signing key.

bytesToSigningKeyV3 :: ScrubbedBytes -> Either ScalarDecodingError (SigningKey V3) Source #

Construct a version 3 signing key from bytes.

bytesToSigningKeyV4 :: ScrubbedBytes -> Maybe (SigningKey V4) Source #

Construct a version 4 signing key from bytes.

generateSigningKeyV3 :: IO (SigningKey V3) Source #

Randomly generate a version 3 signing key.

generateSigningKeyV4 :: IO (SigningKey V4) Source #

Randomly generate a version 4 signing key.

Verification keys

data VerificationKey v where Source #

Verification key (also known as a public key).

Constructors

VerificationKeyV3 :: !PublicKeyP384 -> VerificationKey V3

Version 3 verification key.

VerificationKeyV4 :: !PublicKey -> VerificationKey V4

Version 4 verification key.

Instances

Instances details
Eq (VerificationKey v) Source # 
Instance details

Defined in Crypto.Paseto.Keys

Methods

(==) :: VerificationKey v -> VerificationKey v -> Bool #

(/=) :: VerificationKey v -> VerificationKey v -> Bool #

verificationKeyToBytes :: VerificationKey v -> ByteString Source #

Get the raw bytes associated with a verification key.

bytesToVerificationKeyV3 :: ByteString -> Either PublicKeyP384DecodingError (VerificationKey V3) Source #

Construct a version 3 verification key from bytes.

The input ByteString is expected to be formatted as either a compressed or uncompressed elliptic curve public key as defined by SEC 1 and RFC 5480 section 2.2.

bytesToVerificationKeyV4 :: ByteString -> Maybe (VerificationKey V4) Source #

Construct a version 4 verification key from bytes.

fromSigningKey :: SigningKey v -> VerificationKey v Source #

Get the VerificationKey which corresponds to a given SigningKey.