-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/
-- | The high-level library aimed at casual users of cryptography, by the
-- Haskell Cryptography Group
@package sel
@version 0.0.2.0
-- | Sel is the library for casual users by the Haskell Cryptography
-- Group.
--
-- It builds on Libsodium, a reliable and audited library for
-- common operations.
--
-- ⚠️ Important note: if you want to use any of this code in an
-- executable, ensure that you use secureMain or
-- secureMainWithError in your main function
-- before you call any functions from this library. Failing to do
-- so will cause problems. For libraries, this is not necessary.
module Sel
secureMain :: IO a -> IO a
secureMainWithError :: IO a -> IO a -> IO a
-- | HMAC provides a way to both encrypt a communication and
-- authenticate its origin.
--
-- This relies on a shared pair of secret keys between all the parties
--
-- The function computing the tag deterministic: the same (message,
-- key) tuple will always produce the same output. However, even if
-- the message is public, knowing the key is required in order to be able
-- to compute a valid tag. Therefore, the key should remain confidential.
-- The tag, however, can be public.
--
-- The following keyed message authentication codes are availabled:
--
--
module Sel.HMAC
module Sel.Hashing.Short
-- | A 128-bit hash of a short input, of size
-- cryptoShortHashSipHashX24Bytes
data ShortHash
-- | Hash a StrictByteString.
--
-- The same message hashed with the same key will always produce the same
-- output.
--
-- The ShortHash is of length
-- cryptoShortHashSipHashX24Bytes
hashByteString :: ShortHashKey -> StrictByteString -> IO ShortHash
-- | Hash a strict Text.
--
-- The same message hashed with the same key will always produce the same
-- output.
--
-- The ShortHash is of length
-- cryptoShortHashSipHashX24Bytes
hashText :: ShortHashKey -> Text -> IO ShortHash
-- | Convert a ShortHash to a strict binary StrictByteString.
shortHashToBinary :: ShortHash -> StrictByteString
-- | Convert a ShortHash to a strict hexadecimal-encoded
-- Text.
shortHashToHexText :: ShortHash -> Text
-- | Convert a ShortHash to a hexadecimal-encoded
-- StrictByteString.
shortHashToHexByteString :: ShortHash -> StrictByteString
-- | A random key used for hashing, of size
-- cryptoShortHashSipHashX24KeyBytes.
--
-- The same message hashed with the same key will always produce the same
-- output.
data ShortHashKey
-- | Generate a random ShortHashKey of size
-- cryptoShortHashSipHashX24KeyBytes
newKey :: IO ShortHashKey
-- | Convert a ShortHash to a strict binary StrictByteString.
shortHashKeyToBinary :: ShortHashKey -> StrictByteString
-- | Convert a ShortHash to a strict hexadecimal-encoded
-- Text.
shortHashKeyToHexText :: ShortHashKey -> Text
-- | Convert a ShortHash to a hexadecimal-encoded
-- StrictByteString.
shortHashKeyToHexByteString :: ShortHashKey -> StrictByteString
-- | Convert a binary StrictByteString to a ShortHashKey.
--
-- The input key must be of length
-- cryptoShortHashSipHashX24KeyBytes
binaryToShortHashKey :: StrictByteString -> Maybe ShortHashKey
-- | Convert a strict hexadecimal-encoded Text to a
-- ShortHashKey.
--
-- The input key, once decoded from base16, must be of length
-- cryptoShortHashSipHashX24KeyBytes
hexTextToShortHashKey :: Text -> Maybe ShortHashKey
-- | Convert a hexadecimal-encoded StrictByteString to a
-- ShortHashKey.
--
-- The input key, once decoded from base16, must be of length
-- cryptoShortHashSipHashX24KeyBytes
hexByteStringToShortHashKey :: StrictByteString -> Maybe ShortHashKey
-- | Exception thrown upon error during hashing by hashByteString or
-- hashText.
data ShortHashingException
ShortHashingException :: ShortHashingException
instance Data.Text.Display.Core.Display Sel.Hashing.Short.ShortHashingException
instance GHC.Exception.Type.Exception Sel.Hashing.Short.ShortHashingException
instance GHC.Classes.Ord Sel.Hashing.Short.ShortHashingException
instance GHC.Classes.Eq Sel.Hashing.Short.ShortHashingException
instance GHC.Show.Show Sel.Hashing.Short.ShortHashingException
instance GHC.Classes.Eq Sel.Hashing.Short.ShortHashKey
instance GHC.Classes.Ord Sel.Hashing.Short.ShortHashKey
instance GHC.Show.Show Sel.Hashing.Short.ShortHashKey
instance Data.Text.Display.Core.Display Sel.Hashing.Short.ShortHashKey
instance GHC.Classes.Eq Sel.Hashing.Short.ShortHash
instance GHC.Classes.Ord Sel.Hashing.Short.ShortHash
instance GHC.Show.Show Sel.Hashing.Short.ShortHash
instance Data.Text.Display.Core.Display Sel.Hashing.Short.ShortHash
module Sel.Hashing.SHA512
-- | A hashed value from the SHA-512 algorithm.
data Hash
-- | Convert a Hash to a binary StrictByteString.
hashToBinary :: Hash -> StrictByteString
-- | Convert a Hash to a strict hexadecimal Text.
hashToHexText :: Hash -> Text
-- | Convert a Hash to a strict, hexadecimal-encoded
-- StrictByteString.
hashToHexByteString :: Hash -> StrictByteString
-- | Hash a StrictByteString with the SHA-512 algorithm.
hashByteString :: StrictByteString -> IO Hash
-- | Hash a UTF8-encoded strict Text with the SHA-512 algorithm.
hashText :: Text -> IO Hash
-- | Multipart is a cryptographic context for streaming hashing.
-- This API can be used when a message is too big to fit in memory or
-- when the message is received in portions.
--
-- Use it like this:
--
--
-- >>> hash <- SHA512.withMultipart $ \multipartState -> do -- we are in MonadIO
-- ... message1 <- getMessage
-- ... SHA512.updateMultipart multipartState message1
-- ... message2 <- getMessage
-- ... SHA512.updateMultipart multipartState message2
--
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context.
--
-- Use updateMultipart and finaliseMultipart inside of the
-- continuation.
--
-- The context is safely allocated and deallocated inside of the
-- continuation.
withMultipart :: forall (a :: Type) (m :: Type -> Type). MonadIO m => (forall s. Multipart s -> m a) -> m Hash
-- | Add a message portion to be hashed.
--
-- This function should be used within withMultipart.
updateMultipart :: Multipart s -> StrictByteString -> IO ()
instance GHC.Classes.Eq Sel.Hashing.SHA512.Hash
instance GHC.Classes.Ord Sel.Hashing.SHA512.Hash
instance Foreign.Storable.Storable Sel.Hashing.SHA512.Hash
instance Data.Text.Display.Core.Display Sel.Hashing.SHA512.Hash
instance GHC.Show.Show Sel.Hashing.SHA512.Hash
module Sel.Hashing.SHA256
-- | A hashed value from the SHA-256 algorithm.
data Hash
-- | Hash a StrictByteString with the SHA-256 algorithm.
hashByteString :: StrictByteString -> IO Hash
-- | Hash a UTF8-encoded strict Text with the SHA-256 algorithm.
hashText :: Text -> IO Hash
-- | Multipart is a cryptographic context for streaming hashing.
-- This API can be used when a message is too big to fit in memory or
-- when the message is received in portions.
--
-- Use it like this:
--
--
-- >>> hash <- SHA256.withMultipart $ \multipartState -> do -- we are in MonadIO
-- ... message1 <- getMessage
-- ... SHA256.updateMultipart multipartState message1
-- ... message2 <- getMessage
-- ... SHA256.updateMultipart multipartState message2
--
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context.
--
-- Use updateMultipart within the continuation.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
withMultipart :: forall (a :: Type) (m :: Type -> Type). MonadIO m => (forall s. Multipart s -> m a) -> m Hash
-- | Add a message portion to be hashed.
--
-- This function should be used within withMultipart.
updateMultipart :: Multipart s -> StrictByteString -> IO ()
-- | Convert a Hash to a binary StrictByteString.
hashToBinary :: Hash -> StrictByteString
-- | Convert a Hash to a strict hexadecimal Text.
hashToHexText :: Hash -> Text
-- | Convert a Hash to a strict, hexadecimal-encoded
-- StrictByteString.
hashToHexByteString :: Hash -> StrictByteString
instance GHC.Classes.Eq Sel.Hashing.SHA256.Hash
instance GHC.Classes.Ord Sel.Hashing.SHA256.Hash
instance Foreign.Storable.Storable Sel.Hashing.SHA256.Hash
instance Data.Text.Display.Core.Display Sel.Hashing.SHA256.Hash
instance GHC.Show.Show Sel.Hashing.SHA256.Hash
module Sel.Hashing.Password
-- | A hashed password from the Argon2id algorithm.
data PasswordHash
-- | Hash the password with the Argon2id algorithm and a set of pre-defined
-- parameters.
--
-- The hash is encoded in a human-readable format that includes:
--
--
-- - The result of a memory-hard, CPU-intensive hash function applied
-- to the password;
-- - The automatically generated salt used for the previous
-- computation;
-- - The other parameters required to verify the password, including
-- the algorithm identifier, its version, opslimit, and memlimit.
--
--
-- Example output:
-- $argon2id$v=19$m=262144,t=3,p=1$fpPdXj9mK7J4m…
hashByteString :: StrictByteString -> IO PasswordHash
-- | Hash a UTF8-encoded password with the Argon2id algorithm and a set of
-- pre-defined parameters.
hashText :: Text -> IO PasswordHash
-- | Verify the password hash against a clear StrictByteString
-- password
--
-- This function purposefully takes some time to complete, in order to
-- alleviate bruteforce attacks.
verifyByteString :: PasswordHash -> StrictByteString -> Bool
-- | Verify the password hash against a clear Text password
--
-- This function purposefully takes some time to complete, in order to
-- alleviate bruteforce attacks.
verifyText :: PasswordHash -> Text -> Bool
-- | Hash the password with the Argon2id algorithm.
--
-- The hash is not encoded in human-readable format.
hashByteStringWithParams :: Argon2Params -> Salt -> StrictByteString -> IO PasswordHash
-- | Convert a PasswordHash to a StrictByteString.
passwordHashToByteString :: PasswordHash -> StrictByteString
-- | Convert a PasswordHash to a strict Text.
passwordHashToText :: PasswordHash -> Text
-- | Convert a PasswordHash to a strict hexadecimal-encoded
-- Text.
--
-- It is recommended to use this one on a PasswordHash produced by
-- hashByteStringWithParams.
passwordHashToHexText :: PasswordHash -> Text
-- | Convert a PasswordHash to a hexadecimal-encoded
-- StrictByteString.
--
-- It is recommended to use this one on a PasswordHash produced by
-- hashByteStringWithParams.
passwordHashToHexByteString :: PasswordHash -> StrictByteString
-- | Convert an ascii-encoded password hash to a PasswordHash
--
-- This function does not perform ASCII validation.
asciiTextToPasswordHash :: Text -> PasswordHash
-- | Convert an ascii-encoded password hash to a PasswordHash
--
-- This function does not perform ASCII validation.
asciiByteStringToPasswordHash :: StrictByteString -> PasswordHash
-- | The Salt is used in conjunction with
-- hashByteStringWithParams when you want to manually provide the
-- piece of data that will differentiate two fingerprints of the same
-- password.
--
-- It is automatically taken care of for you when you use
-- hashByteString or hashText.
--
-- Use genSalt to create a Salt of size equal to the
-- constant cryptoPWHashSaltBytes.
data Salt
-- | Generate a random Salt for password hashing
genSalt :: IO Salt
-- | Convert Salt to underlying StrictByteString binary.
saltToBinary :: Salt -> StrictByteString
-- | Convert Salt to a strict hexadecimal-encoded Text.
saltToHexText :: Salt -> Text
-- | Convert Salt to a hexadecimal-encoded StrictByteString.
saltToHexByteString :: Salt -> StrictByteString
-- | Convert StrictByteString to Salt.
--
-- The input salt must be of length cryptoPWHashSaltBytes.
binaryToSalt :: StrictByteString -> Maybe Salt
-- | Convert a strict hexadecimal-encoded Text to a Salt.
--
-- The input salt, once decoded from base16, must be of length
-- cryptoPWHashSaltBytes.
hexTextToSalt :: Text -> Maybe Salt
-- | Convert a hexadecimal-encoded StrictByteString to a
-- Salt.
--
-- The input salt, once decoded from base16, must be of length
-- cryptoPWHashSaltBytes.
hexByteStringToSalt :: StrictByteString -> Maybe Salt
data Argon2Params
Argon2Params :: CULLong -> CSize -> Argon2Params
-- | These are the default parameters with which
-- hashByteStringWithParams can be invoked:
--
--
defaultArgon2Params :: Argon2Params
instance GHC.Generics.Generic Sel.Hashing.Password.PasswordHash
instance GHC.Show.Show Sel.Hashing.Password.Salt
instance GHC.Classes.Ord Sel.Hashing.Password.Salt
instance GHC.Classes.Eq Sel.Hashing.Password.Salt
instance Data.Text.Display.Core.Display Sel.Hashing.Password.Salt
instance Data.Text.Display.Core.Display Sel.Hashing.Password.PasswordHash
instance GHC.Classes.Eq Sel.Hashing.Password.PasswordHash
instance GHC.Classes.Ord Sel.Hashing.Password.PasswordHash
instance GHC.Show.Show Sel.Hashing.Password.PasswordHash
module Sel.Hashing
-- | The HashKey is used to produce distinct fingerprints for the
-- same message. It is optional to use, and hashByteString will
-- always produce the same fingerprint for the same message if a
-- HashKey is not given. This behaviour is similar to MD5 and
-- SHA-1 functions, for which hashByteString is a faster and more
-- secure alternative.
--
-- Create a new HashKey with newHashKey.
data HashKey
-- | Create a new HashKey of size cryptoGenericHashKeyBytes.
newHashKey :: IO HashKey
-- | The fingerprint computed by hashByteString. It is produced by
-- the BLAKE2b algorithm, and is of size cryptoGenericHashBytes,
-- as recommended.
--
-- You can produce a human-readable string representation of a
-- Hash by using the display function.
data Hash
-- | Hash a StrictByteString with the BLAKE2b algorithm, and an
-- optional key.
--
-- Without a HashKey, hashing the same data twice will give the
-- same result.
hashByteString :: Maybe HashKey -> StrictByteString -> IO Hash
-- | Multipart is a cryptographic context for streaming hashing.
-- This API can be used when a message is too big to fit in memory or
-- when the message is received in portions.
--
-- Use it like this:
--
--
-- >>> hashKey <- Hashing.newHashKey
--
-- >>> hash <- Hashing.withMultipart (Just hashKey) $ \multipartState -> do -- we are in MonadIO
-- ... message1 <- getMessage
-- ... Hashing.updateMultipart multipartState message1
-- ... message2 <- getMessage
-- ... Hashing.updateMultipart multipartState message2
--
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context. If there is no HashKey, you will get the same output
-- for the same input all the time.
--
-- Use updateMultipart within the continuation to add more message
-- parts to be hashed.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
withMultipart :: forall (a :: Type) (m :: Type -> Type). MonadIO m => Maybe HashKey -> (forall s. Multipart s -> m a) -> m Hash
-- | Add a message portion to be hashed.
--
-- This function is to be used within withMultipart.
updateMultipart :: forall (m :: Type -> Type) (s :: Type). MonadIO m => Multipart s -> StrictByteString -> m ()
-- | Convert a Hash to a strict, hexadecimal-encoded Text.
hashToHexText :: Hash -> Text
-- | Convert a Hash to a strict, hexadecimal-encoded
-- StrictByteString.
hashToHexByteString :: Hash -> StrictByteString
-- | Convert a Hash to a strict binary StrictByteString.
hashToBinary :: Hash -> StrictByteString
instance GHC.Classes.Eq Sel.Hashing.Hash
instance GHC.Classes.Ord Sel.Hashing.Hash
instance Foreign.Storable.Storable Sel.Hashing.Hash
instance Data.Text.Display.Core.Display Sel.Hashing.Hash
instance GHC.Show.Show Sel.Hashing.Hash
instance GHC.Classes.Eq Sel.Hashing.HashKey
instance GHC.Classes.Ord Sel.Hashing.HashKey
module Sel.HMAC.SHA512_256
-- | Compute an authentication tag for a message with a secret key shared
-- by all parties.
authenticate :: StrictByteString -> AuthenticationKey -> IO AuthenticationTag
-- | Multipart is a cryptographic context for streaming hashing.
-- This API can be used when a message is too big to fit in memory or
-- when the message is received in portions.
--
-- Use it like this:
--
--
-- >>> secretKey <- HMAC.newSecreKey
--
-- >>> hash <- HMAC.withMultipart secretKey $ \multipartState -> do -- we are in MonadIO
-- ... message1 <- getMessage
-- ... HMAC.updateMultipart multipartState message1
-- ... message2 <- getMessage
-- ... HMAC.updateMultipart multipartState message2
--
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context.
--
-- Use updateMultipart within the continuation.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
withMultipart :: forall (a :: Type) (m :: Type -> Type). MonadIO m => AuthenticationKey -> (forall s. Multipart s -> m a) -> m AuthenticationTag
-- | Add a message portion to be hashed.
--
-- This function should be used within withMultipart.
updateMultipart :: Multipart s -> StrictByteString -> IO ()
-- | Verify that the tag is valid for the provided message and secret key.
verify :: AuthenticationTag -> AuthenticationKey -> StrictByteString -> Bool
-- | A secret authentication key of size
-- cryptoAuthHMACSHA512256Bytes.
data AuthenticationKey
-- | Generate a new random secret key of size
-- cryptoAuthHMACSHA512256KeyBytes.
newAuthenticationKey :: IO AuthenticationKey
-- | Create an AuthenticationKey from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthHMACSHA512256Bytes.
authenticationKeyFromHexByteString :: StrictByteString -> Either Text AuthenticationKey
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToHexByteString :: AuthenticationKey -> StrictByteString
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- This format is useful if you need conversion to base32 or base64.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToBinary :: AuthenticationKey -> StrictByteString
-- | A secret authentication key of size
-- cryptoAuthHMACSHA512256Bytes.
data AuthenticationTag
-- | Convert an AuthenticationTag to a hexadecimal-encoded
-- StrictByteString.
authenticationTagToHexByteString :: AuthenticationTag -> StrictByteString
-- | Convert an AuthenticationTag to a binary
-- StrictByteString.
authenticationTagToBinary :: AuthenticationTag -> StrictByteString
-- | Create an AuthenticationTag from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthHMACSHA512256Bytes.
authenticationTagFromHexByteString :: StrictByteString -> Either Text AuthenticationTag
instance Data.Text.Display.Core.Display Sel.HMAC.SHA512_256.AuthenticationKey
instance Data.Text.Display.Core.Display Sel.HMAC.SHA512_256.AuthenticationTag
instance GHC.Classes.Eq Sel.HMAC.SHA512_256.AuthenticationTag
instance GHC.Classes.Ord Sel.HMAC.SHA512_256.AuthenticationTag
instance GHC.Show.Show Sel.HMAC.SHA512_256.AuthenticationTag
instance GHC.Classes.Eq Sel.HMAC.SHA512_256.AuthenticationKey
instance GHC.Classes.Ord Sel.HMAC.SHA512_256.AuthenticationKey
instance GHC.Show.Show Sel.HMAC.SHA512_256.AuthenticationKey
module Sel.HMAC.SHA512
-- | Compute an authentication tag for a message with a secret key shared
-- by all parties.
authenticate :: StrictByteString -> AuthenticationKey -> IO AuthenticationTag
-- | Multipart is a cryptographic context for streaming hashing.
-- This API can be used when a message is too big to fit in memory or
-- when the message is received in portions.
--
-- Use it like this:
--
--
-- >>> secretKey <- HMAC.newSecreKey
--
-- >>> hash <- HMAC.withMultipart secretKey $ \multipartState -> do -- we are in MonadIO
-- ... message1 <- getMessage
-- ... HMAC.updateMultipart multipartState message1
-- ... message2 <- getMessage
-- ... HMAC.updateMultipart multipartState message2
--
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context.
--
-- Use updateMultipart within the continuation.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
withMultipart :: forall (a :: Type) (m :: Type -> Type). MonadIO m => AuthenticationKey -> (forall s. Multipart s -> m a) -> m AuthenticationTag
-- | Add a message portion to be hashed.
--
-- This function should be used within withMultipart.
updateMultipart :: Multipart s -> StrictByteString -> IO ()
-- | Verify that the tag is valid for the provided message and secret key.
verify :: AuthenticationTag -> AuthenticationKey -> StrictByteString -> Bool
-- | A secret authentication key of size cryptoAuthHMACSHA512Bytes.
data AuthenticationKey
-- | Generate a new random secret key of size
-- cryptoAuthHMACSHA512KeyBytes.
newAuthenticationKey :: IO AuthenticationKey
-- | Create an AuthenticationKey from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthHMACSHA512Bytes.
authenticationKeyFromHexByteString :: StrictByteString -> Either Text AuthenticationKey
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToHexByteString :: AuthenticationKey -> StrictByteString
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- This format is useful if you need conversion to base32 or base64.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToBinary :: AuthenticationKey -> StrictByteString
-- | A secret authentication key of size cryptoAuthHMACSHA512Bytes.
data AuthenticationTag
-- | Convert an AuthenticationTag to a hexadecimal-encoded
-- StrictByteString.
authenticationTagToHexByteString :: AuthenticationTag -> StrictByteString
-- | Convert an AuthenticationTag to a binary
-- StrictByteString.
authenticationTagToBinary :: AuthenticationTag -> StrictByteString
-- | Create an AuthenticationTag from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthHMACSHA512Bytes.
authenticationTagFromHexByteString :: StrictByteString -> Either Text AuthenticationTag
instance Data.Text.Display.Core.Display Sel.HMAC.SHA512.AuthenticationKey
instance Data.Text.Display.Core.Display Sel.HMAC.SHA512.AuthenticationTag
instance GHC.Classes.Eq Sel.HMAC.SHA512.AuthenticationTag
instance GHC.Classes.Ord Sel.HMAC.SHA512.AuthenticationTag
instance GHC.Show.Show Sel.HMAC.SHA512.AuthenticationTag
instance GHC.Classes.Eq Sel.HMAC.SHA512.AuthenticationKey
instance GHC.Classes.Ord Sel.HMAC.SHA512.AuthenticationKey
instance GHC.Show.Show Sel.HMAC.SHA512.AuthenticationKey
module Sel.HMAC.SHA256
-- | Compute an authentication tag for a message with a secret key shared
-- by all parties.
authenticate :: StrictByteString -> AuthenticationKey -> IO AuthenticationTag
-- | Multipart is a cryptographic context for streaming hashing.
-- This API can be used when a message is too big to fit in memory or
-- when the message is received in portions.
--
-- Use it like this:
--
--
-- >>> secretKey <- HMAC.newSecreKey
--
-- >>> hash <- HMAC.withMultipart secretKey $ \multipartState -> do -- we are in MonadIO
-- ... message1 <- getMessage
-- ... HMAC.updateMultipart multipartState message1
-- ... message2 <- getMessage
-- ... HMAC.updateMultipart multipartState message2
--
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context.
--
-- Use updateMultipart within the continuation.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
withMultipart :: forall (a :: Type) (m :: Type -> Type). MonadIO m => AuthenticationKey -> (forall s. Multipart s -> m a) -> m AuthenticationTag
-- | Add a message portion to be hashed.
--
-- This function should be used within withMultipart.
updateMultipart :: Multipart s -> StrictByteString -> IO ()
-- | Verify that the tag is valid for the provided message and secret key.
verify :: AuthenticationTag -> AuthenticationKey -> StrictByteString -> Bool
-- | A secret authentication key of size cryptoAuthHMACSHA256Bytes.
data AuthenticationKey
-- | Generate a new random secret key of size
-- cryptoAuthHMACSHA256KeyBytes.
newAuthenticationKey :: IO AuthenticationKey
-- | Create an AuthenticationKey from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthHMACSHA256Bytes.
authenticationKeyFromHexByteString :: StrictByteString -> Either Text AuthenticationKey
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- This format is useful if you need conversion to base32 or base64.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToBinary :: AuthenticationKey -> StrictByteString
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToHexByteString :: AuthenticationKey -> StrictByteString
-- | A secret authentication key of size cryptoAuthHMACSHA256Bytes.
data AuthenticationTag
-- | Convert an AuthenticationTag to a hexadecimal-encoded
-- StrictByteString.
authenticationTagToHexByteString :: AuthenticationTag -> StrictByteString
-- | Convert an AuthenticationTag to a binary
-- StrictByteString.
authenticationTagToBinary :: AuthenticationTag -> StrictByteString
-- | Create an AuthenticationTag from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthHMACSHA256Bytes.
authenticationTagFromHexByteString :: StrictByteString -> Either Text AuthenticationTag
instance Data.Text.Display.Core.Display Sel.HMAC.SHA256.AuthenticationKey
instance Data.Text.Display.Core.Display Sel.HMAC.SHA256.AuthenticationTag
instance GHC.Classes.Eq Sel.HMAC.SHA256.AuthenticationTag
instance GHC.Classes.Ord Sel.HMAC.SHA256.AuthenticationTag
instance GHC.Show.Show Sel.HMAC.SHA256.AuthenticationTag
instance GHC.Classes.Eq Sel.HMAC.SHA256.AuthenticationKey
instance GHC.Classes.Ord Sel.HMAC.SHA256.AuthenticationKey
instance GHC.Show.Show Sel.HMAC.SHA256.AuthenticationKey
module Sel.PublicKey.Cipher
-- | Generate a new random secret key.
--
-- May throw KeyPairGenerationException if the generation fails.
newKeyPair :: IO (PublicKey, SecretKey)
-- | A secret key of size cryptoBoxSecretKeyBytes.
newtype SecretKey
SecretKey :: ForeignPtr CUChar -> SecretKey
-- | Convert a SecretKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeSecretKeyToHexByteString :: SecretKey -> StrictByteString
-- | A public key of size cryptoBoxPublicKeyBytes.
newtype PublicKey
PublicKey :: ForeignPtr CUChar -> PublicKey
-- | Convert a PublicKey to a hexadecimal-encoded
-- StrictByteString.
publicKeyToHexByteString :: PublicKey -> StrictByteString
-- | Create a pair of SecretKey and PublicKey from
-- hexadecimal-encoded StrictByteStrings that you have obtained on
-- your own, usually from the network or disk.
--
-- The public and secret keys, once decoded from base16, must
-- respectively be at least of length cryptoBoxPublicKeyBytes and
-- 'cryptoBoxSecretKeyBytes.
keyPairFromHexByteStrings :: StrictByteString -> StrictByteString -> Either Text (PublicKey, SecretKey)
-- | Convert a SecretKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
--
-- A random number that must only be used once per exchanged message. It
-- does not have to be confidential. It is of size
-- cryptoBoxNonceBytes.
newtype Nonce
Nonce :: ForeignPtr CUChar -> Nonce
-- | Create a Nonce from a hexadecimal-encoded
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
nonceFromHexByteString :: StrictByteString -> Either Text Nonce
-- | Convert a Nonce to a hexadecimal-encoded
-- StrictByteString.
nonceToHexByteString :: Nonce -> StrictByteString
-- | A ciphertext consisting of an encrypted message and an authentication
-- tag.
data CipherText
CipherText :: CULLong -> ForeignPtr CUChar -> CipherText
[messageLength] :: CipherText -> CULLong
[cipherTextForeignPtr] :: CipherText -> ForeignPtr CUChar
-- | Create a CipherText from a binary StrictByteString that
-- you have obtained on your own, usually from the network or disk. It
-- must be a valid cipherText built from the concatenation of the
-- encrypted message and the authentication tag.
--
-- The input cipher text, once decoded from base16, must be at least of
-- length cryptoBoxMACBytes.
cipherTextFromHexByteString :: StrictByteString -> Either Text CipherText
-- | Convert a CipherText to a hexadecimal-encoded Text.
--
-- ⚠️ Be prudent as to where you store it!
cipherTextToHexText :: CipherText -> Text
-- | Convert a CipherText to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
cipherTextToHexByteString :: CipherText -> StrictByteString
-- | Convert a CipherText to a binary StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
cipherTextToBinary :: CipherText -> StrictByteString
-- | Create an authenticated CipherText from a message, a
-- SecretKey, and a one-time cryptographic Nonce that must
-- never be re-used with the same secret key to encrypt another message.
encrypt :: StrictByteString -> PublicKey -> SecretKey -> IO (Nonce, CipherText)
-- | Decrypt a CipherText and authenticated message with the shared
-- secret key and the one-time cryptographic nonce.
decrypt :: CipherText -> PublicKey -> SecretKey -> Nonce -> Maybe StrictByteString
-- | Exception thrown upon error during the generation of the key pair by
-- newKeyPair.
data KeyPairGenerationException
KeyPairGenerationException :: KeyPairGenerationException
-- | Exception thrown upon error during the encryption of the message by
-- encrypt.
data EncryptionError
EncryptionError :: EncryptionError
instance Data.Text.Display.Core.Display Sel.PublicKey.Cipher.SecretKey
instance Data.Text.Display.Core.Display Sel.PublicKey.Cipher.PublicKey
instance Data.Text.Display.Core.Display Sel.PublicKey.Cipher.Nonce
instance GHC.Exception.Type.Exception Sel.PublicKey.Cipher.KeyPairGenerationException
instance GHC.Show.Show Sel.PublicKey.Cipher.KeyPairGenerationException
instance GHC.Classes.Ord Sel.PublicKey.Cipher.KeyPairGenerationException
instance GHC.Classes.Eq Sel.PublicKey.Cipher.KeyPairGenerationException
instance GHC.Exception.Type.Exception Sel.PublicKey.Cipher.EncryptionError
instance GHC.Show.Show Sel.PublicKey.Cipher.EncryptionError
instance GHC.Classes.Ord Sel.PublicKey.Cipher.EncryptionError
instance GHC.Classes.Eq Sel.PublicKey.Cipher.EncryptionError
instance GHC.Classes.Eq Sel.PublicKey.Cipher.CipherText
instance GHC.Classes.Ord Sel.PublicKey.Cipher.CipherText
instance Data.Text.Display.Core.Display Sel.PublicKey.Cipher.CipherText
instance GHC.Show.Show Sel.PublicKey.Cipher.CipherText
instance GHC.Classes.Eq Sel.PublicKey.Cipher.Nonce
instance GHC.Classes.Ord Sel.PublicKey.Cipher.Nonce
instance GHC.Show.Show Sel.PublicKey.Cipher.Nonce
instance GHC.Classes.Eq Sel.PublicKey.Cipher.PublicKey
instance GHC.Classes.Ord Sel.PublicKey.Cipher.PublicKey
instance GHC.Show.Show Sel.PublicKey.Cipher.PublicKey
instance GHC.Classes.Eq Sel.PublicKey.Cipher.SecretKey
instance GHC.Classes.Ord Sel.PublicKey.Cipher.SecretKey
instance GHC.Show.Show Sel.PublicKey.Cipher.SecretKey
module Sel.PublicKey.Seal
-- | A public key of size cryptoBoxPublicKeyBytes.
newtype PublicKey
PublicKey :: ForeignPtr CUChar -> PublicKey
-- | A secret key of size cryptoBoxSecretKeyBytes.
newtype SecretKey
SecretKey :: ForeignPtr CUChar -> SecretKey
-- | Generate a new random secret key.
--
-- May throw KeyPairGenerationException if the generation fails.
newKeyPair :: IO (PublicKey, SecretKey)
-- | Encrypt a message with the recipient's public key. A key pair for the
-- sender is generated, and the public key of that pair is attached to
-- the cipher text. The secret key of the sender's pair is automatically
-- destroyed.
seal :: StrictByteString -> PublicKey -> IO CipherText
-- | Open a sealed message from an unknown sender. You need your public and
-- secret keys.
open :: CipherText -> PublicKey -> SecretKey -> Maybe StrictByteString
-- | Exception thrown upon error during the generation of the key pair by
-- newKeyPair.
data KeyPairGenerationException
-- | Exception thrown upon error during the encryption of the message by
-- encrypt.
data EncryptionError
module Sel.PublicKey.Signature
data PublicKey
data SecretKey
data SignedMessage
-- | Generate a pair of public and secret key.
--
-- The length parameters used are cryptoSignPublicKeyBytes and
-- cryptoSignSecretKeyBytes.
generateKeyPair :: IO (PublicKey, SecretKey)
-- | Sign a message.
signMessage :: StrictByteString -> SecretKey -> IO SignedMessage
-- | Open a signed message with the signatory's public key. The function
-- returns Nothing if there is a key mismatch.
openMessage :: SignedMessage -> PublicKey -> Maybe StrictByteString
-- | Get the signature part of a SignedMessage.
getSignature :: SignedMessage -> StrictByteString
-- | Get the message part of a SignedMessage without verifying
-- the signature.
unsafeGetMessage :: SignedMessage -> StrictByteString
-- | Combine a message and a signature into a SignedMessage.
mkSignature :: StrictByteString -> StrictByteString -> SignedMessage
instance GHC.Classes.Eq Sel.PublicKey.Signature.SignedMessage
instance GHC.Classes.Ord Sel.PublicKey.Signature.SignedMessage
instance GHC.Classes.Eq Sel.PublicKey.Signature.SecretKey
instance GHC.Classes.Ord Sel.PublicKey.Signature.SecretKey
instance GHC.Classes.Eq Sel.PublicKey.Signature.PublicKey
instance GHC.Classes.Ord Sel.PublicKey.Signature.PublicKey
module Sel.Scrypt
-- | A hashed password from the Scrypt algorithm.
data ScryptHash
-- | Hash the password with the Scrypt algorithm and a set of pre-defined
-- parameters.
--
-- The hash is encoded in a human-readable format that includes:
--
--
-- - The result of a memory-hard, CPU-intensive hash function applied
-- to the password;
-- - The automatically generated salt used for the previous
-- computation;
-- - The other parameters required to verify the password, including
-- the algorithm identifier, its version, opslimit, and memlimit.
--
--
-- Example output:
-- "$7$C6........dLONLMz8YfO.EKvzwOeqWVVLmXg62MC.hL1m1sYtO/$X9eNjVxdD4jHAhOVid3OLzNkpv6ADJSAXygOxXqGHg7NUL"
scryptHashPassword :: StrictByteString -> IO ScryptHash
-- | Verify a hashed password against a password verification string. This
-- returns True if successful.
scryptVerifyPassword :: StrictByteString -> ScryptHash -> IO Bool
-- | Convert a ScryptHash to a binary StrictByteString.
scryptHashToByteString :: ScryptHash -> StrictByteString
-- | Convert a ScryptHash to a hexadecimal-encoded Text.
scryptHashToText :: ScryptHash -> Text
-- | Convert an ASCII-encoded password hash to a ScryptHash
--
-- This function does not perform ASCII validation.
asciiTextToScryptHash :: Text -> ScryptHash
-- | Convert an ASCII-encoded password hash to a ScryptHash
--
-- This function does not perform ASCII validation.
asciiByteStringToScryptHash :: StrictByteString -> ScryptHash
instance GHC.Classes.Eq Sel.Scrypt.ScryptHash
instance GHC.Classes.Ord Sel.Scrypt.ScryptHash
instance GHC.Show.Show Sel.Scrypt.ScryptHash
instance Data.Text.Display.Core.Display Sel.Scrypt.ScryptHash
module Sel.SecretKey.Authentication
-- | Compute an authentication tag for a message with a secret key shared
-- by all parties.
authenticate :: StrictByteString -> AuthenticationKey -> IO AuthenticationTag
-- | Verify that the tag is valid for the provided message and secret key.
verify :: AuthenticationTag -> AuthenticationKey -> StrictByteString -> Bool
-- | A secret authentication key of size cryptoAuthKeyBytes.
data AuthenticationKey
-- | Generate a new random secret key.
newAuthenticationKey :: IO AuthenticationKey
-- | Create an AuthenticationKey from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthKeyBytes.
authenticationKeyFromHexByteString :: StrictByteString -> Either Text AuthenticationKey
-- | Convert a 'AuthenticationKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeAuthenticationKeyToHexByteString :: AuthenticationKey -> StrictByteString
-- | A secret authentication key of size cryptoAuthBytes.
data AuthenticationTag
-- | Convert an AuthenticationTag to a hexadecimal-encoded
-- StrictByteString.
authenticationTagToHexByteString :: AuthenticationTag -> StrictByteString
-- | Create an AuthenticationTag from a binary
-- StrictByteString that you have obtained on your own, usually
-- from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoAuthBytes.
authenticationTagFromHexByteString :: StrictByteString -> Either Text AuthenticationTag
instance Data.Text.Display.Core.Display Sel.SecretKey.Authentication.AuthenticationKey
instance Data.Text.Display.Core.Display Sel.SecretKey.Authentication.AuthenticationTag
instance GHC.Classes.Eq Sel.SecretKey.Authentication.AuthenticationTag
instance GHC.Classes.Ord Sel.SecretKey.Authentication.AuthenticationTag
instance GHC.Show.Show Sel.SecretKey.Authentication.AuthenticationTag
instance GHC.Classes.Eq Sel.SecretKey.Authentication.AuthenticationKey
instance GHC.Classes.Ord Sel.SecretKey.Authentication.AuthenticationKey
instance GHC.Show.Show Sel.SecretKey.Authentication.AuthenticationKey
module Sel.SecretKey.Cipher
-- | Create an authenticated hash from a message, a secret key, and a
-- one-time cryptographic nonce that must never be re-used with the same
-- secret key to encrypt another message.
encrypt :: StrictByteString -> SecretKey -> IO (Nonce, Hash)
-- | Decrypt a hashed and authenticated message with the shared secret key
-- and the one-time cryptographic nonce.
decrypt :: Hash -> SecretKey -> Nonce -> Maybe StrictByteString
-- | A secret key of size cryptoSecretboxKeyBytes.
data SecretKey
-- | Generate a new random secret key.
newSecretKey :: IO SecretKey
-- | Create a SecretKey from a binary StrictByteString that
-- you have obtained on your own, usually from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoSecretboxKeyBytes.
secretKeyFromHexByteString :: StrictByteString -> Either Text SecretKey
-- | Convert a SecretKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeSecretKeyToHexByteString :: SecretKey -> StrictByteString
-- | A random number that must only be used once per exchanged message. It
-- does not have to be confidential. It is of size
-- cryptoSecretboxNonceBytes.
data Nonce
-- | Create a Nonce from a binary StrictByteString that you
-- have obtained on your own, usually from the network or disk. Once
-- decoded from hexadecimal, it must be of length
-- cryptoSecretboxNonceBytes.
nonceFromHexByteString :: StrictByteString -> Either Text Nonce
-- | Convert a Nonce to a hexadecimal-encoded
-- StrictByteString.
nonceToHexByteString :: Nonce -> StrictByteString
-- | A ciphertext consisting of an encrypted message and an authentication
-- tag.
data Hash
-- | Create a Hash from a binary StrictByteString that you
-- have obtained on your own, usually from the network or disk. It must
-- be a valid hash built from the concatenation of the encrypted message
-- and the authentication tag.
--
-- The input hash must at least of length cryptoSecretboxMACBytes
hashFromHexByteString :: StrictByteString -> Either Text Hash
-- | Convert a Hash to a binary StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
hashToBinary :: Hash -> StrictByteString
-- | Convert a Hash to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
hashToHexByteString :: Hash -> StrictByteString
-- | Convert a Hash to a hexadecimal-encoded Text.
--
-- ⚠️ Be prudent as to where you store it!
hashToHexText :: Hash -> Text
instance Data.Text.Display.Core.Display Sel.SecretKey.Cipher.SecretKey
instance Data.Text.Display.Core.Display Sel.SecretKey.Cipher.Nonce
instance GHC.Classes.Eq Sel.SecretKey.Cipher.Hash
instance GHC.Classes.Ord Sel.SecretKey.Cipher.Hash
instance Data.Text.Display.Core.Display Sel.SecretKey.Cipher.Hash
instance GHC.Show.Show Sel.SecretKey.Cipher.Hash
instance GHC.Classes.Eq Sel.SecretKey.Cipher.Nonce
instance GHC.Classes.Ord Sel.SecretKey.Cipher.Nonce
instance GHC.Show.Show Sel.SecretKey.Cipher.Nonce
instance GHC.Classes.Eq Sel.SecretKey.Cipher.SecretKey
instance GHC.Classes.Ord Sel.SecretKey.Cipher.SecretKey
instance GHC.Show.Show Sel.SecretKey.Cipher.SecretKey
module Sel.SecretKey.Stream
-- | Perform streaming encryption of a finite list.
--
-- This function can throw StreamEncryptionException upon an error
-- in the underlying implementation.
encryptList :: forall m. MonadIO m => SecretKey -> [StrictByteString] -> m (Header, [CipherText])
-- | Perform streaming decryption of a finite Linked List.
--
-- This function can throw StreamDecryptionException if the chunk
-- is invalid, incomplete, or corrupted.
decryptList :: forall m. MonadIO m => SecretKey -> Header -> [CipherText] -> m (Maybe [StrictByteString])
-- | Multipart is the cryptographic context for stream encryption.
data Multipart s
-- | Perform streaming hashing with a Multipart cryptographic
-- context.
--
-- Use encryptChunk within the continuation.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
encryptStream :: forall (a :: Type) (m :: Type -> Type). MonadIO m => SecretKey -> (forall s. Multipart s -> m a) -> m (Header, a)
-- | Add a message portion (chunk) to be encrypted.
--
-- Use it within encryptStream.
--
-- This function can throw StreamEncryptionException upon an error
-- in the underlying implementation.
encryptChunk :: forall m s. MonadIO m => Multipart s -> MessageTag -> StrictByteString -> m CipherText
-- | Perform streaming decryption with a Multipart cryptographic
-- context.
--
-- Use decryptChunk within the continuation.
--
-- The context is safely allocated first, then the continuation is run
-- and then it is deallocated after that.
decryptStream :: forall (a :: Type) (m :: Type -> Type). MonadIO m => SecretKey -> Header -> (forall s. Multipart s -> m a) -> m (Maybe a)
-- | Add a message portion (chunk) to be decrypted.
--
-- Use this function within decryptStream.
--
-- This function can throw StreamDecryptionException if the chunk
-- is invalid, incomplete, or corrupted.
decryptChunk :: forall m s. MonadIO m => Multipart s -> CipherText -> m StrictByteString
-- | A secret key of size
-- cryptoSecretStreamXChaCha20Poly1305KeyBytes.
data SecretKey
-- | Generate a new random secret key.
newSecretKey :: IO SecretKey
-- | Create a SecretKey from a binary StrictByteString that
-- you have obtained on your own, usually from the network or disk.
--
-- The input secret key, once decoded from base16, must be of length
-- cryptoSecretStreamXChaCha20Poly1305KeyBytes.
secretKeyFromHexByteString :: Base16 StrictByteString -> Either Text SecretKey
-- | Convert a SecretKey to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
unsafeSecretKeyToHexByteString :: SecretKey -> Base16 StrictByteString
-- | An encrypted stream starts with a Header of size
-- cryptoSecretStreamXChaCha20Poly1305HeaderBytes.
--
-- That header must be sent/stored before the sequence of encrypted
-- messages, as it is required to decrypt the stream.
--
-- The header content doesn’t have to be secret and decryption with a
-- different header will fail.
data Header
-- | Convert a Header to a hexadecimal-encoded
-- StrictByteString
headerToHexByteString :: Header -> Base16 StrictByteString
-- | Build a Header from a base16-encoded StrictByteString
headerFromHexByteString :: Base16 StrictByteString -> Either Text Header
-- | Each encrypted message is associated with a tag.
--
-- A typical encrypted stream simply attaches Message as a tag to
-- all messages, except the last one which is tagged as Final.
data MessageTag
-- | The most common tag, that doesn’t add any information about the nature
-- of the message.
Message :: MessageTag
-- | Indicates that the message marks the end of the stream, and erases the
-- secret key used to encrypt the previous sequence.
Final :: MessageTag
-- | Indicates that the message marks the end of a set of messages, but not
-- the end of the stream.
Push :: MessageTag
-- | “Forget” the key used to encrypt this message and the previous ones,
-- and derive a new secret key.
Rekey :: MessageTag
-- | An encrypted message. It is guaranteed to be of size:
-- original_message_length +
-- cryptoSecretStreamXChaCha20Poly1305ABytes
data CipherText
-- | Create a CipherText from a binary StrictByteString that
-- you have obtained on your own, usually from the network or disk. It
-- must be a valid hash built from the concatenation of the encrypted
-- message and the authentication tag.
--
-- The input hash must at least of length
-- cryptoSecretStreamXChaCha20Poly1305ABytes
ciphertextFromHexByteString :: Base16 StrictByteString -> Either Text CipherText
-- | Convert a CipherText to a binary StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
ciphertextToBinary :: CipherText -> StrictByteString
-- | Convert a CipherText to a hexadecimal-encoded
-- StrictByteString.
--
-- ⚠️ Be prudent as to where you store it!
ciphertextToHexByteString :: CipherText -> Base16 StrictByteString
-- | Convert a CipherText to a hexadecimal-encoded Text.
--
-- ⚠️ Be prudent as to where you store it!
ciphertextToHexText :: CipherText -> Base16 Text
data StreamInitEncryptionException
data StreamEncryptionException
data StreamDecryptionException
instance Data.Text.Display.Core.Display Sel.SecretKey.Stream.SecretKey
instance GHC.Exception.Type.Exception Sel.SecretKey.Stream.StreamEncryptionException
instance GHC.Show.Show Sel.SecretKey.Stream.StreamEncryptionException
instance GHC.Classes.Ord Sel.SecretKey.Stream.StreamEncryptionException
instance GHC.Classes.Eq Sel.SecretKey.Stream.StreamEncryptionException
instance GHC.Exception.Type.Exception Sel.SecretKey.Stream.StreamInitEncryptionException
instance GHC.Show.Show Sel.SecretKey.Stream.StreamInitEncryptionException
instance GHC.Classes.Ord Sel.SecretKey.Stream.StreamInitEncryptionException
instance GHC.Classes.Eq Sel.SecretKey.Stream.StreamInitEncryptionException
instance GHC.Exception.Type.Exception Sel.SecretKey.Stream.StreamDecryptionException
instance GHC.Show.Show Sel.SecretKey.Stream.StreamDecryptionException
instance GHC.Classes.Ord Sel.SecretKey.Stream.StreamDecryptionException
instance GHC.Classes.Eq Sel.SecretKey.Stream.StreamDecryptionException
instance GHC.Classes.Eq Sel.SecretKey.Stream.CipherText
instance GHC.Classes.Ord Sel.SecretKey.Stream.CipherText
instance Data.Text.Display.Core.Display Sel.SecretKey.Stream.CipherText
instance GHC.Show.Show Sel.SecretKey.Stream.CipherText
instance GHC.Show.Show Sel.SecretKey.Stream.Header
instance Data.Text.Display.Core.Display Sel.SecretKey.Stream.Header
instance GHC.Classes.Eq Sel.SecretKey.Stream.Header
instance GHC.Classes.Ord Sel.SecretKey.Stream.Header
instance GHC.Classes.Eq Sel.SecretKey.Stream.SecretKey
instance GHC.Classes.Ord Sel.SecretKey.Stream.SecretKey
instance GHC.Show.Show Sel.SecretKey.Stream.SecretKey