cryptocipher-0.6.2: Symmetrical block and stream ciphers.

LicenseBSD-style
MaintainerVincent Hanquez <vincent@snarc.org>
Stabilitystable
Portabilitygood
Safe HaskellNone
LanguageHaskell98

Crypto.Cipher

Contents

Description

All the cipher functionalities are available through the BlockCipher and StreamCipher classes.

A simplified example (with simplified error handling):

import Crypto.Cipher
import Data.ByteString (ByteString)
import qualified Data.ByteString as B

initAES256 :: ByteString -> AES256
initAES256 = either (error . show) cipherInit . makeKey

cbcEncryption :: AES256 -> ByteString -> ByteString -> ByteString
cbcEncryption ctx ivRaw plainText = cbcEncrypt ctx iv plainText
  where iv = maybe (error "invalid IV") id $ ivRaw

Synopsis

Cipher classes

class Cipher cipher where #

Symmetric cipher class.

Minimal complete definition

cipherInit, cipherName, cipherKeySize

Methods

cipherInit :: Key cipher -> cipher #

Initialize a cipher context from a key

cipherName :: cipher -> String #

Cipher name

cipherKeySize :: cipher -> KeySizeSpecifier #

return the size of the key required for this cipher. Some cipher accept any size for key

Instances

Cipher AES 
Cipher AES128 
Cipher AES192 
Cipher AES256 
Cipher Blowfish 
Cipher Blowfish64 
Cipher Blowfish128 
Cipher Blowfish256 
Cipher Blowfish448 
Cipher Camellia128 
Cipher DES_EEE3 
Cipher DES_EDE3 
Cipher DES_EEE2 
Cipher DES_EDE2 
Cipher DES 

class Cipher cipher => BlockCipher cipher where #

Symmetric block cipher class

Minimal complete definition

blockSize, ecbEncrypt, ecbDecrypt

Methods

blockSize :: cipher -> Int #

Return the size of block required for this block cipher

ecbEncrypt :: cipher -> ByteString -> ByteString #

Encrypt blocks

the input string need to be multiple of the block size

ecbDecrypt :: cipher -> ByteString -> ByteString #

Decrypt blocks

the input string need to be multiple of the block size

cbcEncrypt :: cipher -> IV cipher -> ByteString -> ByteString #

encrypt using the CBC mode.

input need to be a multiple of the blocksize

cbcDecrypt :: cipher -> IV cipher -> ByteString -> ByteString #

decrypt using the CBC mode.

input need to be a multiple of the blocksize

cfbEncrypt :: cipher -> IV cipher -> ByteString -> ByteString #

encrypt using the CFB mode.

input need to be a multiple of the blocksize

cfbDecrypt :: cipher -> IV cipher -> ByteString -> ByteString #

decrypt using the CFB mode.

input need to be a multiple of the blocksize

ctrCombine :: cipher -> IV cipher -> ByteString -> ByteString #

combine using the CTR mode.

CTR mode produce a stream of randomized data that is combined (by XOR operation) with the input stream.

encryption and decryption are the same operation.

input can be of any size

xtsEncrypt #

Arguments

:: (cipher, cipher) 
-> IV cipher

Usually represent the Data Unit (e.g. disk sector)

-> DataUnitOffset

Offset in the data unit in number of blocks

-> ByteString

Plaintext

-> ByteString

Ciphertext

encrypt using the XTS mode.

input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only

xtsDecrypt #

Arguments

:: (cipher, cipher) 
-> IV cipher

Usually represent the Data Unit (e.g. disk sector)

-> DataUnitOffset

Offset in the data unit in number of blocks

-> ByteString

Ciphertext

-> ByteString

Plaintext

decrypt using the XTS mode.

input need to be a multiple of the blocksize, and the cipher need to process 128 bits block only

aeadInit :: Byteable iv => AEADMode -> cipher -> iv -> Maybe (AEAD cipher) #

Initialize a new AEAD State

When Nothing is returns, it means the mode is not handled.

Instances

BlockCipher AES 
BlockCipher AES128 
BlockCipher AES192 
BlockCipher AES256 
BlockCipher Blowfish 
BlockCipher Blowfish64 
BlockCipher Blowfish128 
BlockCipher Blowfish256 
BlockCipher Blowfish448 
BlockCipher Camellia128 
BlockCipher DES_EEE3 
BlockCipher DES_EDE3 
BlockCipher DES_EEE2 
BlockCipher DES_EDE2 
BlockCipher DES 

class Cipher cipher => StreamCipher cipher where #

Symmetric stream cipher class

Minimal complete definition

streamCombine

Methods

streamCombine :: cipher -> ByteString -> (ByteString, cipher) #

Combine using the stream cipher

Key

data Key c :: * -> * #

a Key parametrized by the cipher

Instances

Eq (Key c) 

Methods

(==) :: Key c -> Key c -> Bool #

(/=) :: Key c -> Key c -> Bool #

Byteable (Key c) 

Methods

toBytes :: Key c -> ByteString #

byteableLength :: Key c -> Int #

withBytePtr :: Key c -> (Ptr Word8 -> IO b) -> IO b #

ToSecureMem (Key c) 

Methods

toSecureMem :: Key c -> SecureMem #

makeKey :: (ToSecureMem b, Cipher c) => b -> Either KeyError (Key c) #

Create a Key for a specified cipher

Initialization Vector (IV)

data IV c :: * -> * #

an IV parametrized by the cipher

Instances

Eq (IV c) 

Methods

(==) :: IV c -> IV c -> Bool #

(/=) :: IV c -> IV c -> Bool #

Byteable (IV c) 

Methods

toBytes :: IV c -> ByteString #

byteableLength :: IV c -> Int #

withBytePtr :: IV c -> (Ptr Word8 -> IO b) -> IO b #

makeIV :: (Byteable b, BlockCipher c) => b -> Maybe (IV c) #

Create an IV for a specified block cipher

nullIV :: BlockCipher c => IV c #

Create an IV that is effectively representing the number 0

ivAdd :: BlockCipher c => IV c -> Int -> IV c #

Increment an IV by a number.

Assume the IV is in Big Endian format.

Authenticated Encryption with Associated Data (AEAD)

data AEAD cipher :: * -> * #

Authenticated Encryption with Associated Data algorithms

aeadAppendHeader :: BlockCipher a => AEAD a -> ByteString -> AEAD a #

Append associated data into the AEAD state

aeadEncrypt :: BlockCipher a => AEAD a -> ByteString -> (ByteString, AEAD a) #

Encrypt input and append into the AEAD state

aeadDecrypt :: BlockCipher a => AEAD a -> ByteString -> (ByteString, AEAD a) #

Decrypt input and append into the AEAD state

aeadFinalize :: BlockCipher a => AEAD a -> Int -> AuthTag #

Finalize the AEAD state and create an authentification tag

Cipher implementations

data AES128 :: * #

AES with 128 bit key

Instances

data AES192 :: * #

AES with 192 bit key

Instances

data AES256 :: * #

AES with 256 bit key

Instances

data Blowfish :: * #

variable keyed blowfish state

Instances

data Blowfish64 :: * #

64 bit keyed blowfish state

Instances

data Blowfish128 :: * #

128 bit keyed blowfish state

Instances

data Blowfish256 :: * #

256 bit keyed blowfish state

Instances

data Blowfish448 :: * #

448 bit keyed blowfish state

Instances

data DES :: * #

DES Context

Instances

data DES_EEE3 :: * #

3DES with 3 different keys used all in the same direction

Instances

data DES_EDE3 :: * #

3DES with 3 different keys used in alternative direction

Instances

data DES_EEE2 :: * #

3DES where the first and third keys are equal, used in the same direction

Instances

data DES_EDE2 :: * #

3DES where the first and third keys are equal, used in alternative direction

Instances

data Camellia128 :: * #

Camellia block cipher with 128 bit key

Instances