hpke-0.0.0: Hybrid Public Key Encryption
Safe HaskellSafe-Inferred
LanguageHaskell2010

Crypto.HPKE.Internal

Synopsis

Extensible map

data HPKEMap Source #

Constructors

HPKEMap 

Fields

defaultHPKEMap :: HPKEMap Source #

setupS Source #

Arguments

:: HPKEMap 
-> Mode 
-> KEM_ID 
-> KDF_ID 
-> AEAD_ID 
-> Maybe EncodedSecretKey

My ephemeral secret key. Automatically generated if Nothing

-> Maybe EncodedSecretKey

My secret key for authentication. mode_base is used if Nothing. base_auth is used, otherwise.

-> EncodedPublicKey

Peer's public key.

-> Info 
-> PSK 
-> PSK_ID 
-> IO (EncodedPublicKey, ContextS) 

setupR Source #

Arguments

:: HPKEMap 
-> Mode 
-> KEM_ID 
-> KDF_ID 
-> AEAD_ID 
-> EncodedSecretKey

My secret key

-> Maybe EncodedSecretKey

My secret key for authentication. mode_base is used if Nothing. base_auth is used, otherwise.

-> EncodedPublicKey

Peer's public key.

-> Info 
-> PSK 
-> PSK_ID 
-> IO ContextR 

Unified types

data KEMGroup Source #

Constructors

forall c.(EllipticCurve c, EllipticCurveDH c) => KEMGroup (Proxy c) 

data KDFHash Source #

Constructors

forall h.(HashAlgorithm h, KDF h) => KDFHash h 

data AEADCipher Source #

Constructors

forall a.Aead a => AEADCipher (Proxy a) 

API

class Aead a where Source #

Methods

sealA :: Proxy a -> Key -> Seal Source #

openA :: Proxy a -> Key -> Open Source #

nK :: Proxy a -> Int Source #

nN :: Proxy a -> Int Source #

nT :: Proxy a -> Int Source #

Instances

Instances details
Aead AES128 Source #

From RFC 9180 A.1

>>> let key = "\x45\x31\x68\x5d\x41\xd6\x5f\x03\xdc\x48\xf6\xb8\x30\x2c\x05\xb0" :: ByteString
>>> let nonce = "\x56\xd8\x90\xe5\xac\xca\xaf\x01\x1c\xff\x4b\x7d" :: ByteString
>>> let aad = "\x43\x6f\x75\x6e\x74\x2d\x30" :: ByteString
>>> let plain = "The quick brown fox jumps over the very lazy dog." :: ByteString
>>> let proxy = Proxy :: Proxy AES128
>>> sealA proxy key nonce aad plain >>= openA proxy key nonce aad
Right "The quick brown fox jumps over the very lazy dog."
Instance details

Defined in Crypto.HPKE.AEAD

Methods

sealA :: Proxy AES128 -> Key -> Seal Source #

openA :: Proxy AES128 -> Key -> Open Source #

nK :: Proxy AES128 -> Int Source #

nN :: Proxy AES128 -> Int Source #

nT :: Proxy AES128 -> Int Source #

Aead AES256 Source #

From RFC 9180 A.6

>>> let key = "\x75\x1e\x34\x6c\xe8\xf0\xdd\xb2\x30\x5c\x8a\x2a\x85\xc7\x0d\x5c\xf5\x59\xc5\x30\x93\x65\x6b\xe6\x36\xb9\x40\x6d\x4d\x7d\x1b\x70" :: ByteString
>>> let nonce = "\x55\xff\x7a\x7d\x73\x9c\x69\xf4\x4b\x25\x44\x7b" :: ByteString
>>> let aad = "\x43\x6f\x75\x6e\x74\x2d\x30" :: ByteString
>>> let plain = "The quick brown fox jumps over the very lazy dog." :: ByteString
>>> let proxy = Proxy :: Proxy AES256
>>> sealA proxy key nonce aad plain >>= openA proxy key nonce aad
Right "The quick brown fox jumps over the very lazy dog."
Instance details

Defined in Crypto.HPKE.AEAD

Methods

sealA :: Proxy AES256 -> Key -> Seal Source #

openA :: Proxy AES256 -> Key -> Open Source #

nK :: Proxy AES256 -> Int Source #

nN :: Proxy AES256 -> Int Source #

nT :: Proxy AES256 -> Int Source #

Aead ChaCha20Poly1305 Source #

From RFC 9180 A.5

>>> let key = "\xa8\xf4\x54\x90\xa9\x2a\x3b\x04\xd1\xdb\xf6\xcf\x2c\x39\x39\xad\x8b\xfc\x9b\xfc\xb9\x7c\x04\xbf\xfe\x11\x67\x30\xc9\xdf\xe3\xfc" :: ByteString
>>> let nonce = "\x72\x6b\x43\x90\xed\x22\x09\x80\x9f\x58\xc6\x93" :: ByteString
>>> let aad = "\x43\x6f\x75\x6e\x74\x2d\x30" :: ByteString
>>> let plain = "The quick brown fox jumps over the very lazy dog." :: ByteString
>>> let proxy = Proxy :: Proxy CCP.ChaCha20Poly1305
>>> sealA proxy key nonce aad plain >>= openA proxy key nonce aad
Right "The quick brown fox jumps over the very lazy dog."
Instance details

Defined in Crypto.HPKE.AEAD

Methods

sealA :: Proxy ChaCha20Poly1305 -> Key -> Seal Source #

openA :: Proxy ChaCha20Poly1305 -> Key -> Open Source #

nK :: Proxy ChaCha20Poly1305 -> Int Source #

nN :: Proxy ChaCha20Poly1305 -> Int Source #

nT :: Proxy ChaCha20Poly1305 -> Int Source #

class KDF h where Source #

Methods

labeledExtract :: Suite -> Salt -> Label -> IKM -> PRK h Source #

labeledExpand :: Suite -> PRK h -> Label -> Info -> Int -> Key Source #

Instances

Instances details
KDF SHA256 Source # 
Instance details

Defined in Crypto.HPKE.KDF

Methods

labeledExtract :: Suite -> Salt -> Label -> IKM -> PRK SHA256 Source #

labeledExpand :: Suite -> PRK SHA256 -> Label -> Info -> Int -> Key Source #

KDF SHA384 Source # 
Instance details

Defined in Crypto.HPKE.KDF

Methods

labeledExtract :: Suite -> Salt -> Label -> IKM -> PRK SHA384 Source #

labeledExpand :: Suite -> PRK SHA384 -> Label -> Info -> Int -> Key Source #

KDF SHA512 Source # 
Instance details

Defined in Crypto.HPKE.KDF

Methods

labeledExtract :: Suite -> Salt -> Label -> IKM -> PRK SHA512 Source #

labeledExpand :: Suite -> PRK SHA512 -> Label -> Info -> Int -> Key Source #

Types

data Mode Source #

Constructors

ModeBase 
ModePsk 
ModeAuth 
ModeAuthPsk 

Instances

Instances details
Show Mode Source # 
Instance details

Defined in Crypto.HPKE.KeySchedule

Methods

showsPrec :: Int -> Mode -> ShowS #

show :: Mode -> String #

showList :: [Mode] -> ShowS #

Eq Mode Source # 
Instance details

Defined in Crypto.HPKE.KeySchedule

Methods

(==) :: Mode -> Mode -> Bool #

(/=) :: Mode -> Mode -> Bool #

type PublicKey group = Point group Source #

type SecretKey group = Scalar group Source #

type Seal = Nonce -> AAD -> PlainText -> Either HPKEError CipherText Source #

type Open = Nonce -> AAD -> CipherText -> Either HPKEError PlainText Source #

type Nonce = ByteString Source #

type Suite = ByteString Source #

type Salt = ByteString Source #

type Label = ByteString Source #

type IKM = ByteString Source #

Generating key pair

genKeyPair :: HPKEMap -> KEM_ID -> IO (EncodedPublicKey, EncodedSecretKey) Source #

Generating a pair of public key and secret key based on KEM_ID.