haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,220 Commits 15 Branches 30 Tags 2.5 MiB
uni2work
Commit Graph

660 Commits

Author SHA1 Message Date
Olivier Chéron
096e2ec0bd Add XSalsa.derive and example 
This function adds one more HSalsa key derivation to an XSalsa context
that has previously been initialized.  It allows multi-level cascades
like the 2-level done by NaCl crypto_box.
 2019-09-09 19:32:24 +02:00
Olivier Chéron
3ae08ed509 Add API to generate a random nonce 
This AEAD scheme is compatible with choosing the nonce randomly.
 2019-08-25 16:38:08 +02:00
Olivier Chéron
908f979d44 Add AES-GCM-SIV 2019-08-25 16:38:01 +02:00
Olivier Chéron
0075b57f90 Add internal AES CTR variant with 32-bit counter 
This variant of CTR mode is used by AES-GCM-SIV.  The counter is in
little-endian format and uses the first four bytes of the IV only.
 2019-08-25 08:55:49 +02:00
Olivier Chéron
91c87deae1 Add Crypto.System.CPU 2019-06-15 09:28:02 +02:00
Olivier Chéron
4df2a95276 AES GCM: use Shoup's method with 4-bit table 2019-06-06 06:48:16 +02:00
Vincent Hanquez
60ddb49298
Merge pull request #277 from ocheron/little-endian 
Little-endian integer serialization
 2019-05-19 21:56:41 +01:00
Olivier Chéron
76ba39fc95 Add benchmark with AES GCM and CCM 2019-05-19 11:16:34 +02:00
Olivier Chéron
af98a837d1 Add missing INLINABLE pragma 2019-05-16 06:33:35 +02:00
Olivier Chéron
7ecb259aae Fix LE.i2osp 0 
Little-endian bytes are stored at the beginning of the buffer.
 2019-05-16 06:33:35 +02:00
Olivier Chéron
6893eae70a Make os2ip loop argument strict 2019-05-16 06:33:35 +02:00
Olivier Chéron
6e1b6fdb90 Little-endian integer serialization 2019-05-16 06:33:35 +02:00
Olivier Chéron
158d8dfd0c Remove unnecessary imports 2019-05-08 10:22:30 +02:00
Olivier Chéron
ae107a9285 Merge last cshakeUpdate with cshakeFinalize 2019-05-01 07:03:45 +02:00
Olivier Chéron
8b235612be Merge cshakeInit with first cshakeUpdate 2019-04-28 09:14:25 +02:00
Olivier Chéron
14093ac298 Optimize KMAC allocations 
Adds a minimalist Builder type to merge intermediate allocations into
a single ByteArray.  Key is now copied to a ScrubbedBytes only.
 2019-04-28 09:14:25 +02:00
Olivier Chéron
1551436111 Add KMAC 2019-04-28 09:14:25 +02:00
Olivier Chéron
e3edc100c3 Remove unnecessary import 2019-03-24 07:59:57 +01:00
Olivier Chéron
3253501166 Time-constant P256.scalarAdd and P256.scalarSub 2019-03-21 07:04:01 +01:00
Lars Petersen
2a26202a32 Add implementation of bcrypt_pbkdf 2019-03-14 21:30:29 +01:00
Olivier Chéron
d67a21f95f Remove unnecessary imports and calls 2019-03-09 09:08:53 +01:00
Olivier Chéron
107317c84d Improve strictness in Blowfish rounds 2019-03-04 06:39:55 +01:00
Olivier Chéron
717de392cd Merge pull request #238 from lpeterse/master 
Extend the internal interface of the Blowfish module.
 2019-03-04 06:37:15 +01:00
Olivier Chéron
8e28d7b2cd Merge pull request #271 from ocheron/hash-nat-constraints 
Hash algorithms with runtime output length
 2019-03-04 06:33:59 +01:00
Olivier Chéron
299140f884 Remove unnecessary hash arguments 
We don't need to give the hash algorithm as a separate argument since
it is already available from the digest value itself.
 2019-03-01 06:28:55 +01:00
Olivier Chéron
997cea369b Rename to signDigestWith 2019-03-01 06:28:55 +01:00
Baojun Wang
b55a93dfdc add ECDSA sign/verify digest APIs 
(rebased from commit 045793427e8d46594b0b2afedb314d027ec707ab)
 2019-03-01 06:28:32 +01:00
Olivier Chéron
3c41966b9a Add module Crypto.Number.Nat 
This new module exposes type constraints required by some hash
algorithms and provides functions to check whether the constraints are
satisfied with runtime values.

Resolves #256.
 2019-02-28 07:07:48 +01:00
Olivier Chéron
eccbc11824 Remove Crypto.Internal.Proxy 
Data.Proxy can be used instead now that GHC >= 8.0.  In Data.Proxy the
Proxy type is poly-kinded.
 2019-02-28 07:07:48 +01:00
Olivier Chéron
65932e5a7e Add missing Data instances in Crypto.Hash.Blake2 2019-02-25 06:40:53 +01:00
Crockett
133c6e1b2d Added some redundant constraints for documentation/consistency. Added an INLINABLE pragma to i2ospOf to hopefully increase specializations. 2019-02-24 17:04:10 -08:00
Crockett
0fb8a73d3b Fixed compiler warnings 2019-02-03 16:06:05 -08:00
Crockett
88596509f0 Changed imports to match style of rest of library 2019-02-03 13:51:01 -08:00
Crockett
109600cec2 Added missing imports and removed duplicate imports. Tests pass. 2019-02-03 13:43:54 -08:00
Crockett
c71a6733dd Unified DSA and ECDSA truncate&hash function. 2019-02-03 13:30:56 -08:00
Crockett
d5003a46a6 Fixed hash truncation bug in DSA; added more KATs from RFC 6979. 2019-01-26 15:15:34 -08:00
Olivier Chéron
1d5947f055 Use any instead of not all 2019-01-15 21:24:31 +01:00
Olivier Chéron
f9ae52327c RSASSA-PSS with key of arbitrary length 
Instead of public_size / private_size which are in bytes only, this
uses function numBits to recover the effective length of the modulus
in bits.  The patch also handles removal of unneeded initial byte when
the length is 1 modulo 8.
 2019-01-12 17:43:49 +01:00
Olivier Chéron
274911c608 Accept hlint suggestions 2019-01-12 17:43:49 +01:00
Olivier Chéron
d964064d80 Use heterogeneous equality 2019-01-12 17:43:49 +01:00
Carlos Rodriguez
ddfdbbd4be Removed unnecessary reference to random. 2018-12-18 20:19:14 +01:00
Carlos Rodriguez
cc18bf41ee
Corrected value boundaries in description of function. 2018-11-11 17:14:23 +01:00
Carlos Rodriguez
95f0f3d0c9 Fixed typos in name. 2018-11-03 21:17:46 +01:00
Carlos Rodriguez
3165027840
Fixed typo in name. 2018-11-03 21:12:53 +01:00
Carlos Rodriguez
314a9caba7 Merge branch 'master' of https://github.com/haskell-crypto/cryptonite 
# Conflicts:
#	cryptonite.cabal
#	tests/KAT_PubKey.hs
 2018-11-03 20:23:25 +01:00
Olivier Chéron
9847554392 Fixed comment about expSafe 2018-11-01 09:08:39 +01:00
Olivier Chéron
f4e094aacb Fix PKCS#1 v1.5 padding 
The padding string is at least 8 bytes long + 3 other bytes,
so it should be 11.
 2018-10-29 20:43:02 +01:00
Olivier Chéron
455504b8e2 Implement SHAKE output not divisible by 8 bits 2018-10-23 06:59:07 +02:00
Olivier Chéron
0ab1c41ac8 Add missing Data instances 2018-10-23 06:59:07 +02:00
Olivier Chéron
e10ef06885 Remove unnecessary language extension 2018-10-23 06:59:07 +02:00
Carlos Rodriguez
c285d7f527 Added OAEP scheme and created test vectors for Rabin cryptosystem. 2018-10-06 16:53:22 +02:00
Vincent Hanquez
a8875e462d
Merge pull request #242 from LeifW/derive_data_digest 
Derive a Data instance for Digest.
 2018-09-13 14:31:56 +01:00
Carlos Rodriguez
e7b3abebf8 Implemented Rabin cryptosystem and some of its variations (including Rabin-Williams). 2018-09-06 20:27:32 +02:00
tom-bop
1288127d8e Fix typo in bcrypt example 2018-08-30 17:47:59 +01:00
Leif Warner
8a61d8e5e2 Derive a Data instance for Digest. 2018-06-18 00:20:48 -07:00
Lars Petersen
ff8a1c524d Extend the internal interface of the Blowfish module. 
In preparation of an implementation of the bcrypt_pbkdf (a
variant of PBKDF2 used by OpenSSH) algorithm,
certain low-level operations of the Blowfish algorithm need to
be generalized and exposed.

The Blowfish.Primitive module has already been extended to
account for the requirements imposed by the BCrypt algorithm,
but the salt length was limited to 16 bytes and the BCrypt
specific key schedule setup has been hard-coded into the Blowfish
module.

This commit makes a clear distintion between the expandKey and
expandKeyWithSalt operation. Both take arbitrary sized salts
and keys now. The specialized operation for 16 byte salts as used
by BCrypt has been preserved and is selected automatically.
Also, the BCrypt specific parts have been move to the BCrypt
module with regard to separation of concern.

A benchmark for generating BCrypt hashes with cost 10 shows a
performance improvement from 158 to 141ms on average (Intel i5-6500)
after this refactoring.
Further experiments suggest that the specialized expandKeyWithSalt128
does not have any advantage over the generalized version
and might be removed in favour of less branches and exceptional
behaviour.
 2018-05-08 22:08:20 +02:00
Olivier Chéron
d0ac50c1af Additional QA clean-up 2018-04-29 10:43:55 +02:00
Olivier Chéron
b3a1506d82 Remove conditionals related to SHAKE and Blake2 
Not needed anymore now that GHC > 8.0.
 2018-04-28 08:09:25 +02:00
Olivier Chéron
9d961e92e9 Comment about not having Show instance for HMAC 
Closes #232.
 2018-04-22 19:44:29 +02:00
Olivier Chéron
15f63fd849 Enable powModSecInteger with integer-gmp >= 1.0.2.0 2018-04-20 20:40:53 +02:00
Luke Taylor
d27d464627 Fix cost parsing for bcrypt 
The tens value was wrong for values of 20+, as reported in #230.
It should be 10*costTens not 10^costTens. This wasn't detected because
the values are the same when costTens is 1, and using high cost values
is rare with bcrypt because of the performance hit.

Also added a simple hash and validate test since the KAT tests only do
validation. This doesn't cover this bug since the cost value is too
high to include in the test. It allows similar issues to be tested
locally though.
 2018-04-17 13:51:04 +01:00
Chris Martin
d2da00445d fix spelling of "exponent" 2018-04-05 21:44:40 -04:00
George Pollard
f55636bd43 Add hmacLazy for lazy ByteStrings 
Modeled off `hashLazy`.
 2018-03-06 18:05:02 +13:00
Olivier Chéron
3e5be5fdf3 Add Read instance for Digest type 2018-02-11 09:15:05 +01:00
Vincent Hanquez
b4add57955 Hash: use Block instead of UArray to reduce memory usage 2018-02-04 23:06:02 +00:00
Olivier Chéron
325c87febf Use pattern matching 2018-02-04 14:35:43 +01:00
Olivier Chéron
4926cbb143 Improve types and indentation, fix typo 2018-02-03 19:05:20 +01:00
Baojun Wang
1e57f41e1d check AESCCM IV length in ccmInit instead of aeadInit 2018-02-03 09:34:57 +01:00
Baojun Wang
f6d9fb0cf1 aeadInit (ccm) returns CryptoError_IvSizeInvalid when iv size is wrong 2018-02-03 09:34:57 +01:00
Baojun Wang
48770bf79f fix aes ccm decryption cbcmac mis-match 2018-02-03 09:34:57 +01:00
Baojun Wang
1e04890d73 Add ccm decrypt 2018-02-03 09:34:57 +01:00
Baojun Wang
55bf620365 add aes ccm support 2018-02-03 09:31:36 +01:00
Alexander Vieth
6dca020660 improve digestFromByteString efficiency 2018-01-09 17:10:12 -05:00
Vincent Hanquez
c02c43bfc7
Merge pull request #205 from osa1/close_dev_handle 
withDev: Close the FD on exception
 2017-12-17 18:15:31 +00:00
Vincent Hanquez
6346b8289c
Merge pull request #202 from ocheron/ed25519-arith-negate 
Ed25519 arithmetic primitives
 2017-12-17 18:12:50 +00:00
Vincent Hanquez
82c22d50c7
Merge pull request #206 from haskell-crypto/replace-foundation-by-basement 
remove dependency on foundation and moving to basement
 2017-12-17 18:12:41 +00:00
Olivier Chéron
3217038a1a Add pointMulByCofactor and pointHasPrimeOrder 2017-12-17 11:56:33 +01:00
Olivier Chéron
b962952c30 Add introduction and warnings about possible pitfalls 2017-12-17 09:46:42 +01:00
Olivier Chéron
0820cd5c38 Simpler Edwards25519.scalarGenerate 2017-12-16 11:33:38 +01:00
Olivier Chéron
fbe1c213e2 Use throwCryptoError 2017-12-11 06:40:41 +01:00
Olivier Chéron
45723e3542 Rename to Edwards25519 2017-12-10 21:14:47 +01:00
Vincent Hanquez
f861a52b1b remove dependency on foundation and moving to basement 2017-11-30 12:08:08 +00:00
Ömer Sinan Ağacan
d7aeb5f545 withDev: Close the FD on exception 2017-11-30 10:30:29 +03:00
Olivier Chéron
3aaa89d52e Add missing NFData instances 2017-11-27 20:43:08 +01:00
Luke Taylor
5e354f9bfc Use "2b" version prefix in bcrypt hashes 
Makes docs and code consistent - the code now generates hashes
with the "2b" prefix instead of "2a". Shouldn't make any difference
in practice since previously generated hashes should still validate.
 2017-11-27 15:19:23 +00:00
Vincent Hanquez
2293c69f87
Merge pull request #200 from NicolasDP/master 
add instance of MonadFailure to CryptoFailable
 2017-11-25 15:25:21 +00:00
Olivier Chéron
8567bacc2e Add pointNegate to class EllipticCurveArith 2017-11-20 19:28:17 +01:00
Olivier Chéron
8d7e0d236c Add P256.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
b8b59be5a5 Normalize result of ECC.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
4f7d742461 Export and test ECC.pointNegate 2017-11-20 19:28:16 +01:00
Olivier Chéron
c55dd4d27f Add Curve_Ed25519 2017-11-20 19:28:16 +01:00
Olivier Chéron
6b3bf37eea Use only fixed-window implementation 2017-11-20 19:28:16 +01:00
Olivier Chéron
123e22ec08 Ed25519 scalar multiplication with 4-bit fixed window 2017-11-20 19:28:16 +01:00
Olivier Chéron
5778909761 Add Ed25519.pointsMulVarTime 2017-11-20 19:28:16 +01:00
Olivier Chéron
35f1d20b79 Ed25519 scalar add & multiply 2017-11-20 19:28:15 +01:00
Olivier Chéron
7d61abff03 Ed25519 point negation 2017-11-20 19:28:15 +01:00
Olivier Chéron
9ea718f55e Arithmetic primitives over curve Ed25519 2017-11-20 19:28:15 +01:00
Vincent Hanquez
896382dfbc
Merge pull request #201 from chris-martin/pr/caps 
Various documentation copy editing
 2017-11-19 16:04:40 +00:00
Vincent Hanquez
c26b331c8e
Merge pull request #199 from ocheron/proxy-backend 
Use Proxy for openBackend
 2017-11-19 16:00:41 +00:00
Chris Martin
f77994a729 Various documentation copy editing 2017-11-18 14:27:44 -05:00