haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,074 Commits 15 Branches 30 Tags 2.5 MiB
cddbc2cef9
Commit Graph

598 Commits

Author SHA1 Message Date
Chris Martin
d2da00445d fix spelling of "exponent" 2018-04-05 21:44:40 -04:00
Olivier Chéron
3e5be5fdf3 Add Read instance for Digest type 2018-02-11 09:15:05 +01:00
Vincent Hanquez
b4add57955 Hash: use Block instead of UArray to reduce memory usage 2018-02-04 23:06:02 +00:00
Olivier Chéron
325c87febf Use pattern matching 2018-02-04 14:35:43 +01:00
Olivier Chéron
4926cbb143 Improve types and indentation, fix typo 2018-02-03 19:05:20 +01:00
Baojun Wang
1e57f41e1d check AESCCM IV length in ccmInit instead of aeadInit 2018-02-03 09:34:57 +01:00
Baojun Wang
f6d9fb0cf1 aeadInit (ccm) returns CryptoError_IvSizeInvalid when iv size is wrong 2018-02-03 09:34:57 +01:00
Baojun Wang
48770bf79f fix aes ccm decryption cbcmac mis-match 2018-02-03 09:34:57 +01:00
Baojun Wang
1e04890d73 Add ccm decrypt 2018-02-03 09:34:57 +01:00
Baojun Wang
55bf620365 add aes ccm support 2018-02-03 09:31:36 +01:00
Alexander Vieth
6dca020660 improve digestFromByteString efficiency 2018-01-09 17:10:12 -05:00
Vincent Hanquez
c02c43bfc7
Merge pull request #205 from osa1/close_dev_handle 
withDev: Close the FD on exception
 2017-12-17 18:15:31 +00:00
Vincent Hanquez
6346b8289c
Merge pull request #202 from ocheron/ed25519-arith-negate 
Ed25519 arithmetic primitives
 2017-12-17 18:12:50 +00:00
Vincent Hanquez
82c22d50c7
Merge pull request #206 from haskell-crypto/replace-foundation-by-basement 
remove dependency on foundation and moving to basement
 2017-12-17 18:12:41 +00:00
Olivier Chéron
3217038a1a Add pointMulByCofactor and pointHasPrimeOrder 2017-12-17 11:56:33 +01:00
Olivier Chéron
b962952c30 Add introduction and warnings about possible pitfalls 2017-12-17 09:46:42 +01:00
Olivier Chéron
0820cd5c38 Simpler Edwards25519.scalarGenerate 2017-12-16 11:33:38 +01:00
Olivier Chéron
fbe1c213e2 Use throwCryptoError 2017-12-11 06:40:41 +01:00
Olivier Chéron
45723e3542 Rename to Edwards25519 2017-12-10 21:14:47 +01:00
Vincent Hanquez
f861a52b1b remove dependency on foundation and moving to basement 2017-11-30 12:08:08 +00:00
Ömer Sinan Ağacan
d7aeb5f545 withDev: Close the FD on exception 2017-11-30 10:30:29 +03:00
Olivier Chéron
3aaa89d52e Add missing NFData instances 2017-11-27 20:43:08 +01:00
Luke Taylor
5e354f9bfc Use "2b" version prefix in bcrypt hashes 
Makes docs and code consistent - the code now generates hashes
with the "2b" prefix instead of "2a". Shouldn't make any difference
in practice since previously generated hashes should still validate.
 2017-11-27 15:19:23 +00:00
Vincent Hanquez
2293c69f87
Merge pull request #200 from NicolasDP/master 
add instance of MonadFailure to CryptoFailable
 2017-11-25 15:25:21 +00:00
Olivier Chéron
8567bacc2e Add pointNegate to class EllipticCurveArith 2017-11-20 19:28:17 +01:00
Olivier Chéron
8d7e0d236c Add P256.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
b8b59be5a5 Normalize result of ECC.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
4f7d742461 Export and test ECC.pointNegate 2017-11-20 19:28:16 +01:00
Olivier Chéron
c55dd4d27f Add Curve_Ed25519 2017-11-20 19:28:16 +01:00
Olivier Chéron
6b3bf37eea Use only fixed-window implementation 2017-11-20 19:28:16 +01:00
Olivier Chéron
123e22ec08 Ed25519 scalar multiplication with 4-bit fixed window 2017-11-20 19:28:16 +01:00
Olivier Chéron
5778909761 Add Ed25519.pointsMulVarTime 2017-11-20 19:28:16 +01:00
Olivier Chéron
35f1d20b79 Ed25519 scalar add & multiply 2017-11-20 19:28:15 +01:00
Olivier Chéron
7d61abff03 Ed25519 point negation 2017-11-20 19:28:15 +01:00
Olivier Chéron
9ea718f55e Arithmetic primitives over curve Ed25519 2017-11-20 19:28:15 +01:00
Vincent Hanquez
896382dfbc
Merge pull request #201 from chris-martin/pr/caps 
Various documentation copy editing
 2017-11-19 16:04:40 +00:00
Vincent Hanquez
c26b331c8e
Merge pull request #199 from ocheron/proxy-backend 
Use Proxy for openBackend
 2017-11-19 16:00:41 +00:00
Chris Martin
f77994a729 Various documentation copy editing 2017-11-18 14:27:44 -05:00
Nicolas Di Prima
393d5804b7 add instance of MonadFailure to CryptoFailable 2017-11-16 20:16:29 +00:00
Olivier Chéron
4723dc0b39 Use Proxy in openBackend 
Replaces 'undefined' and fixes #198.
 2017-10-23 20:39:00 +02:00
Vincent Hanquez
84e96d2fa3 Update context size for Blake2bp and Blake2sp 
Also fix Blake2bp to not use blake2sp functions
 2017-10-02 21:05:30 +01:00
Vincent Hanquez
74f1c1872b [BLAKE2] update context size on the haskell to the latest code 2017-10-02 20:44:51 +01:00
Vincent Hanquez
2ecbd5c052 Merge pull request #189 from ocheron/cast5-wordarray 
CAST5 block cipher
 2017-09-18 21:09:49 +09:00
Vincent Hanquez
110ad7b510 Merge pull request #188 from ocheron/hash-tutorial 
More content for Crypto.Tutorial
 2017-09-18 20:54:40 +09:00
Vincent Hanquez
57fc438c83 typo in documentation 2017-09-18 10:32:21 +01:00
Olivier Chéron
bb2363eea7 Add CAST5 aka CAST-128 
Haskell translation of RFC 2144.
 2017-09-17 11:28:56 +02:00
Olivier Chéron
c6c715f465 Add note about Digest implementing ByteArrayAccess 2017-08-22 20:39:29 +02:00
Olivier Chéron
007f69c557 Add Crypto.Hash examples to tutorial 2017-08-22 20:39:27 +02:00
Olivier Chéron
80ed642f85 Add introduction to tutorial 2017-08-22 20:39:24 +02:00
Vincent Hanquez
9d43c332de fix digest size for nat-typed blake2 2017-07-08 07:58:09 +01:00
Vincent Hanquez
ccc3930072 Merge pull request #182 from haskell-crypto/hash-type-nat 
Add HashBlockSize & HashDigestSize & HashInternalContextSize type family
 2017-07-07 21:45:22 +01:00
Vincent Hanquez
d13ce585ab add further unrolling of Div8 to match Mod8 2017-07-07 21:44:29 +01:00
Vincent Hanquez
b18ec653b8 rename bitLen -> bitlen. GHC 8.2 is stricted about name of type variables 2017-07-07 19:26:59 +01:00
Vincent Hanquez
0dc0f30b86 Add HashBlockSize & HashDigestSize & HashInternalContextSize type family for all Hash algorithms 
supercedes PR #158
 2017-07-07 18:28:06 +01:00
Vincent Hanquez
664a37c16d [ChaCha] only required byteArrayAccess and add a way to convert from binary 2017-07-07 17:32:09 +01:00
Vincent Hanquez
f559c7bd9d [ChaCha] only need ByteArrayAccess for initialization 2017-07-07 17:31:30 +01:00
Olivier Chéron
9b56689885 Check that ECDH and ECIES result is not point-at-infinity 
This guards against invalid public keys when curves have a cofactor.

Fixes #178
 2017-07-05 22:24:22 +02:00
Olivier Chéron
aec6af5de4 Add note about P256 encoding of point-at-infinity 2017-07-05 22:24:22 +02:00
Olivier Chéron
adc192ac17 Add constAllZero 2017-07-05 22:24:22 +02:00
Olivier Chéron
8e274f8e60 Validate output point when calling P256.pointFromBinary 
Function unsafePointFromBinary is added when validation is not needed.
 2017-07-05 22:24:22 +02:00
Fraser Tweedale
f6c1f21e59 clarify padding requirements for PKCS15 encrypt/decrypt 
The types do not say whether it is necessary to apply pad/unpad to
the input/output of the PKCS15 encrypt/decrypt functions.  Add
comments to clarify that it is not necessary to manually pad/unpad
the message.
 2017-06-26 15:30:01 +02:00
Vincent Hanquez
1bcfa2e087 Merge pull request #167 from ocheron/eddsa-minimal 
Improve Curve448 and add Ed448
 2017-06-19 13:49:07 +01:00
Sergei Trofimovich
d911a34258 fix build failure with -f-support_deepseq disabled 
How to reproduce:

```
$ cabal configure -f-support_deepseq
Resolving dependencies...
Configuring cryptonite-0.23...

$ cabal build
Building cryptonite-0.23...
Preprocessing library cryptonite-0.23...
[114 of 120] Compiling Crypto.PubKey.RSA.Types ( Crypto/PubKey/RSA/Types.hs, dist/build/Crypto/PubKey/RSA/Types

Crypto/PubKey/RSA/Types.hs:48:30: error:
    • No instance for (NFData Integer) arising from a use of ‘rnf’
    • In the first argument of ‘seq’, namely ‘rnf n’
      In the expression: rnf n `seq` rnf e `seq` sz `seq` ()
      In an equation for ‘rnf’:
          rnf (PublicKey sz n e) = rnf n `seq` rnf e `seq` sz `seq` ()
```

The fix is to inctoruce 'NFData Integer' instance to `Crypto/Internal/DeepSeq`.

Closes: https://github.com/haskell-crypto/cryptonite/issues/171
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
 2017-06-19 10:37:23 +01:00
Olivier Chéron
e71d9b135c Derive Show,Data,Typeable when defining curve singletons 2017-06-10 14:26:59 +02:00
Olivier Chéron
5c2988716e Validate P256 point when decoding 
Fixes #165.
 2017-06-10 14:26:59 +02:00
Olivier Chéron
a879845434 Add note about the optional all-zero test 
This is actually a lie: the condition is tested in both curve
implementations but not returned by the Haskell API.  Will be a reminder to
add this in the future.  A function 'allocRetAndFreeze' could be useful.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
75e3bd555e Add Show instances for EdDSA secret keys 
Other algorithms define Show instances for their secrets.
Here ScrubbedBytes will obfuscate the content anyway.

Will be useful for X509.PrivKey, which requires a Show instance.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
6805ddd4f7 Add support for Ed448 
This replaces the Diffie-Hellman API that was previously exported.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
6fb412e2af Use decaf_x448_derive_public_key 2017-06-04 19:25:19 +02:00
Olivier Chéron
23b359d842 Switch Haskell APIs to decaf implementation 
Module 'Curve448' now use decaf.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
ac7eaac523 Simplify Ed25519.generateSecretKey 2017-06-02 19:37:25 +02:00
Olivier Chéron
edd5d94bd4 Make ivAdd more constant-time 
All IV bytes are processed even if accumulator is zero.
 2017-05-31 23:31:29 +02:00
Olivier Chéron
07592ab237 Fix ivAdd overflow behaviour 2017-05-26 09:59:54 +02:00
Olivier Chéron
c6caba88ed Merge pull request #159 from wangbj/patch-1 
Allow sign/verify digest directly
 2017-05-26 09:52:53 +02:00
Baojun Wang
a8902fe119 remove redundant condition test on `hashLen /= B.length mHash` 2017-05-18 21:00:14 -07:00
Elliot Cameron
8971458e06 Fix docs for Argon variants 2017-05-17 17:11:00 -04:00
Baojun Wang
4270f00277 Use `Digest hash` to represent message digest 2017-05-16 10:54:31 -07:00
Baojun Wang
f9a0bc3c53 Allow sign/verify digest directly 
currently sign/verify works on message directly, it would be nice if PSS could sign/verify digest directly. This is useful for:

  1) for some signing server it only has a digest (without message)
  2) message could be very large, for cases when client need request a singing server to sign, it may make more sense for the client to compute digest, then ask server to (PSS) sign the digest
  3) openSSL pkeyutl (PSS) sign operation signs with digest only, not the message, it would be nice to work with openSSL more easily 

*openSSL command line:
```shell
openssl pkeyutl -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1  -pkeyopt digest:sha256 -sign -inkey "pri.key" -in hmac.bin > sig.bin
openssl pkeyutl -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1  -pkeyopt digest:sha256 -verify -inkey "pri.key" -in hmac.bin -sigfile sig.bin
```
 2017-05-15 19:42:19 -07:00
Olivier Chéron
554f0fc701 Restore Haddock comment in tutorial module 
Need to use ordinary comments instead of nested comments
because LANGUAGE pragmas were removed otherwise.

Also adds a table of contents.  We may have other examples
in the future.
 2017-05-05 07:21:52 +02:00
Parnell Springmeyer
94d67ad86d
ed25519: Adding generateSecretKey and a unit test 2017-05-02 16:18:26 -05:00
Vincent Hanquez
67dd8ed7fc [Hash] change Digest to use a foundation UArray that have configurable pinnable memory setting 2017-04-25 14:23:13 +01:00
Vincent Hanquez
a9fd1f079d [Hash] update part of Crypto.Hash.IO to ScopeTypeVariable 2017-04-25 14:22:20 +01:00
Vincent Hanquez
53bd6c13b7 Add missing extension 2017-04-25 14:21:53 +01:00
Vincent Hanquez
ba1dfdf66d [Hash] stylistic improvement using ScopedTypeVariables 
remove the inner function with magic argument in favor of direct
call pinning some types with signature
 2017-04-25 14:16:11 +01:00
Dimitri DeFigueiredo
4aec5fc98e Fix issue #154 2017-04-21 13:51:52 -06:00
Vincent Hanquez
4f988181c7 Merge pull request #150 from SamProtas/twofish 
Twofish
 2017-04-12 07:47:19 +01:00
Kazu Yamamoto
697fe61f9b using pointSize in withTempPoint to fix #151. 2017-04-11 20:32:57 +09:00
Sam Protas
04b4c945c0 Add import to fix backwards compatibility 2017-04-10 00:57:49 -04:00
Sam Protas
762d818ec0 Twofish 192 and 256 bit key support 2017-04-10 00:33:54 -04:00
Olivier Chéron
112d2fbb15 Decrease Argon2 maximum output length 
Fixes #148.
 2017-04-09 17:18:26 +02:00
Sam Protas
b658c8a99b Cleanup and performance 2017-04-04 19:29:40 -04:00
Sam Protas
b1a9c7c047 Performance improvements 2017-04-02 19:36:58 -04:00
Sam Protas
7eedbaa112 Initial implementaiton with passing tests 2017-04-02 18:34:10 -04:00
Vincent Hanquez
2d25b27042 Merge pull request #145 from tdietert/tutorial 
Tutorial Improvement
 2017-03-26 09:27:58 +01:00
tdietert
f639ac9f0d
Update tutorial based on suggestions 2017-03-26 00:47:02 +00:00
tdietert
fd75eac415 Fix Crypto.Tutorial module name 2017-03-19 00:37:36 +00:00
tdietert
ec49ea659e Move language pragmas inside haddocks 2017-03-19 00:02:07 +00:00
tdietert
c76217f75d Added more comprehensive tutorial 2017-03-18 23:57:24 +00:00
Nicolas DI PRIMA
8b6bd1ed5e check for at least one byte and at most 256 or 512 (blake2s or blake2b) 2017-03-13 18:53:07 +00:00
Nicolas DI PRIMA
f0286281fb add new constraints 2017-03-13 18:52:24 +00:00