License	BSD-style
Maintainer	Vincent Hanquez <vincent@snarc.org>
Stability	stable
Portability	good
Safe Haskell	Safe-Inferred
Language	Haskell98

Crypto.Cipher.AES

Contents

block cipher data types
IV
Authenticated encryption block cipher types
creation
misc
encryption
decryption

Description

Synopsis

data AES
data AES128
data AES192
data AES256
data AESIV
aesIV_ :: ByteString -> AESIV
data AESGCM
initAES :: Byteable b => b -> AES
initKey :: Byteable b => b -> AES
genCTR :: Byteable iv => AES -> iv -> Int -> ByteString
genCounter :: AES -> AESIV -> Int -> (ByteString, AESIV)
encryptECB :: AES -> ByteString -> ByteString
encryptCBC :: Byteable iv => AES -> iv -> ByteString -> ByteString
encryptCTR :: Byteable iv => AES -> iv -> ByteString -> ByteString
encryptXTS :: Byteable iv => (AES, AES) -> iv -> Word32 -> ByteString -> ByteString
encryptGCM :: Byteable iv => AES -> iv -> ByteString -> ByteString -> (ByteString, AuthTag)
encryptOCB :: Byteable iv => AES -> iv -> ByteString -> ByteString -> (ByteString, AuthTag)
decryptECB :: AES -> ByteString -> ByteString
decryptCBC :: Byteable iv => AES -> iv -> ByteString -> ByteString
decryptCTR :: Byteable iv => AES -> iv -> ByteString -> ByteString
decryptXTS :: Byteable iv => (AES, AES) -> iv -> Word32 -> ByteString -> ByteString
decryptGCM :: Byteable iv => AES -> iv -> ByteString -> ByteString -> (ByteString, AuthTag)
decryptOCB :: Byteable iv => AES -> iv -> ByteString -> ByteString -> (ByteString, AuthTag)

block cipher data types

data AES Source #

AES Context (pre-processed key)

Instances

Instances details

Cipher AES Source #
Instance details Defined in Crypto.Cipher.AES Methods cipherInit :: Key AES -> AES Source # cipherName :: AES -> String Source # cipherKeySize :: AES -> KeySizeSpecifier Source #
BlockCipher AES Source #
Instance details Defined in Crypto.Cipher.AES Methods blockSize :: AES -> Int Source # ecbEncrypt :: AES -> ByteString -> ByteString Source # ecbDecrypt :: AES -> ByteString -> ByteString Source # cbcEncrypt :: AES -> IV AES -> ByteString -> ByteString Source # cbcDecrypt :: AES -> IV AES -> ByteString -> ByteString Source # cfbEncrypt :: AES -> IV AES -> ByteString -> ByteString Source # cfbDecrypt :: AES -> IV AES -> ByteString -> ByteString Source # ctrCombine :: AES -> IV AES -> ByteString -> ByteString Source # xtsEncrypt :: (AES, AES) -> IV AES -> DataUnitOffset -> ByteString -> ByteString Source # xtsDecrypt :: (AES, AES) -> IV AES -> DataUnitOffset -> ByteString -> ByteString Source # aeadInit :: Byteable iv => AEADMode -> AES -> iv -> Maybe (AEAD AES) Source #
AEADModeImpl AES AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES -> AESGCM -> Int -> AuthTag Source #

data AES128 Source #

AES with 128 bit key

Instances

Instances details

Cipher AES128 Source #
Instance details Defined in Crypto.Cipher.AES Methods cipherInit :: Key AES128 -> AES128 Source # cipherName :: AES128 -> String Source # cipherKeySize :: AES128 -> KeySizeSpecifier Source #
BlockCipher AES128 Source #
Instance details Defined in Crypto.Cipher.AES Methods blockSize :: AES128 -> Int Source # ecbEncrypt :: AES128 -> ByteString -> ByteString Source # ecbDecrypt :: AES128 -> ByteString -> ByteString Source # cbcEncrypt :: AES128 -> IV AES128 -> ByteString -> ByteString Source # cbcDecrypt :: AES128 -> IV AES128 -> ByteString -> ByteString Source # cfbEncrypt :: AES128 -> IV AES128 -> ByteString -> ByteString Source # cfbDecrypt :: AES128 -> IV AES128 -> ByteString -> ByteString Source # ctrCombine :: AES128 -> IV AES128 -> ByteString -> ByteString Source # xtsEncrypt :: (AES128, AES128) -> IV AES128 -> DataUnitOffset -> ByteString -> ByteString Source # xtsDecrypt :: (AES128, AES128) -> IV AES128 -> DataUnitOffset -> ByteString -> ByteString Source # aeadInit :: Byteable iv => AEADMode -> AES128 -> iv -> Maybe (AEAD AES128) Source #
AEADModeImpl AES128 AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES128 -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES128 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES128 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES128 -> AESGCM -> Int -> AuthTag Source #

data AES192 Source #

AES with 192 bit key

Instances

Instances details

Cipher AES192 Source #
Instance details Defined in Crypto.Cipher.AES Methods cipherInit :: Key AES192 -> AES192 Source # cipherName :: AES192 -> String Source # cipherKeySize :: AES192 -> KeySizeSpecifier Source #
BlockCipher AES192 Source #
Instance details Defined in Crypto.Cipher.AES Methods blockSize :: AES192 -> Int Source # ecbEncrypt :: AES192 -> ByteString -> ByteString Source # ecbDecrypt :: AES192 -> ByteString -> ByteString Source # cbcEncrypt :: AES192 -> IV AES192 -> ByteString -> ByteString Source # cbcDecrypt :: AES192 -> IV AES192 -> ByteString -> ByteString Source # cfbEncrypt :: AES192 -> IV AES192 -> ByteString -> ByteString Source # cfbDecrypt :: AES192 -> IV AES192 -> ByteString -> ByteString Source # ctrCombine :: AES192 -> IV AES192 -> ByteString -> ByteString Source # xtsEncrypt :: (AES192, AES192) -> IV AES192 -> DataUnitOffset -> ByteString -> ByteString Source # xtsDecrypt :: (AES192, AES192) -> IV AES192 -> DataUnitOffset -> ByteString -> ByteString Source # aeadInit :: Byteable iv => AEADMode -> AES192 -> iv -> Maybe (AEAD AES192) Source #
AEADModeImpl AES192 AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES192 -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES192 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES192 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES192 -> AESGCM -> Int -> AuthTag Source #

data AES256 Source #

AES with 256 bit key

Instances

Instances details

Cipher AES256 Source #
Instance details Defined in Crypto.Cipher.AES Methods cipherInit :: Key AES256 -> AES256 Source # cipherName :: AES256 -> String Source # cipherKeySize :: AES256 -> KeySizeSpecifier Source #
BlockCipher AES256 Source #
Instance details Defined in Crypto.Cipher.AES Methods blockSize :: AES256 -> Int Source # ecbEncrypt :: AES256 -> ByteString -> ByteString Source # ecbDecrypt :: AES256 -> ByteString -> ByteString Source # cbcEncrypt :: AES256 -> IV AES256 -> ByteString -> ByteString Source # cbcDecrypt :: AES256 -> IV AES256 -> ByteString -> ByteString Source # cfbEncrypt :: AES256 -> IV AES256 -> ByteString -> ByteString Source # cfbDecrypt :: AES256 -> IV AES256 -> ByteString -> ByteString Source # ctrCombine :: AES256 -> IV AES256 -> ByteString -> ByteString Source # xtsEncrypt :: (AES256, AES256) -> IV AES256 -> DataUnitOffset -> ByteString -> ByteString Source # xtsDecrypt :: (AES256, AES256) -> IV AES256 -> DataUnitOffset -> ByteString -> ByteString Source # aeadInit :: Byteable iv => AEADMode -> AES256 -> iv -> Maybe (AEAD AES256) Source #
AEADModeImpl AES256 AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES256 -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES256 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES256 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES256 -> AESGCM -> Int -> AuthTag Source #

IV

data AESIV Source #

AES IV is always 16 bytes

Instances

Instances details

Show AESIV Source #
Instance details Defined in Crypto.Cipher.AES Methods showsPrec :: Int -> AESIV -> ShowS Source # show :: AESIV -> String Source # showList :: [AESIV] -> ShowS Source #
Byteable AESIV Source #
Instance details Defined in Crypto.Cipher.AES Methods toBytes :: AESIV -> ByteString Source # byteableLength :: AESIV -> Int Source # withBytePtr :: AESIV -> (Ptr Word8 -> IO b) -> IO b Source #
Eq AESIV Source #
Instance details Defined in Crypto.Cipher.AES Methods (==) :: AESIV -> AESIV -> Bool Source # (/=) :: AESIV -> AESIV -> Bool Source #

aesIV_ :: ByteString -> AESIV Source #

convert a bytestring to an AESIV

Authenticated encryption block cipher types

data AESGCM Source #

AESGCM State

Instances

Instances details

AEADModeImpl AES AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES -> AESGCM -> Int -> AuthTag Source #
AEADModeImpl AES128 AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES128 -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES128 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES128 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES128 -> AESGCM -> Int -> AuthTag Source #
AEADModeImpl AES192 AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES192 -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES192 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES192 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES192 -> AESGCM -> Int -> AuthTag Source #
AEADModeImpl AES256 AESGCM Source #
Instance details Defined in Crypto.Cipher.AES Methods aeadStateAppendHeader :: AES256 -> AESGCM -> ByteString -> AESGCM Source # aeadStateEncrypt :: AES256 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateDecrypt :: AES256 -> AESGCM -> ByteString -> (ByteString, AESGCM) Source # aeadStateFinalize :: AES256 -> AESGCM -> Int -> AuthTag Source #

creation

initAES :: Byteable b => b -> AES Source #

Initialize a new context with a key

Key need to be of length 16, 24 or 32 bytes. any other values will cause undefined behavior

initKey :: Byteable b => b -> AES Source #

Deprecated: use initAES

misc

genCTR Source #

Arguments

:: Byteable iv
=> AES	Cipher Key.
-> iv	usually a 128 bit integer.
-> Int	length of bytes required.
-> ByteString

generate a counter mode pad. this is generally xor-ed to an input to make the standard counter mode block operations.

if the length requested is not a multiple of the block cipher size, more data will be returned, so that the returned bytestring is a multiple of the block cipher size.

genCounter :: AES -> AESIV -> Int -> (ByteString, AESIV) Source #

generate a counter mode pad. this is generally xor-ed to an input to make the standard counter mode block operations.

if the length requested is not a multiple of the block cipher size, more data will be returned, so that the returned bytestring is a multiple of the block cipher size.

Similiar to genCTR but also return the next IV for continuation

encryption

encryptECB :: AES -> ByteString -> ByteString Source #

encrypt using Electronic Code Book (ECB)

encryptCBC Source #

Arguments

:: Byteable iv
=> AES	AES Context
-> iv	Initial vector of AES block size
-> ByteString	plaintext
-> ByteString	ciphertext

encrypt using Cipher Block Chaining (CBC)

encryptCTR Source #

Arguments

:: Byteable iv
=> AES	AES Context
-> iv	initial vector of AES block size (usually representing a 128 bit integer)
-> ByteString	plaintext input
-> ByteString	ciphertext output

encrypt using Counter mode (CTR)

in CTR mode encryption and decryption is the same operation.

encryptXTS Source #

Arguments

:: Byteable iv
=> (AES, AES)	AES cipher and tweak context
-> iv	a 128 bits IV, typically a sector or a block offset in XTS
-> Word32	number of rounds to skip, also seen a 16 byte offset in the sector or block.
-> ByteString	input to encrypt
-> ByteString	output encrypted

encrypt using XTS

the first key is the normal block encryption key the second key is used for the initial block tweak

encryptGCM Source #

Arguments

:: Byteable iv
=> AES	AES Context
-> iv	IV initial vector of any size
-> ByteString	data to authenticate (AAD)
-> ByteString	data to encrypt
-> (ByteString, AuthTag)	ciphertext and tag

encrypt using Galois counter mode (GCM) return the encrypted bytestring and the tag associated

note: encrypted data is identical to CTR mode in GCM, however a tag is also computed.

encryptOCB Source #

Arguments

:: Byteable iv
=> AES	AES Context
-> iv	IV initial vector of any size
-> ByteString	data to authenticate (AAD)
-> ByteString	data to encrypt
-> (ByteString, AuthTag)	ciphertext and tag

encrypt using OCB v3 return the encrypted bytestring and the tag associated

decryption

decryptECB :: AES -> ByteString -> ByteString Source #

decrypt using Electronic Code Book (ECB)

decryptCBC :: Byteable iv => AES -> iv -> ByteString -> ByteString Source #

decrypt using Cipher block chaining (CBC)

decryptCTR Source #

Arguments

:: Byteable iv
=> AES	AES Context
-> iv	initial vector, usually representing a 128 bit integer
-> ByteString	ciphertext input
-> ByteString	plaintext output

decrypt using Counter mode (CTR).

in CTR mode encryption and decryption is the same operation.

decryptXTS Source #

Arguments

:: Byteable iv
=> (AES, AES)	AES cipher and tweak context
-> iv	a 128 bits IV, typically a sector or a block offset in XTS
-> Word32	number of rounds to skip, also seen a 16 byte offset in the sector or block.
-> ByteString	input to decrypt
-> ByteString	output decrypted

decrypt using XTS

decryptGCM Source #

Arguments

:: Byteable iv
=> AES	Key
-> iv	IV initial vector of any size
-> ByteString	data to authenticate (AAD)
-> ByteString	data to decrypt
-> (ByteString, AuthTag)	plaintext and tag

decrypt using Galois Counter Mode (GCM)

decryptOCB Source #

Arguments

:: Byteable iv
=> AES	Key
-> iv	IV initial vector of any size
-> ByteString	data to authenticate (AAD)
-> ByteString	data to decrypt
-> (ByteString, AuthTag)	plaintext and tag

decrypt using Offset Codebook Mode (OCB)