cryptonite-0.15: Cryptography Primitives sink

LicenseBSD-style
MaintainerVincent Hanquez <vincent@snarc.org>
Stabilityexperimental
PortabilityGood
Safe HaskellNone
LanguageHaskell2010

Crypto.PubKey.RSA.PKCS15

Contents

Description

 

Synopsis

padding and unpadding

pad :: (MonadRandom m, ByteArray message) => Int -> message -> m (Either Error message)

This produce a standard PKCS1.5 padding for encryption

padSignature :: ByteArray signature => Int -> signature -> Either Error signature

Produce a standard PKCS1.5 padding for signature

unpad :: ByteArray bytearray => bytearray -> Either Error bytearray

Try to remove a standard PKCS1.5 encryption padding.

private key operations

decrypt

Arguments

:: Maybe Blinder

optional blinder

-> PrivateKey

RSA private key

-> ByteString

cipher text

-> Either Error ByteString 

decrypt message using the private key.

When the decryption is not in a context where an attacker could gain information from the timing of the operation, the blinder can be set to None.

If unsure always set a blinder or use decryptSafer

decryptSafer

Arguments

:: MonadRandom m 
=> PrivateKey

RSA private key

-> ByteString

cipher text

-> m (Either Error ByteString) 

decrypt message using the private key and by automatically generating a blinder.

sign

Arguments

:: HashAlgorithmASN1 hashAlg 
=> Maybe Blinder

optional blinder

-> Maybe hashAlg

hash algorithm

-> PrivateKey

private key

-> ByteString

message to sign

-> Either Error ByteString 

sign message using private key, a hash and its ASN1 description

When the signature is not in a context where an attacker could gain information from the timing of the operation, the blinder can be set to None.

If unsure always set a blinder or use signSafer

signSafer

Arguments

:: (HashAlgorithmASN1 hashAlg, MonadRandom m) 
=> Maybe hashAlg

Hash algorithm

-> PrivateKey

private key

-> ByteString

message to sign

-> m (Either Error ByteString) 

sign message using the private key and by automatically generating a blinder.

public key operations

encrypt :: MonadRandom m => PublicKey -> ByteString -> m (Either Error ByteString)

encrypt a bytestring using the public key.

the message needs to be smaller than the key size - 11

verify :: HashAlgorithmASN1 hashAlg => Maybe hashAlg -> PublicKey -> ByteString -> ByteString -> Bool

verify message with the signed message

hash ASN1 description

class HashAlgorithm hashAlg => HashAlgorithmASN1 hashAlg

A specialized class for hash algorithm that can product a ASN1 wrapped description the algorithm plus the content of the digest.

Minimal complete definition

hashDigestASN1