crypto-api-0.13.2: A generic interface for cryptographic operations

Safe HaskellNone
LanguageHaskell98

Crypto.Util

Description

A small selection of utilities that might be of use to others working with bytestring/number combinations.

Synopsis

Documentation

incBS :: ByteString -> ByteString #

incBS bs inefficiently computes the value i2bs (8 * B.length bs) (bs2i bs + 1)

i2bs :: Int -> Integer -> ByteString #

i2bs bitLen i converts i to a ByteString of bitLen bits (must be a multiple of 8).

i2bs_unsized :: Integer -> ByteString #

i2bs_unsized i converts i to a ByteString of sufficient bytes to express the integer. The integer must be non-negative and a zero will be encoded in one byte.

throwLeft :: Exception e => Either e a -> a #

Useful utility to extract the result of a generator operation and translate error results to exceptions.

for :: Tagged a b -> a -> b #

Obtain a tagged value for a particular instantiated type.

(.::.) :: Tagged a b -> a -> b #

Infix for operator

constTimeEq :: ByteString -> ByteString -> Bool #

Checks two bytestrings for equality without breaches for timing attacks.

Semantically, constTimeEq = (==). However, x == y takes less time when the first byte is different than when the first byte is equal. This side channel allows an attacker to mount a timing attack. On the other hand, constTimeEq always takes the same time regardless of the bytestrings' contents, unless they are of difference size.

You should always use constTimeEq when comparing secrets, otherwise you may leave a significant security hole (cf. http://codahale.com/a-lesson-in-timing-attacks/).

bs2i :: ByteString -> Integer #

Helper function to convert bytestrings to integers

zwp' :: ByteString -> ByteString -> ByteString #

zipWith xor + Pack As a result of rewrite rules, this should automatically be optimized (at compile time). to use the bytestring libraries zipWith' function.

zwp :: ByteString -> ByteString -> ByteString #

zipWith xor + Pack

This is written intentionally to take advantage of the bytestring libraries zipWith' rewrite rule but at the extra cost of the resulting lazy bytestring being more fragmented than either of the two inputs.