hs-tls/Network/TLS/Crypto.hs

{-# OPTIONS_HADDOCK hide #-}
module Network.TLS.Crypto
	( HashType(..)
	, HashCtx

	-- * incremental interface with algorithm type wrapping for genericity
	, initHash
	, updateHash
	, finalizeHash

	-- * single pass lazy bytestring interface for each algorithm
	, hashMD5
	, hashSHA1
	-- * incremental interface for each algorithm
	, initMD5
	, updateMD5
	, finalizeMD5
	, initSHA1
	, updateSHA1
	, finalizeSHA1

	-- * key exchange generic interface
	, PublicKey(..)
	, PrivateKey(..)
	, kxEncrypt
	, kxDecrypt
	, KxError(..)
	) where

import qualified Crypto.Hash.SHA1 as SHA1
import qualified Crypto.Hash.MD5 as MD5
import qualified Data.ByteString as B
import Data.ByteString (ByteString)
import qualified Crypto.Cipher.RSA as RSA
import Crypto.Random (CryptoRandomGen)

data PublicKey = PubRSA RSA.PublicKey

data PrivateKey = PrivRSA RSA.PrivateKey

instance Show PublicKey where
	show (_) = "PublicKey(..)"

instance Show PrivateKey where
	show (_) = "privateKey(..)"

data KxError = RSAError RSA.Error
	deriving (Show)

data HashCtx =
	  SHA1 !SHA1.Ctx
	| MD5 !MD5.Ctx

data KeyXchg =
	  KxRSA RSA.PublicKey RSA.PrivateKey
	deriving (Show)

instance Show HashCtx where
	show (SHA1 _) = "sha1"
	show (MD5 _) = "md5"

data HashType = HashTypeSHA1 | HashTypeMD5

{- MD5 -}

initMD5 :: MD5.Ctx
initMD5 = MD5.init

updateMD5 :: MD5.Ctx -> ByteString -> MD5.Ctx
updateMD5 = MD5.update

finalizeMD5 :: MD5.Ctx -> ByteString
finalizeMD5 = MD5.finalize

hashMD5 :: ByteString -> ByteString
hashMD5 = MD5.hash

{- SHA1 -}

initSHA1 :: SHA1.Ctx
initSHA1 = SHA1.init

updateSHA1 :: SHA1.Ctx -> ByteString -> SHA1.Ctx
updateSHA1 = SHA1.update

finalizeSHA1 :: SHA1.Ctx -> ByteString
finalizeSHA1 = SHA1.finalize

hashSHA1 :: ByteString -> ByteString
hashSHA1 = SHA1.hash

{- generic Hashing -}

initHash :: HashType -> HashCtx
initHash HashTypeSHA1 = SHA1 (initSHA1)
initHash HashTypeMD5  = MD5 (initMD5)

updateHash :: HashCtx -> B.ByteString -> HashCtx
updateHash (SHA1 ctx) = SHA1 . updateSHA1 ctx
updateHash (MD5 ctx)  = MD5 . updateMD5 ctx

finalizeHash :: HashCtx -> B.ByteString
finalizeHash (SHA1 ctx) = finalizeSHA1 ctx
finalizeHash (MD5 ctx)  = finalizeMD5 ctx

{- key exchange methods encrypt and decrypt for each supported algorithm -}
generalizeRSAError :: Either RSA.Error a -> Either KxError a
generalizeRSAError (Left e)  = Left (RSAError e)
generalizeRSAError (Right x) = Right x

kxEncrypt :: CryptoRandomGen g => g -> PublicKey -> ByteString -> Either KxError (ByteString, g)
kxEncrypt g (PubRSA pk) b = generalizeRSAError $ RSA.encrypt g pk b

kxDecrypt :: PrivateKey -> ByteString -> Either KxError ByteString
kxDecrypt (PrivRSA pk) b  = generalizeRSAError $ RSA.decrypt pk b
add more haddock related stuff 2011-03-02 08:43:05 +00:00			`{-# OPTIONS_HADDOCK hide #-}`
initial import 2010-09-09 21:47:19 +00:00			`module Network.TLS.Crypto`
			`( HashType(..)`
			`, HashCtx`

			`-- * incremental interface with algorithm type wrapping for genericity`
			`, initHash`
			`, updateHash`
			`, finalizeHash`

			`-- * single pass lazy bytestring interface for each algorithm`
			`, hashMD5`
			`, hashSHA1`
			`-- * incremental interface for each algorithm`
			`, initMD5`
			`, updateMD5`
			`, finalizeMD5`
			`, initSHA1`
			`, updateSHA1`
			`, finalizeSHA1`

Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`-- * key exchange generic interface`
initial import 2010-09-09 21:47:19 +00:00			`, PublicKey(..)`
			`, PrivateKey(..)`
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`, kxEncrypt`
			`, kxDecrypt`
			`, KxError(..)`
initial import 2010-09-09 21:47:19 +00:00			`) where`

depends on cryptohash 0.6 and adapt to the new modules location. 2010-10-24 10:36:36 +00:00			`import qualified Crypto.Hash.SHA1 as SHA1`
			`import qualified Crypto.Hash.MD5 as MD5`
initial import 2010-09-09 21:47:19 +00:00			`import qualified Data.ByteString as B`
use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`import Data.ByteString (ByteString)`
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`import qualified Crypto.Cipher.RSA as RSA`
			`import Crypto.Random (CryptoRandomGen)`

			`data PublicKey = PubRSA RSA.PublicKey`

			`data PrivateKey = PrivRSA RSA.PrivateKey`

			`instance Show PublicKey where`
			`show (_) = "PublicKey(..)"`

			`instance Show PrivateKey where`
			`show (_) = "privateKey(..)"`

			`data KxError = RSAError RSA.Error`
			`deriving (Show)`
initial import 2010-09-09 21:47:19 +00:00
			`data HashCtx =`
			`SHA1 !SHA1.Ctx`
			`\| MD5 !MD5.Ctx`

Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`data KeyXchg =`
			`KxRSA RSA.PublicKey RSA.PrivateKey`
			`deriving (Show)`

initial import 2010-09-09 21:47:19 +00:00			`instance Show HashCtx where`
			`show (SHA1 _) = "sha1"`
			`show (MD5 _) = "md5"`

			`data HashType = HashTypeSHA1 \| HashTypeMD5`

			`{- MD5 -}`

			`initMD5 :: MD5.Ctx`
			`initMD5 = MD5.init`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`updateMD5 :: MD5.Ctx -> ByteString -> MD5.Ctx`
initial import 2010-09-09 21:47:19 +00:00			`updateMD5 = MD5.update`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`finalizeMD5 :: MD5.Ctx -> ByteString`
initial import 2010-09-09 21:47:19 +00:00			`finalizeMD5 = MD5.finalize`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`hashMD5 :: ByteString -> ByteString`
			`hashMD5 = MD5.hash`
initial import 2010-09-09 21:47:19 +00:00
			`{- SHA1 -}`

			`initSHA1 :: SHA1.Ctx`
			`initSHA1 = SHA1.init`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`updateSHA1 :: SHA1.Ctx -> ByteString -> SHA1.Ctx`
initial import 2010-09-09 21:47:19 +00:00			`updateSHA1 = SHA1.update`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`finalizeSHA1 :: SHA1.Ctx -> ByteString`
initial import 2010-09-09 21:47:19 +00:00			`finalizeSHA1 = SHA1.finalize`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`hashSHA1 :: ByteString -> ByteString`
			`hashSHA1 = SHA1.hash`
initial import 2010-09-09 21:47:19 +00:00
			`{- generic Hashing -}`

			`initHash :: HashType -> HashCtx`
			`initHash HashTypeSHA1 = SHA1 (initSHA1)`
			`initHash HashTypeMD5 = MD5 (initMD5)`

			`updateHash :: HashCtx -> B.ByteString -> HashCtx`
			`updateHash (SHA1 ctx) = SHA1 . updateSHA1 ctx`
			`updateHash (MD5 ctx) = MD5 . updateMD5 ctx`

			`finalizeHash :: HashCtx -> B.ByteString`
			`finalizeHash (SHA1 ctx) = finalizeSHA1 ctx`
			`finalizeHash (MD5 ctx) = finalizeMD5 ctx`

Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`{- key exchange methods encrypt and decrypt for each supported algorithm -}`
			`generalizeRSAError :: Either RSA.Error a -> Either KxError a`
			`generalizeRSAError (Left e) = Left (RSAError e)`
			`generalizeRSAError (Right x) = Right x`
initial import 2010-09-09 21:47:19 +00:00
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`kxEncrypt :: CryptoRandomGen g => g -> PublicKey -> ByteString -> Either KxError (ByteString, g)`
			`kxEncrypt g (PubRSA pk) b = generalizeRSAError $ RSA.encrypt g pk b`
use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`kxDecrypt :: PrivateKey -> ByteString -> Either KxError ByteString`
			`kxDecrypt (PrivRSA pk) b = generalizeRSAError $ RSA.decrypt pk b`