| Copyright | (c) 2025 Jared Tobin |
|---|---|
| License | MIT |
| Maintainer | Jared Tobin <jared@ppad.tech> |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.AEAD.ChaCha20Poly1305
Description
A pure AEAD-ChaCha20-Poly1305 implementation, as specified by RFC 8439.
Synopsis
- encrypt :: ByteString -> ByteString -> ByteString -> ByteString -> Either Error (ByteString, ByteString)
- decrypt :: ByteString -> ByteString -> ByteString -> (ByteString, ByteString) -> Either Error ByteString
- data Error
AEAD construction
Arguments
| :: ByteString | arbitrary-length additional authenticated data |
| -> ByteString | 256-bit key |
| -> ByteString | 96-bit nonce |
| -> ByteString | arbitrary-length plaintext |
| -> Either Error (ByteString, ByteString) | (ciphertext, 128-bit MAC) |
Perform authenticated encryption on a plaintext and some additional authenticated data, given a 256-bit key and 96-bit nonce, using AEAD-ChaCha20-Poly1305.
Produces a ciphertext and 128-bit message authentication code pair.
>>>let key = "don't tell anyone my secret key!">>>let non = "or my nonce!">>>let pan = "and here's my plaintext">>>let aad = "i approve this message">>>let Right (cip, mac) = encrypt aad key nonce pan>>>(cip, mac)<(ciphertext, 128-bit MAC)>
Arguments
| :: ByteString | arbitrary-length AAD |
| -> ByteString | 256-bit key |
| -> ByteString | 96-bit nonce |
| -> (ByteString, ByteString) | (arbitrary-length ciphertext, 128-bit MAC) |
| -> Either Error ByteString |
Decrypt an authenticated ciphertext, given a message authentication code and some additional authenticated data, via a 256-bit key and 96-bit nonce.
>>>decrypt aad key non (cip, mac)Right "and here's my plaintext">>>decrypt aad key non (cip, "it's a valid mac")Left InvalidMAC
Error information
Error values.
Constructors
| InvalidKey | the provided key was not 256 bits long |
| InvalidNonce | the provided nonce was not 96 bits long |
| InvalidMAC | the provided MAC does not authenticate the ciphertext |