| Copyright | (c) 2025 Jared Tobin |
|---|---|
| License | MIT |
| Maintainer | Jared Tobin <jared@ppad.tech> |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.AEAD.ChaCha20Poly1305
Contents
Description
A pure AEAD-ChaCha20-Poly1305 implementation, as specified by RFC 8439.
Synopsis
- encrypt :: ByteString -> ByteString -> ByteString -> ByteString -> (ByteString, ByteString)
- decrypt :: ByteString -> ByteString -> ByteString -> (ByteString, ByteString) -> Maybe ByteString
AEAD construction
Arguments
| :: ByteString | arbitrary-length additional authenticated data |
| -> ByteString | 256-bit key |
| -> ByteString | 96-bit nonce |
| -> ByteString | arbitrary-length plaintext |
| -> (ByteString, ByteString) | (ciphertext, 128-bit MAC) |
Perform authenticated encryption on a plaintext and some additional authenticated data, given a 256-bit key and 96-bit nonce, using AEAD-ChaCha20-Poly1305.
Produces a ciphertext and 128-bit message authentication code pair.
Providing an invalid key or nonce will result in an ErrorCall
exception being thrown.
>>>let key = "don't tell anyone my secret key!">>>let non = "or my nonce!">>>let pan = "and here's my plaintext">>>let aad = "i approve this message">>>let (cip, mac) = encrypt aad key nonce pan>>>(cip, mac)<(ciphertext, 128-bit MAC)>
Arguments
| :: ByteString | arbitrary-length AAD |
| -> ByteString | 256-bit key |
| -> ByteString | 96-bit nonce |
| -> (ByteString, ByteString) | (arbitrary-length ciphertext, 128-bit MAC) |
| -> Maybe ByteString |
Decrypt an authenticated ciphertext, given a message authentication code and some additional authenticated data, via a 256-bit key and 96-bit nonce.
Returns Nothing if the MAC fails to validate.
Providing an invalid key or nonce will result in an ErrorCall
exception being thrown.
>>>decrypt aad key non (cip, mac)Just "and here's my plaintext">>>decrypt aad key non (cip, "it's a valid mac")Nothing