libghc-crypto-pubkey-doc 0.2.8-7 / usr / share / doc / libghc-crypto-pubkey-doc / html / crypto-pubkey.txt

This file is indexed.

/usr/share/doc/libghc-crypto-pubkey-doc/html/crypto-pubkey.txt is in libghc-crypto-pubkey-doc 0.2.8-7.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Public Key cryptography
--   
--   Public Key cryptography
--   
--   Supports RSA PKCS15, RSA OAEP, RSA PSS, DSA, ElGamal signature.
--   
--   Also have primitive support for Diffie Hellman, and ElGamal encryption
@package crypto-pubkey
@version 0.2.8


-- | Standard digests wrapped in ASN1 structure
module Crypto.PubKey.HashDescr

-- | A standard hash function returning a digest object
type HashFunction = ByteString -> ByteString

-- | Describe a hash function and a way to wrap the digest into an DER
--   encoded ASN1 marshalled structure.
data HashDescr
HashDescr :: HashFunction -> (ByteString -> ByteString) -> HashDescr

-- | hash function
[hashFunction] :: HashDescr -> HashFunction

-- | convertion to an ASN1 wrapped digest bytestring
[digestToASN1] :: HashDescr -> ByteString -> ByteString

-- | Describe the MD2 hashing algorithm
hashDescrMD2 :: HashDescr

-- | Describe the MD5 hashing algorithm
hashDescrMD5 :: HashDescr

-- | Describe the SHA1 hashing algorithm
hashDescrSHA1 :: HashDescr

-- | Describe the SHA224 hashing algorithm
hashDescrSHA224 :: HashDescr

-- | Describe the SHA256 hashing algorithm
hashDescrSHA256 :: HashDescr

-- | Describe the SHA384 hashing algorithm
hashDescrSHA384 :: HashDescr

-- | Describe the SHA512 hashing algorithm
hashDescrSHA512 :: HashDescr

-- | Describe the RIPEMD160 hashing algorithm
hashDescrRIPEMD160 :: HashDescr


module Crypto.PubKey.RSA.Prim

-- | Compute the RSA decrypt primitive. if the p and q numbers are
--   available, then dpFast is used otherwise, we use dpSlow which only
--   need d and n.
dp :: Maybe Blinder -> PrivateKey -> ByteString -> ByteString

-- | Compute the RSA encrypt primitive
ep :: PublicKey -> ByteString -> ByteString


module Crypto.PubKey.RSA

-- | error possible during encryption, decryption or signing.
data Error

-- | the message to decrypt is not of the correct size (need to be ==
--   private_size)
MessageSizeIncorrect :: Error

-- | the message to encrypt is too long
MessageTooLong :: Error

-- | the message decrypted doesn't have a PKCS15 structure (0 2 .. 0 msg)
MessageNotRecognized :: Error

-- | the message's digest is too long
SignatureTooLong :: Error

-- | some parameters lead to breaking assumptions.
InvalidParameters :: Error

-- | Represent a RSA public key
data PublicKey :: *
PublicKey :: Int -> Integer -> Integer -> PublicKey

-- | size of key in bytes
[public_size] :: PublicKey -> Int

-- | public p*q
[public_n] :: PublicKey -> Integer

-- | public exponant e
[public_e] :: PublicKey -> Integer

-- | Represent a RSA private key.
--   
--   Only the pub, d fields are mandatory to fill.
--   
--   p, q, dP, dQ, qinv are by-product during RSA generation, but are
--   useful to record here to speed up massively the decrypt and sign
--   operation.
--   
--   implementations can leave optional fields to 0.
data PrivateKey :: *
PrivateKey :: PublicKey -> Integer -> Integer -> Integer -> Integer -> Integer -> Integer -> PrivateKey

-- | public part of a private key (size, n and e)
[private_pub] :: PrivateKey -> PublicKey

-- | private exponant d
[private_d] :: PrivateKey -> Integer

-- | p prime number
[private_p] :: PrivateKey -> Integer

-- | q prime number
[private_q] :: PrivateKey -> Integer

-- | d mod (p-1)
[private_dP] :: PrivateKey -> Integer

-- | d mod (q-1)
[private_dQ] :: PrivateKey -> Integer

-- | q^(-1) mod p
[private_qinv] :: PrivateKey -> Integer

-- | Blinder which is used to obfuscate the timing of the decryption
--   primitive (used by decryption and signing).
data Blinder
Blinder :: !Integer -> !Integer -> Blinder

-- | Generate a key pair given p and q.
--   
--   p and q need to be distinct prime numbers.
--   
--   e need to be coprime to phi=(p-1)*(q-1). If that's not the case, the
--   function will not return a key pair. A small hamming weight results in
--   better performance.
--   
--   <ul>
--   <li>e=0x10001 is a popular choice</li>
--   <li>e=3 is popular as well, but proven to not be as secure for some
--   cases.</li>
--   </ul>
generateWith :: (Integer, Integer) -> Int -> Integer -> Maybe (PublicKey, PrivateKey)

-- | generate a pair of (private, public) key of size in bytes.
generate :: CPRG g => g -> Int -> Integer -> ((PublicKey, PrivateKey), g)

-- | Generate a blinder to use with decryption and signing operation
--   
--   the unique parameter apart from the random number generator is the
--   public key value N.
generateBlinder :: CPRG g => g -> Integer -> (Blinder, g)


module Crypto.PubKey.RSA.PKCS15

-- | This produce a standard PKCS1.5 padding for encryption
pad :: CPRG g => g -> Int -> ByteString -> Either Error (ByteString, g)

-- | Produce a standard PKCS1.5 padding for signature
padSignature :: Int -> ByteString -> Either Error ByteString

-- | Try to remove a standard PKCS1.5 encryption padding.
unpad :: ByteString -> Either Error ByteString

-- | decrypt message using the private key.
--   
--   When the decryption is not in a context where an attacker could gain
--   information from the timing of the operation, the blinder can be set
--   to None.
--   
--   If unsure always set a blinder or use decryptSafer
decrypt :: Maybe Blinder -> PrivateKey -> ByteString -> Either Error ByteString

-- | decrypt message using the private key and by automatically generating
--   a blinder.
decryptSafer :: CPRG g => g -> PrivateKey -> ByteString -> (Either Error ByteString, g)

-- | sign message using private key, a hash and its ASN1 description
--   
--   When the signature is not in a context where an attacker could gain
--   information from the timing of the operation, the blinder can be set
--   to None.
--   
--   If unsure always set a blinder or use signSafer
sign :: Maybe Blinder -> HashDescr -> PrivateKey -> ByteString -> Either Error ByteString

-- | sign message using the private key and by automatically generating a
--   blinder.
signSafer :: CPRG g => g -> HashDescr -> PrivateKey -> ByteString -> (Either Error ByteString, g)

-- | encrypt a bytestring using the public key and a CPRG random generator.
--   
--   the message need to be smaller than the key size - 11
encrypt :: CPRG g => g -> PublicKey -> ByteString -> (Either Error ByteString, g)

-- | verify message with the signed message
verify :: HashDescr -> PublicKey -> ByteString -> ByteString -> Bool


-- | Elliptic Curve Arithmetic.
--   
--   <i>WARNING:</i> These functions are vulnerable to timing attacks.
module Crypto.PubKey.ECC.Prim

-- | Elliptic Curve point addition.
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
pointAdd :: Curve -> Point -> Point -> Point

-- | Elliptic Curve point doubling.
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
--   
--   This perform the following calculation: &gt; lambda = (3 * xp ^ 2 + a)
--   / 2 yp &gt; xr = lambda ^ 2 - 2 xp &gt; yr = lambda (xp - xr) - yp
--   
--   With binary curve: &gt; xp == 0 =&gt; P = O &gt; otherwise =&gt; &gt;
--   s = xp + (yp / xp) &gt; xr = s ^ 2 + s + a &gt; yr = xp ^ 2 + (s+1) *
--   xr
pointDouble :: Curve -> Point -> Point

-- | Elliptic curve point multiplication (double and add algorithm).
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
pointMul :: Curve -> Integer -> Point -> Point

-- | Check if a point is the point at infinity.
isPointAtInfinity :: Point -> Bool

-- | check if a point is on specific curve
--   
--   This perform three checks:
--   
--   <ul>
--   <li>x is not out of range</li>
--   <li>y is not out of range</li>
--   <li>the equation <tt>y^2 = x^3 + a*x + b (mod p)</tt> holds</li>
--   </ul>
isPointValid :: Curve -> Point -> Bool

module Crypto.PubKey.ECC.DH

-- | Define either a binary curve or a prime curve.
data Curve :: *

-- | ECC Public Point
type PublicPoint = Point

-- | ECC Private Number
type PrivateNumber = Integer

-- | Represent Diffie Hellman shared secret.
newtype SharedKey :: *
SharedKey :: Integer -> SharedKey

-- | Generating a private number d.
generatePrivate :: CPRG g => g -> Curve -> (PrivateNumber, g)

-- | Generating a public point Q.
calculatePublic :: Curve -> PrivateNumber -> PublicPoint

-- | Generating a shared key using our private number and the other party
--   public point.
getShared :: Curve -> PrivateNumber -> PublicPoint -> SharedKey


-- | <i>WARNING:</i> Signature operations may leak the private key.
--   Signature verification should be safe.
module Crypto.PubKey.ECC.ECDSA

-- | Sign message using the private key and an explicit k number.
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
signWith :: Integer -> PrivateKey -> HashFunction -> ByteString -> Maybe Signature

-- | Sign message using the private key.
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
sign :: CPRG g => g -> PrivateKey -> HashFunction -> ByteString -> (Signature, g)

-- | Verify a bytestring using the public key.
verify :: HashFunction -> PublicKey -> Signature -> ByteString -> Bool


-- | Signature generation.
module Crypto.PubKey.ECC.Generate

-- | Generate Q given d.
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
generateQ :: Curve -> Integer -> Point

-- | Generate a pair of (private, public) key.
--   
--   <i>WARNING:</i> Vulnerable to timing attacks.
generate :: CPRG g => g -> Curve -> ((PublicKey, PrivateKey), g)


-- | An implementation of the Digital Signature Algorithm (DSA)
module Crypto.PubKey.DSA

-- | Represent DSA parameters namely P, G, and Q.
data Params :: *
Params :: Integer -> Integer -> Integer -> Params

-- | DSA p
[params_p] :: Params -> Integer

-- | DSA g
[params_g] :: Params -> Integer

-- | DSA q
[params_q] :: Params -> Integer

-- | Represent a DSA signature namely R and S.
data Signature :: *
Signature :: Integer -> Integer -> Signature

-- | DSA r
[sign_r] :: Signature -> Integer

-- | DSA s
[sign_s] :: Signature -> Integer

-- | Represent a DSA public key.
data PublicKey :: *
PublicKey :: Params -> PublicNumber -> PublicKey

-- | DSA parameters
[public_params] :: PublicKey -> Params

-- | DSA public Y
[public_y] :: PublicKey -> PublicNumber

-- | Represent a DSA private key.
--   
--   Only x need to be secret. the DSA parameters are publicly shared with
--   the other side.
data PrivateKey :: *
PrivateKey :: Params -> PrivateNumber -> PrivateKey

-- | DSA parameters
[private_params] :: PrivateKey -> Params

-- | DSA private X
[private_x] :: PrivateKey -> PrivateNumber

-- | generate a private number with no specific property this number is
--   usually called X in DSA text.
generatePrivate :: CPRG g => g -> Params -> (PrivateNumber, g)

-- | Calculate the public number from the parameters and the private key
calculatePublic :: Params -> PrivateNumber -> PublicNumber

-- | sign message using the private key.
sign :: CPRG g => g -> PrivateKey -> HashFunction -> ByteString -> (Signature, g)

-- | sign message using the private key and an explicit k number.
signWith :: Integer -> PrivateKey -> HashFunction -> ByteString -> Maybe Signature

-- | verify a bytestring using the public key.
verify :: HashFunction -> PublicKey -> Signature -> ByteString -> Bool


module Crypto.PubKey.DH

-- | Represent Diffie Hellman parameters namely P (prime), and G
--   (generator).
data Params :: *
Params :: Integer -> Integer -> Params
[params_p] :: Params -> Integer
[params_g] :: Params -> Integer

-- | Represent Diffie Hellman public number Y.
data PublicNumber :: *

-- | Represent Diffie Hellman private number X.
data PrivateNumber :: *

-- | Represent Diffie Hellman shared secret.
data SharedKey :: *

-- | generate params from a specific generator (2 or 5 are common values)
--   we generate a safe prime (a prime number of the form 2p+1 where p is
--   also prime)
generateParams :: CPRG g => g -> Int -> Integer -> (Params, g)

-- | generate a private number with no specific property this number is
--   usually called X in DH text.
generatePrivate :: CPRG g => g -> Params -> (PrivateNumber, g)

-- | calculate the public number from the parameters and the private key
--   this number is usually called Y in DH text.
calculatePublic :: Params -> PrivateNumber -> PublicNumber

-- | calculate the public number from the parameters and the private key
--   this number is usually called Y in DH text.
--   
--   DEPRECATED use calculatePublic
generatePublic :: Params -> PrivateNumber -> PublicNumber

-- | generate a shared key using our private number and the other party
--   public number
getShared :: Params -> PrivateNumber -> PublicNumber -> SharedKey


module Crypto.PubKey.MaskGenFunction

-- | Represent a mask generation algorithm
type MaskGenAlgorithm = HashFunction  hash function to use -> ByteString  seed -> Int  length to generate -> ByteString

-- | Mask generation algorithm MGF1
mgf1 :: MaskGenAlgorithm


module Crypto.PubKey.RSA.PSS

-- | Parameters for PSS signature/verification.
data PSSParams
PSSParams :: HashFunction -> MaskGenAlgorithm -> Int -> Word8 -> PSSParams

-- | Hash function to use
[pssHash] :: PSSParams -> HashFunction

-- | Mask Gen algorithm to use
[pssMaskGenAlg] :: PSSParams -> MaskGenAlgorithm

-- | Length of salt. need to be &lt;= to hLen.
[pssSaltLength] :: PSSParams -> Int

-- | Trailer field, usually 0xbc
[pssTrailerField] :: PSSParams -> Word8

-- | Default Params with a specified hash function
defaultPSSParams :: HashFunction -> PSSParams

-- | Default Params using SHA1 algorithm.
defaultPSSParamsSHA1 :: PSSParams

-- | Sign using the PSS parameters and the salt explicitely passed as
--   parameters.
--   
--   the function ignore SaltLength from the PSS Parameters
signWithSalt :: ByteString -> Maybe Blinder -> PSSParams -> PrivateKey -> ByteString -> Either Error ByteString

-- | Sign using the PSS Parameters
sign :: CPRG g => g -> Maybe Blinder -> PSSParams -> PrivateKey -> ByteString -> (Either Error ByteString, g)

-- | Sign using the PSS Parameters and an automatically generated blinder.
signSafer :: CPRG g => g -> PSSParams -> PrivateKey -> ByteString -> (Either Error ByteString, g)

-- | Verify a signature using the PSS Parameters
verify :: PSSParams -> PublicKey -> ByteString -> ByteString -> Bool


-- | RSA OAEP mode
--   <a>http://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding</a>
module Crypto.PubKey.RSA.OAEP

-- | Parameters for OAEP encryption/decryption
data OAEPParams
OAEPParams :: HashFunction -> MaskGenAlgorithm -> Maybe ByteString -> OAEPParams

-- | Hash function to use.
[oaepHash] :: OAEPParams -> HashFunction

-- | Mask Gen algorithm to use.
[oaepMaskGenAlg] :: OAEPParams -> MaskGenAlgorithm

-- | Optional label prepended to message.
[oaepLabel] :: OAEPParams -> Maybe ByteString

-- | Default Params with a specified hash function
defaultOAEPParams :: HashFunction -> OAEPParams

-- | Encrypt a message using OAEP with a predefined seed.
encryptWithSeed :: ByteString -> OAEPParams -> PublicKey -> ByteString -> Either Error ByteString

-- | Encrypt a message using OAEP
encrypt :: CPRG g => g -> OAEPParams -> PublicKey -> ByteString -> (Either Error ByteString, g)

-- | Decrypt a ciphertext using OAEP
--   
--   When the signature is not in a context where an attacker could gain
--   information from the timing of the operation, the blinder can be set
--   to None.
--   
--   If unsure always set a blinder or use decryptSafer
decrypt :: Maybe Blinder -> OAEPParams -> PrivateKey -> ByteString -> Either Error ByteString

-- | Decrypt a ciphertext using OAEP and by automatically generating a
--   blinder.
decryptSafer :: CPRG g => g -> OAEPParams -> PrivateKey -> ByteString -> (Either Error ByteString, g)

APT Browse - Built by Thomas Orozco.