cardano-crypto-class-2.1.1.0: Type classes abstracting over cryptography primitives for Cardano
Safe HaskellSafe-Inferred
LanguageHaskell2010

Cardano.Crypto.Libsodium

Synopsis

Initialization

sodiumInit :: IO () #

MLocked memory management

data MLockedForeignPtr a #

Foreign pointer to securely allocated memory.

Instances

Instances details
NFData (MLockedForeignPtr a) # 
Instance details

Defined in Cardano.Crypto.Libsodium.Memory.Internal

Methods

rnf :: MLockedForeignPtr a -> () Source #

NoThunks (MLockedForeignPtr a) # 
Instance details

Defined in Cardano.Crypto.Libsodium.Memory.Internal

Methods

noThunks :: Context -> MLockedForeignPtr a -> IO (Maybe ThunkInfo) Source #

wNoThunks :: Context -> MLockedForeignPtr a -> IO (Maybe ThunkInfo) Source #

showTypeOf :: Proxy (MLockedForeignPtr a) -> String Source #

withMLockedForeignPtr :: forall a b. MonadSodium m => MLockedForeignPtr a -> (Ptr a -> m b) -> m b #

mlockedAllocForeignPtr :: forall a m. (MonadSodium m, Storable a) => m (MLockedForeignPtr a) #

finalizeMLockedForeignPtr :: forall a. MonadSodium m => MLockedForeignPtr a -> m () #

traceMLockedForeignPtr :: (MonadSodium m, Storable a, Show a) => MLockedForeignPtr a -> m () #

Deprecated: Do not use traceMLockedForeignPtr in production

MLocked bytes

data MLockedSizedBytes (n :: Nat) #

A block of raw memory of a known size, protected with mlock().

Instances

Instances details
(MonadSodium m, MonadST m, KnownNat n) => MEq m (MLockedSizedBytes n) # 
Instance details

Defined in Cardano.Crypto.Libsodium.MLockedBytes.Internal

Methods

equalsM :: MLockedSizedBytes n -> MLockedSizedBytes n -> m Bool #

KnownNat n => Show (MLockedSizedBytes n) #

This instance is unsafe, it will leak secrets from mlocked memory to the Haskell heap. Do not use outside of testing.

Instance details

Defined in Cardano.Crypto.Libsodium.MLockedBytes.Internal

Methods

showsPrec :: Int -> MLockedSizedBytes n -> ShowS Source #

show :: MLockedSizedBytes n -> String Source #

showList :: [MLockedSizedBytes n] -> ShowS Source #

NFData (MLockedSizedBytes n) # 
Instance details

Defined in Cardano.Crypto.Libsodium.MLockedBytes.Internal

Methods

rnf :: MLockedSizedBytes n -> () Source #

NoThunks (MLockedSizedBytes n) # 
Instance details

Defined in Cardano.Crypto.Libsodium.MLockedBytes.Internal

Methods

noThunks :: Context -> MLockedSizedBytes n -> IO (Maybe ThunkInfo) Source #

wNoThunks :: Context -> MLockedSizedBytes n -> IO (Maybe ThunkInfo) Source #

showTypeOf :: Proxy (MLockedSizedBytes n) -> String Source #

mlsbFromByteString :: forall n m. (KnownNat n, MonadSodium m, MonadST m) => ByteString -> m (MLockedSizedBytes n) #

Allocate a new MLockedSizedBytes, and fill it with the contents of a ByteString. The size of the input is not checked. Note: since the input ByteString is a plain old Haskell value, it has already violated the secure-forgetting properties afforded by MLockedSizedBytes, so this function is useless outside of testing. Use mlsbNew or mlsbNewZero to create MLockedSizedBytes values, and manipulate them through withMLSB, mlsbUseAsCPtr, or mlsbUseAsSizedPtr. (See also mlsbFromByteStringCheck)

mlsbFromByteStringCheck :: forall n m. (KnownNat n, MonadSodium m, MonadST m) => ByteString -> m (Maybe (MLockedSizedBytes n)) #

Allocate a new MLockedSizedBytes, and fill it with the contents of a ByteString. The size of the input is checked. Note: since the input ByteString is a plain old Haskell value, it has already violated the secure-forgetting properties afforded by MLockedSizedBytes, so this function is useless outside of testing. Use mlsbNew or mlsbNewZero to create MLockedSizedBytes values, and manipulate them through withMLSB, mlsbUseAsCPtr, or mlsbUseAsSizedPtr. (See also mlsbFromByteString)

mlsbAsByteString :: forall n. KnownNat n => MLockedSizedBytes n -> ByteString #

Note: the resulting ByteString will still refer to secure memory, but the types don't prevent it from be exposed. Note further that any subsequent operations (splicing & dicing, copying, conversion, packing/unpacking, etc.) on the resulting ByteString may create copies of the mlocked memory on the unprotected GHC heap, and thus leak secrets, so use this function with extreme care.

mlsbToByteString :: forall n m. (KnownNat n, MonadSodium m, MonadST m) => MLockedSizedBytes n -> m ByteString #

Note: this function will leak mlocked memory to the Haskell heap and should not be used in production code.

mlsbFinalize :: MonadSodium m => MLockedSizedBytes n -> m () #

Calls finalizeMLockedForeignPtr on underlying pointer. This function invalidates argument.

mlsbCopy :: forall n m. (KnownNat n, MonadSodium m) => MLockedSizedBytes n -> m (MLockedSizedBytes n) #

Create a deep mlocked copy of an MLockedSizedBytes.

Hashing

class HashAlgorithm h => SodiumHashAlgorithm h where #

Methods

naclDigestPtr #

Arguments

:: proxy h 
-> Ptr a

input

-> Int

input length

-> IO (MLockedSizedBytes (SizeHash h)) 

Instances

Instances details
SodiumHashAlgorithm Blake2b_256 # 
Instance details

Defined in Cardano.Crypto.Libsodium.Hash.Class

Methods

naclDigestPtr :: proxy Blake2b_256 -> Ptr a -> Int -> IO (MLockedSizedBytes (SizeHash Blake2b_256)) #

SodiumHashAlgorithm SHA256 # 
Instance details

Defined in Cardano.Crypto.Libsodium.Hash.Class

Methods

naclDigestPtr :: proxy SHA256 -> Ptr a -> Int -> IO (MLockedSizedBytes (SizeHash SHA256)) #

digestMLockedStorable :: forall h a proxy. (SodiumHashAlgorithm h, Storable a) => proxy h -> Ptr a -> IO (MLockedSizedBytes (SizeHash h)) #

digestMLockedBS :: forall h proxy. SodiumHashAlgorithm h => proxy h -> ByteString -> IO (MLockedSizedBytes (SizeHash h)) #

expandHash :: forall h m proxy. (SodiumHashAlgorithm h, MonadSodium m, MonadST m, MonadThrow m) => proxy h -> MLockedSizedBytes (SizeHash h) -> m (MLockedSizedBytes (SizeHash h), MLockedSizedBytes (SizeHash h)) #