| License | BSD-style |
|---|---|
| Maintainer | Brandon Hamilton <brandon.hamilton@gmail.com> |
| Stability | stable |
| Portability | good |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.Cipher.XSalsa
Description
Implementation of XSalsa20 algorithm https://cr.yp.to/snuffle/xsalsa-20081128.pdf Based on the Salsa20 algorithm with 256 bit key extended with 192 bit nonce
Synopsis
- initialize :: ( ByteArrayAccess key, ByteArrayAccess nonce) => Int -> key -> nonce -> State
- derive :: ByteArrayAccess nonce => State -> nonce -> State
- combine :: ByteArray ba => State -> ba -> (ba, State )
- generate :: ByteArray ba => State -> Int -> (ba, State )
- data State
Documentation
Arguments
| :: ( ByteArrayAccess key, ByteArrayAccess nonce) | |
| => Int |
number of rounds (8,12,20) |
| -> key |
the key (256 bits) |
| -> nonce |
the nonce (192 bits) |
| -> State |
the initial XSalsa state |
Initialize a new XSalsa context with the number of rounds, the key and the nonce associated.
Arguments
| :: ByteArrayAccess nonce | |
| => State |
base XSalsa state |
| -> nonce |
the remainder nonce (128 bits) |
| -> State |
the new XSalsa state |
Use an already initialized context and new nonce material to derive another XSalsa context.
This allows a multi-level cascade where a first key
k1
and nonce
n1
is
used to get
HState(k1,n1)
, and this value is then used as key
k2
to build
XSalsa(k2,n2)
. Function
initialize
is to be called with the first 192
bits of
n1|n2
, and the call to
derive
should add the remaining 128 bits.
The output context always uses the same number of rounds as the input context.
Arguments
| :: ByteArray ba | |
| => State |
the current Salsa state |
| -> ba |
the source to xor with the generator |
| -> (ba, State ) |
Combine the salsa output and an arbitrary message with a xor, and return the combined output and the new state.