123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- module Crypto.ChunkedAlgorithms where
- import Data.ByteString (ByteString)
- import qualified Data.ByteString as BS
- import qualified Data.ByteArray as BA
- import Crypto.Chunked
- import Crypto.Error
- import qualified Crypto.Cipher.ChaChaPoly1305 as ChaP
- {- |
- Constructs a ChunkedCrypto based on the ChaChaPoly1305 primitive.
- No authenticated data is used, and chunk authentication is concatenated
- to the begining of the chunk.
- -}
- chunkedChaChaPoly1305 ::
- -- | Plain text block size
- Int ->
- -- | Encryption key
- ByteString ->
- ChunkedCrypto
- chunkedChaChaPoly1305 s k = ChunkedCrypto enc dec (fromIntegral s) (fromIntegral s + auth_size)
- where
- auth_size = 16
- enc = \nonce dt -> do
- n <- ChaP.nonce12 nonce
- st0 <- ChaP.initialize k n
- let st1 = ChaP.finalizeAAD st0
- let (out, st2) = ChaP.encrypt dt st1
- let auth = BA.convert $ ChaP.finalize st2
- return $ BS.append auth out
- dec = \nonce dt' -> do
- let (auth, dt) = BS.splitAt 16 dt'
- n <- ChaP.nonce12 nonce
- st0 <- ChaP.initialize k n
- let st1 = ChaP.finalizeAAD st0
- let (out, st2) = ChaP.decrypt dt st1
- let auth' = BA.convert $ ChaP.finalize st2
- if auth == auth'
- then return out
- else CryptoFailed CryptoError_MacKeyInvalid
-
|