diff options
Diffstat (limited to 'src/Data/HMAC.hs')
-rw-r--r-- | src/Data/HMAC.hs | 39 |
1 files changed, 33 insertions, 6 deletions
diff --git a/src/Data/HMAC.hs b/src/Data/HMAC.hs index bf1bef8..fb67817 100644 --- a/src/Data/HMAC.hs +++ b/src/Data/HMAC.hs @@ -12,15 +12,43 @@ -- License for the specific language governing permissions and limitations under -- the License. +{-| + Module: Data.HMAC + Description: Hash-based message authentication codes + Copyright: 2018 Google LLC + License: Apache License, version 2.0 + + Hash-based message authentication codes (HMACs). An HMAC guarantees + authenticity but not confidentiality. +-} module Data.HMAC - ( SecretKey(SecretKey) - , HMAC, Result + ( -- * Computing HMACs + HMAC , hmac + + -- * Cryptographic hash algorithms + , Algorithm + , sha1 + + -- ** SHA-2 family + -- | The SHA-2 family of hash functions is defined in + -- [FIPS 180-4](https://csrc.nist.gov/publications/detail/fips/180/4/final). + , sha224, sha256, sha384, sha512 + + -- * Keys + , SecretKey(SecretKey) + + -- * Error handling + , Error + + -- * Legacy functions + , md5 ) where import Control.Monad.Trans.Class (lift) import Control.Monad.Trans.Except (runExceptT) import Data.ByteString (ByteString) +import qualified Data.ByteString.Lazy as Lazy (ByteString) import qualified Data.ByteString.Lazy as ByteString.Lazy import qualified Data.ByteString.Unsafe as ByteString import Foreign (withForeignPtr) @@ -31,10 +59,9 @@ import BTLS.BoringSSL.Digest (evpMaxMDSize) import BTLS.BoringSSL.HMAC import BTLS.BoringSSL.Mem (cryptoMemcmp) import BTLS.Buffer (onBufferOfMaxSize) -import BTLS.Result (Result, check) +import BTLS.Result (Error, check) import BTLS.Types (Algorithm(Algorithm), Digest(Digest), SecretKey(SecretKey)) - -type LazyByteString = ByteString.Lazy.ByteString +import Data.Digest (md5, sha1, sha224, sha256, sha384, sha512) -- | A hash-based message authentication code. Equality comparisons on this type -- are constant-time. @@ -51,7 +78,7 @@ instance Show HMAC where show (HMAC m) = show (Digest m) -- | Creates an HMAC according to the given 'Algorithm'. -hmac :: Algorithm -> SecretKey -> LazyByteString -> Result HMAC +hmac :: Algorithm -> SecretKey -> Lazy.ByteString -> Either [Error] HMAC hmac (Algorithm md) (SecretKey key) bytes = unsafeLocalState $ do ctxFP <- mallocHMACCtx |