diff options
Diffstat (limited to 'src/Data')
-rw-r--r-- | src/Data/Digest.hs | 14 | ||||
-rw-r--r-- | src/Data/HMAC.hs | 19 |
2 files changed, 24 insertions, 9 deletions
diff --git a/src/Data/Digest.hs b/src/Data/Digest.hs index 3bc53b7..bc2f944 100644 --- a/src/Data/Digest.hs +++ b/src/Data/Digest.hs @@ -38,6 +38,7 @@ module Data.Digest , sha1 ) where +import Data.ByteString (ByteString) import qualified Data.ByteString.Lazy as Lazy (ByteString) import qualified Data.ByteString.Lazy as ByteString.Lazy import Foreign.Marshal.Unsafe (unsafeLocalState) @@ -45,7 +46,18 @@ import Foreign.Marshal.Unsafe (unsafeLocalState) import BTLS.BoringSSL.Base import BTLS.BoringSSL.Digest import BTLS.Buffer (onBufferOfMaxSize) -import BTLS.Types (Algorithm(Algorithm), Digest(Digest)) +import BTLS.Show (showHex) +import BTLS.Types (Algorithm(Algorithm)) + +-- | The result of a hash operation. Equality comparisons on this type are +-- variable-time. +-- +-- The 'Show' instance for this type displays the digest as a hexadecimal string. +newtype Digest = Digest ByteString + deriving (Eq, Ord) + +instance Show Digest where + show (Digest d) = showHex d -- | Message Digest 5, a 128-bit digest defined in -- [RFC 1321](https://tools.ietf.org/html/rfc1321). This algorithm is diff --git a/src/Data/HMAC.hs b/src/Data/HMAC.hs index 0e5a67f..d27ce7e 100644 --- a/src/Data/HMAC.hs +++ b/src/Data/HMAC.hs @@ -24,7 +24,7 @@ module Data.HMAC ( -- * Computing HMACs HMAC(HMAC) - , hmac + , hmac, HMACParams(..) -- * Cryptographic hash algorithms , Algorithm @@ -35,9 +35,6 @@ module Data.HMAC -- [FIPS 180-4](https://csrc.nist.gov/publications/detail/fips/180/4/final). , sha224, sha256, sha384, sha512 - -- * Keys - , SecretKey(SecretKey) - -- * Error handling , Error @@ -59,7 +56,8 @@ import BTLS.BoringSSL.HMAC import BTLS.BoringSSL.Mem (cryptoMemcmp) import BTLS.Buffer (onBufferOfMaxSize) import BTLS.Result (Error, check) -import BTLS.Types (Algorithm(Algorithm), SecretKey(SecretKey), showHex) +import BTLS.Show (showHex) +import BTLS.Types (Algorithm(Algorithm)) import Data.Digest (md5, sha1, sha224, sha256, sha384, sha512) -- | A hash-based message authentication code. Equality comparisons on this type @@ -76,11 +74,16 @@ instance Eq HMAC where instance Show HMAC where show (HMAC m) = showHex m --- | Creates an HMAC according to the given 'Algorithm'. -hmac :: Algorithm -> SecretKey -> Lazy.ByteString -> Either [Error] HMAC -hmac (Algorithm md) (SecretKey key) bytes = +-- | Creates an HMAC. +hmac :: HMACParams -> Lazy.ByteString -> Either [Error] HMAC +hmac (HMACParams (Algorithm md) key) bytes = unsafeLocalState $ runExceptT $ do ctx <- lift mallocHMACCtx check $ hmacInitEx ctx key md noEngine lift $ mapM_ (hmacUpdate ctx) (ByteString.Lazy.toChunks bytes) lift $ HMAC <$> onBufferOfMaxSize evpMaxMDSize (hmacFinal ctx) + +data HMACParams = HMACParams + { algorithm :: Algorithm + , secretKey :: ByteString + } deriving (Eq, Show) |