[Haskell-cafe] [ANN] Crypto-API Released

Thomas DuBuisson thomas.dubuisson at gmail.com
Tue Sep 7 16:28:46 EDT 2010

At long last and after much fruitful discussion on
libraries at haskell.org, Crypto-API is having its first release, version!

Crypto-API is a generic interface for cryptographic operations,
platform independent & quality entropy acquisition, property tests and
known-answer tests (KATs) for common algorithms, and a basic benchmark
infrastructure.  Maintainers of hash and cipher implementations are
encouraged to add instances for the classes defined in Crypto.Classes.
 Crypto users are similarly encouraged to use the interfaces provided.

Any concepts or functions of general use to more than one
cryptographic algorithm (ex: padding) is within scope of this package.

Hackage: http://hackage.haskell.org/package/crypto-api
Haddock: http://web.cecs.pdx.edu/~dubuisst/crypto-api-
Blog: http://tommd.wordpress.com/2010/09/07/crypto-api-released/

At it's heart, Crypto-API is an interface to cryptographic algorithms
allowing crypto developers to provide a minimal, low level interface
and reuse generic higher-level functions while freeing crypto users
from specifying a particular algorithm or implementation.

---- Highlights ----
* Five type classes of Hash, BlockCipher, AsymCipher, StreamCipher,
and CryptoRandomGen
* Generic algorithms implemented using these class interfaces (ex:
block cipher modes of operation, hashing and HMAC)
* Platform independent acquisition of entropy for cryptographic use
(using /dev/urandom on *nix and the CryptoAPI on windows)
* Test suite and parsing of NIST KAT files
* Rudimentary benchmarking for BlockCipher, Hash, and RNGs

---- Hash Example ----
The hash developer defines a class instances:

> instance Hash MD5Context MD5Digest where
>        outputLength = Tagged 128
>        blockLength  = Tagged 512
>        initialCtx   = md5InitialContext
>        updateCtx    = md5Update
>        finalize     = md5Finalize

The hash user can remain agnostic about which type of hash is used:

> authMessage :: Hash ctx dgst => B.ByteString -> MacKey -> dgst -> Bool
> authMessage msg k = (==) (hmac' k msg)

More examples can be found on the blog post.

I don't intend to bump the version number for API changes in modules
that aren't built by default (Test.Crypto, Benchmark.Crypto).
Otherwise the PVP is in effect.  Let me know if this isn't

---- Changes Since Release Candidate ----
* Haddock documentation
* Crypto.HMAC uses MacKey to help users keep the key and message separate

----Remaining TODO----
* Optimize block cipher modes and add new ones
* Migrate Crypto.Random to the "random" package, pending conversation
and agreement.
* a signature class is planned for signature-only algorithms (DSA)
   class (Binary k, Serialize k) => Signing k where
       sign :: ...
       verify :: ...
* Verify Crypto.Random works on Windows (more likely: fix it) once a
Windows dev shows interest.
* Build and test Crypto.Padding
* Expand test suite.  Include other hashes, modes, block algorithms,
cipher properties.
* Improve benchmarks, use CryptoRandomGen class in benchmark.
* More Haddock documentation
* Consider adding "buildIV :: (CryptoRandomGen g) => g -> Either
GenError iv" routine to StreamCipher interface

Thomas M. DuBuisson

More information about the Haskell-Cafe mailing list