-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Hybrid Public Key Encryption defined in RFC9180
@package hpke
@version 0.0.0

module Crypto.HPKE.Internal
data HPKEMap
HPKEMap :: [(KEM_ID, (KEMGroup, KDFHash))] -> [(KDF_ID, KDFHash)] -> [(AEAD_ID, AEADCipher)] -> HPKEMap
[kemMap] :: HPKEMap -> [(KEM_ID, (KEMGroup, KDFHash))]
[kdfMap] :: HPKEMap -> [(KDF_ID, KDFHash)]
[cipherMap] :: HPKEMap -> [(AEAD_ID, AEADCipher)]
defaultHPKEMap :: HPKEMap
setupS :: HPKEMap -> Mode -> KEM_ID -> KDF_ID -> AEAD_ID -> Maybe EncodedSecretKey -> Maybe EncodedSecretKey -> EncodedPublicKey -> Info -> PSK -> PSK_ID -> IO (EncodedPublicKey, ContextS)
setupR :: HPKEMap -> Mode -> KEM_ID -> KDF_ID -> AEAD_ID -> EncodedSecretKey -> Maybe EncodedSecretKey -> EncodedPublicKey -> Info -> PSK -> PSK_ID -> IO ContextR
data KEMGroup
KEMGroup :: Proxy c -> KEMGroup
data KDFHash
KDFHash :: h -> KDFHash
data AEADCipher
AEADCipher :: Proxy a -> AEADCipher
class Aead a
sealA :: Aead a => Proxy a -> Key -> Seal
openA :: Aead a => Proxy a -> Key -> Open
nK :: Aead a => Proxy a -> Int
nN :: Aead a => Proxy a -> Int
nT :: Aead a => Proxy a -> Int
class KDF h
labeledExtract :: KDF h => Suite -> Salt -> Label -> IKM -> PRK h
labeledExpand :: KDF h => Suite -> PRK h -> Label -> Info -> Int -> Key
data Mode
ModeBase :: Mode
ModePsk :: Mode
ModeAuth :: Mode
ModeAuthPsk :: Mode
type PublicKey group = Point group
type SecretKey group = Scalar group
type Seal = Nonce -> AAD -> PlainText -> Either HPKEError CipherText
type Open = Nonce -> AAD -> CipherText -> Either HPKEError PlainText
type Nonce = ByteString
type Suite = ByteString
type Salt = ByteString
type Label = ByteString
type IKM = ByteString

-- | Generating a pair of public key and secret key based on <a>KEM_ID</a>.
genKeyPair :: HPKEMap -> KEM_ID -> IO (EncodedPublicKey, EncodedSecretKey)


-- | Hybrid Public Key Encryption (RFC9180).
module Crypto.HPKE

-- | ID for key encapsulation mechanism.
newtype KEM_ID
KEM_ID :: Word16 -> KEM_ID
[fromKEM_ID] :: KEM_ID -> Word16
pattern DHKEM_P256_HKDF_SHA256 :: KEM_ID
pattern DHKEM_P384_HKDF_SHA384 :: KEM_ID
pattern DHKEM_P521_HKDF_SHA512 :: KEM_ID
pattern DHKEM_X25519_HKDF_SHA256 :: KEM_ID
pattern DHKEM_X448_HKDF_SHA512 :: KEM_ID

-- | ID for key derivation function.
newtype KDF_ID
KDF_ID :: Word16 -> KDF_ID
[fromKDF_ID] :: KDF_ID -> Word16
pattern HKDF_SHA256 :: KDF_ID
pattern HKDF_SHA384 :: KDF_ID
pattern HKDF_SHA512 :: KDF_ID

-- | ID for authenticated encryption with additional data
newtype AEAD_ID
AEAD_ID :: Word16 -> AEAD_ID
[fromAEAD_ID] :: AEAD_ID -> Word16
pattern AES_128_GCM :: AEAD_ID
pattern AES_256_GCM :: AEAD_ID
pattern ChaCha20Poly1305 :: AEAD_ID

-- | Setting up base/auth mode for a sender. This throws <a>HPKEError</a>.
setupBaseS :: KEM_ID -> KDF_ID -> AEAD_ID -> Maybe EncodedSecretKey -> Maybe EncodedSecretKey -> EncodedPublicKey -> Info -> IO (EncodedPublicKey, ContextS)

-- | Setting up base/auth mode for a receiver with its key pair. This
--   throws <a>HPKEError</a>.
setupBaseR :: KEM_ID -> KDF_ID -> AEAD_ID -> EncodedSecretKey -> Maybe EncodedSecretKey -> EncodedPublicKey -> Info -> IO ContextR

-- | Setting up psk/auth_psk mode for a sender. This throws
--   <a>HPKEError</a>.
setupPSKS :: KEM_ID -> KDF_ID -> AEAD_ID -> Maybe EncodedSecretKey -> Maybe EncodedSecretKey -> EncodedPublicKey -> Info -> PSK -> PSK_ID -> IO (EncodedPublicKey, ContextS)

-- | Setting up psk/auth_psk mode for a receiver with its key pair. This
--   throws <a>HPKEError</a>.
setupPSKR :: KEM_ID -> KDF_ID -> AEAD_ID -> EncodedSecretKey -> Maybe EncodedSecretKey -> EncodedPublicKey -> Info -> PSK -> PSK_ID -> IO ContextR

-- | Encryption. This throws <a>HPKEError</a>.
seal :: ContextS -> AAD -> PlainText -> IO CipherText

-- | Decryption. This throws <a>HPKEError</a>.
open :: ContextR -> AAD -> CipherText -> IO PlainText

-- | Exporting secret.
exportS :: ContextS -> Info -> Int -> Key

-- | Exporting secret.
exportR :: ContextR -> Info -> Int -> Key

-- | Context for senders.
data ContextS

-- | Context for receivers.
data ContextR

-- | Encoded secret key.
newtype EncodedSecretKey
EncodedSecretKey :: ByteString -> EncodedSecretKey

-- | Encoded public key.
newtype EncodedPublicKey
EncodedPublicKey :: ByteString -> EncodedPublicKey
newtype SharedSecret
SharedSecret :: ScrubbedBytes -> SharedSecret

-- | Information string.
type Info = ByteString

-- | Pre-shared key.
type PSK = ByteString

-- | ID for pre-shared key.
type PSK_ID = ByteString

-- | Additional authenticated data for AEAD.
type AAD = ByteString

-- | Plain text.
type PlainText = ByteString

-- | Cipher text (including a authentication tag)
type CipherText = ByteString

-- | Encryption key.
type Key = ByteString

-- | Errors for HPKE
data HPKEError
ValidationError :: String -> HPKEError
DeserializeError :: String -> HPKEError
EncapError :: String -> HPKEError
DecapError :: String -> HPKEError

-- | Original
SealError :: String -> HPKEError
OpenError :: String -> HPKEError
MessageLimitReachedError :: String -> HPKEError
DeriveKeyPairError :: String -> HPKEError

-- | Original
KeyScheduleError :: String -> HPKEError
Unsupported :: String -> HPKEError

-- | Length of "enc", aka sender's public key.
nEnc :: KEM_ID -> Int

-- | Length of AEAD tag.
nTag :: AEAD_ID -> Int
