This package provides Haskell tools for X.509 certificate and Certificates revocation list (CRL) validation.

This package provides a Haskell-only implementation of the MD5 digest (hash) algorithm. This now supports the crypto-api class interface.

This Haskell package provides an incremental and one-pass, pure API to the SHA-256 cryptographic hash algorithm, with performance close to the fastest implementations available in other languages.

The implementation is made in C with a haskell FFI wrapper that hides the C implementation.

This package provides a cross-platform library that tries to find a (reasonable) CA certificate bundle that can be used with HsOpenSSL to verify the certificates of remote peers. It is for HsOpenSSL what x509-system is for the tls package, and borrows some ideas from x509-system.

This library contains io-streams routines for secure networking using OpenSSL (by way of HsOpenSSL).

Native Haskell TLS and SSL protocol implementation for server and client. This provides a high-level implementation of a sensitive security protocol, eliminating a common set of security issues through the use of the advanced type system, high level constructions and common Haskell features. Currently implement the SSL3.0, TLS1.0, TLS1.1 and TLS1.2 protocol, and support RSA and Ephemeral (Elliptic curve and regular) Diffie Hellman key exchanges, and many extensions.

This package is a repository of cryptographic primitives for Haskell. It supports a wide range of symmetric ciphers, cryptographic hash functions, public key algorithms, key derivation numbers, cryptographic random number generators, and more.

This Haskell package provides implementation of MD5.

This Haskell package provides AES cipher implementation.

The modes of operations available are ECB (Electronic code book), CBC (Cipher block chaining), CTR (Counter), XTS (XEX with ciphertext stealing), GCM (Galois Counter Mode).

The AES implementation uses AES-NI when available (on x86 and x86-64 architecture), but fallback gracefully to a software C implementation.

The software implementation uses S-Boxes, which might suffer for cache timing issues. However do notes that most other known software implementations, including very popular one (openssl, gnutls) also uses similar implementation. If it matters for your case, you should make sure you have AES-NI available, or you'll need to use a different implementation.

This Haskell package provides a platform independent method to obtain cryptographically strong entropy.

This library implements the SHA suite of message digest functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as well as the SHA-based HMAC routines. The functions have been tested against most of the NIST and RFC test vectors for the various functions. While some attention has been paid to performance, these do not presently reach the speed of well-tuned libraries, like OpenSSL.

This package provides functions for accessing and storing X.509 collections, certificates, revocation lists, and exception lists.

This package provides generic X509 support for Haskell.

This Haskell package provides basic typeclasses and types for symmetric ciphers.

HsOpenSSL is an OpenSSL binding for Haskell. It can generate RSA and DSA keys, read and write PEM files, generate message digests, sign and verify messages, encrypt and decrypt messages. It has also some capabilities of creating SSL clients and servers. This package is in production use by a number of Haskell based systems and stable. You may also be interested in the tls package, http://hackage.haskell.org/package/tls, which is a pure Haskell implementation of SSL.

Simple crypto pseudo-random-number-generator with really good randomness property.

Using ent, a randomness property maker on one 1Mb sample:

• Entropy = 7.999837 bits per byte.

• Optimum compression would reduce the size of this 1048576 byte file by 0 percent.

• Chi square distribution for 1048576 samples is 237.02.

• Arithmbetic mean value of data bytes is 127.3422 (127.5 = random).

• Monte Carlo value for Pi is 3.143589568 (error 0.06 percent).

Compared to urandom with the same sampling:

• Entropy = 7.999831 bits per byte.

• Optimum compression would reduce the size of this 1048576 byte file by 0 percent.

• Chi square distribution for 1048576 samples is 246.63.

• Arithmetic mean value of data bytes is 127.6347 (127.5 = random).

• Monte Carlo value for Pi is 3.132465868 (error 0.29 percent).

This package provides tools for operating system dependent X.509 stores, storage methods, and accessors.

This package provides functions for X.509 certificate and revocation list validation.

This package provides a library to handle system accessors and storage for X.509 certificates.

This package provides a simple monadic parser for ASN1 stream types, when ASN1 pattern matching is not convenient.

This Haskell package provides an incremental and one-pass, pure API to the SHA-1 hash algorithm, including HMAC support, with performance close to the fastest implementations available in other languages.

The implementation is made in C with a haskell FFI wrapper that hides the C implementation.

Simple cryptographic random related types: a safe abstraction for CPRNGs.

A collection of crypto hashes, with a practical incremental and one-pass, pure APIs, with performance close to the fastest implementations available in other languages. The implementations are made in C with a haskell FFI wrapper that hides the C implementation.

This Haskell package provides a generic interface for cryptographic operations (hashes, ciphers, randomness).

Maintainers of hash and cipher implementations are encouraged to add instances for the classes defined in Crypto.Classes. Crypto users are similarly encouraged to use the interfaces defined in the Classes module.

Any concepts or functions of general use to more than one cryptographic algorithm (ex: padding) is within scope of this package.