Native Haskell TLS and SSL protocol implementation for server and client. This provides a high-level implementation of a sensitive security protocol, eliminating a common set of security issues through the use of the advanced type system, high level constructions and common Haskell features. Currently implement the SSL3.0, TLS1.0, TLS1.1 and TLS1.2 protocol, and support RSA and Ephemeral (Elliptic curve and regular) Diffie Hellman key exchanges, and many extensions.

This package provides efficient cryptographic hash implementations for strict and lazy bytestrings. For now, CRC32 and Adler32 are supported; they are implemented as FFI bindings to efficient code from zlib.

Simple cryptographic random related types: a safe abstraction for CPRNGs.

This package provides a Haskell-only implementation of the MD5 digest (hash) algorithm. This now supports the crypto-api class interface.

This module provides Haskell bindings and extensions to the curve25519-donna codebase. It's a pretty straightforward implementation of the basic cryptographic routines you'd want from a project that uses curve25519: key generation, and key agreement. For further functionality, you'll want to look elsewhere.

This package provides a reader and writer for ASN1 data in raw form with supports for high level forms of ASN1 (BER, and DER).

Simple crypto pseudo-random-number-generator with really good randomness property.

Using ent, a randomness property maker on one 1Mb sample:

• Entropy = 7.999837 bits per byte.

• Optimum compression would reduce the size of this 1048576 byte file by 0 percent.

• Chi square distribution for 1048576 samples is 237.02.

• Arithmbetic mean value of data bytes is 127.3422 (127.5 = random).

• Monte Carlo value for Pi is 3.143589568 (error 0.06 percent).

Compared to urandom with the same sampling:

• Entropy = 7.999831 bits per byte.

• Optimum compression would reduce the size of this 1048576 byte file by 0 percent.

• Chi square distribution for 1048576 samples is 246.63.

• Arithmetic mean value of data bytes is 127.6347 (127.5 = random).

• Monte Carlo value for Pi is 3.132465868 (error 0.29 percent).

This package provides a repository of cryptographic primitives.

• Symmetric ciphers: AES, DES, 3DES, CAST5, Blowfish, Twofish, Camellia, RC4, Salsa, XSalsa, ChaCha.

• Hash: SHA1, SHA2, SHA3, SHAKE, MD2, MD4, MD5, Keccak, Skein, Ripemd, Tiger, Whirlpool, Blake2.

• MAC: HMAC, KMAC, Poly1305

• Asymmetric crypto: DSA, RSA, DH, ECDH, ECDSA, ECC, Curve25519, Curve448, Ed25519, Ed448

• Key Derivation Function: PBKDF2, Scrypt, HKDF, Argon2, BCrypt, BCryptPBKDF

• Cryptographic Random generation: System Entropy, Deterministic Random Generator

• Data related: Anti-Forensic Information Splitter (AFIS)

This package provides functions for accessing and storing X.509 collections, certificates, revocation lists, and exception lists.

This package provides a cross-platform library that tries to find a (reasonable) CA certificate bundle that can be used with HsOpenSSL to verify the certificates of remote peers. It is for HsOpenSSL what x509-system is for the tls package, and borrows some ideas from x509-system.

This package provides conduit interfaces for some of cryptonite's implementations of cryptographic primitives.

This Haskell package provides an incremental and one-pass, pure API to the SHA-256 cryptographic hash algorithm, with performance close to the fastest implementations available in other languages.

The implementation is made in C with a haskell FFI wrapper that hides the C implementation.

This Haskell package provides an incremental and one-pass, pure API to the SHA-1 hash algorithm, including HMAC support, with performance close to the fastest implementations available in other languages.

The implementation is made in C with a haskell FFI wrapper that hides the C implementation.

This package provides a library to handle system accessors and storage for X.509 certificates.

This package provides a simple, fast, self-contained copy of the Ed25519 public-key signature system with a clean interface. It also includes support for detached signatures, and thorough documentation on the design and implementation, including usage guidelines.

This package provides methods for accessing and storing X.509 collections of certificates, certificate revocation lists, and exception lists.

This Haskell package provides AES cipher implementation.

The modes of operations available are ECB (Electronic code book), CBC (Cipher block chaining), CTR (Counter), XTS (XEX with ciphertext stealing), GCM (Galois Counter Mode).

The AES implementation uses AES-NI when available (on x86 and x86-64 architecture), but fallback gracefully to a software C implementation.

The software implementation uses S-Boxes, which might suffer for cache timing issues. However do notes that most other known software implementations, including very popular one (openssl, gnutls) also uses similar implementation. If it matters for your case, you should make sure you have AES-NI available, or you'll need to use a different implementation.

This Haskell package provides implementation of MD5.

A collection of crypto hashes, with a practical incremental and one-pass, pure APIs, with performance close to the fastest implementations available in other languages. The implementations are made in C with a haskell FFI wrapper that hides the C implementation.

This package is a repository of cryptographic primitives for Haskell. It supports a wide range of symmetric ciphers, cryptographic hash functions, public key algorithms, key derivation numbers, cryptographic random number generators, and more.

This Haskell package provides a platform independent method to obtain cryptographically strong entropy.

This Haskell package provides basic typeclasses and types for symmetric ciphers.

This library implements the SHA suite of message digest functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as well as the SHA-based HMAC routines. The functions have been tested against most of the NIST and RFC test vectors for the various functions. While some attention has been paid to performance, these do not presently reach the speed of well-tuned libraries, like OpenSSL.

This Haskell package provides a generic interface for cryptographic operations (hashes, ciphers, randomness).

Maintainers of hash and cipher implementations are encouraged to add instances for the classes defined in Crypto.Classes. Crypto users are similarly encouraged to use the interfaces defined in the Classes module.

Any concepts or functions of general use to more than one cryptographic algorithm (ex: padding) is within scope of this package.