A Haskell binding for @jedisct1's portable binding for djb's NaCl. This is an early release. Please try it out, but don't just yet stake your life or job on it.
import Crypto.Saltine import qualified Data.Vector.Storable as V main = do k <- newKey n <- newNonce let ciphertext = secretbox k n (V.fromList [1,2,3,4,5]) print $ secreboxOpen k n ciphertext -- Just (fromList [1,2,3,4,5])
In The Security Impact of a New Cryptographic Library Bernstein, Lange, and Schwabe argue that high-level cryptographic libraries eliminate whole spaces of cryptographic disasters which are nigh inevitable whenever programmers use low-level crypto primitives.
- Security Stack Exchange: Why Shouldn't We Roll Our Own?
- Hacker News on "All the Crypto Code You've Ever Written is Probably Broken"
- Stack Overflow: When can you trust yourself to implement cryptography based solutions?
- Coding Horror: Why isn't my encryption... encrypting?
Crypto is complicated, so pre-rolled solutions are important prevention mechanisms.
NaCl is Bernstein, Lange, and Schwabe's
solution: a high-level, performant cryptography library with a no-fuss
interface. Saltine is a Haskell
binding to NaCl (via
libsodium) which hopes to
provide even more simplicity and safety to the usage of cryptography.
Note that it's still possible to shoot yourself in the foot pretty
easily using Saltine. Nonces must always be unique which must be managed
by the library user.
produces messages which can beundetectably tampered with in-flight.
Keys are insecurely read from disk—they may be copied and then paged
back to disk.
Inspired by @thoughtpolice's
binds to NaCl, but uses a Haskell managed version of djb's code