-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Stronger password hashing via sequential memory-hard functions.
--   
--   This package provides bindings to Colin Percival's <a>scrypt</a>
--   implementation (<a>http://www.tarsnap.com/scrypt.html</a>). Scrypt is
--   a key derivation function designed to be far more secure against
--   hardware brute-force attacks than alternative functions such as PBKDF2
--   or bcrypt.
--   
--   Details of the scrypt key derivation function are given in a paper by
--   Colin Percival, Stronger Key Derivation via Sequential Memory-Hard
--   Functions: <a>http://www.tarsnap.com/scrypt/scrypt.pdf</a>.
@package scrypt
@version 0.5.0


-- | Scrypt is a sequential memory-hard key derivation function. This
--   module provides low-level bindings to the <a>scrypt</a> key derivation
--   function as well as a higher-level password-storage API. It is based
--   on a fast C implementation of scrypt, written by Colin Percival. For
--   further information see <a>http://www.tarsnap.com/scrypt.html</a>.
module Crypto.Scrypt

-- | Encapsulates the three tuning parameters to the <a>scrypt</a>
--   function: <tt>N</tt>, <tt>r</tt> and <tt>p</tt> (see above) as well es
--   the length of the derived key.
data ScryptParams

-- | Constructor function for <a>ScryptParams</a> with default
--   derived-key-length of 64 bytes.
scryptParams :: Integer -> Integer -> Integer -> Maybe ScryptParams

-- | Constructor function for <a>ScryptParams</a> with an additional
--   parameter to control the length of the derived key. Only use this
--   function if you are sure you need control over the length of the
--   derived key. Use <a>scryptParams</a> instead.
scryptParamsLen :: Integer -> Integer -> Integer -> Integer -> Maybe ScryptParams

-- | Default parameters as recommended in the scrypt paper:
--   
--   <pre>
--   N = 2^14, r = 8, p = 1
--   </pre>
--   
--   Equivalent to <tt><a>fromJust</a> (<a>scryptParams</a> 14 8 1)</tt>.
defaultParams :: ScryptParams
newtype EncryptedPass
EncryptedPass :: ByteString -> EncryptedPass
[getEncryptedPass] :: EncryptedPass -> ByteString

-- | Encrypt the password with the given parameters and a random 32-byte
--   salt. The salt is read from <tt>/dev/urandom</tt> on Unix systems or
--   <tt>CryptoAPI</tt> on Windows.
encryptPassIO :: ScryptParams -> Pass -> IO EncryptedPass

-- | Equivalent to <tt>encryptPassIO defaultParams</tt>.
encryptPassIO' :: Pass -> IO EncryptedPass

-- | Generate a random 32-byte salt.
newSalt :: IO Salt

-- | Encrypt the password with the given parameters and salt.
encryptPass :: ScryptParams -> Salt -> Pass -> EncryptedPass

-- | Equivalent to <tt>encryptPass defaultParams</tt>.
encryptPass' :: Salt -> Pass -> EncryptedPass

-- | Verify a <a>Pass</a> against an <a>EncryptedPass</a>. The function
--   also takes <a>ScryptParams</a> meeting your current security
--   requirements. In case the <a>EncryptedPass</a> was generated with
--   different parameters, the function returns an updated
--   <a>EncryptedPass</a>, generated with the given <a>ScryptParams</a>.
--   The <a>Salt</a> is kept from the given <a>EncryptedPass</a>.
verifyPass :: ScryptParams -> Pass -> EncryptedPass -> (Bool, Maybe EncryptedPass)

-- | Check the <a>Pass</a> against the <a>EncryptedPass</a>, using the
--   <a>ScryptParams</a> encapsulated in the <a>EncryptedPass</a>.
verifyPass' :: Pass -> EncryptedPass -> Bool
newtype Pass
Pass :: ByteString -> Pass
[getPass] :: Pass -> ByteString
newtype Salt
Salt :: ByteString -> Salt
[getSalt] :: Salt -> ByteString
newtype PassHash
PassHash :: ByteString -> PassHash
[getHash] :: PassHash -> ByteString

-- | Calculates a hash from the given password, salt and parameters.
scrypt :: ScryptParams -> Salt -> Pass -> PassHash

-- | Note the prime symbol ('). Calls <a>scrypt</a> with
--   <a>defaultParams</a>.
scrypt' :: Salt -> Pass -> PassHash
instance GHC.Show.Show Crypto.Scrypt.ScryptParams
instance GHC.Classes.Eq Crypto.Scrypt.ScryptParams
instance GHC.Classes.Eq Crypto.Scrypt.EncryptedPass
instance GHC.Show.Show Crypto.Scrypt.EncryptedPass
instance GHC.Classes.Eq Crypto.Scrypt.PassHash
instance GHC.Show.Show Crypto.Scrypt.PassHash
instance GHC.Classes.Eq Crypto.Scrypt.Salt
instance GHC.Show.Show Crypto.Scrypt.Salt
instance GHC.Classes.Eq Crypto.Scrypt.Pass
instance GHC.Show.Show Crypto.Scrypt.Pass
