| Safe Haskell | Safe-Inferred |
|---|---|
| Language | Haskell2010 |
Cardano.Crypto.Libsodium.MLockedBytes.Internal
Synopsis
- newtype MLockedSizedBytes (n ∷ Nat) = MLSB (MLockedForeignPtr (SizedVoid n))
- data SizedVoid (n ∷ Nat)
- mlsbNew ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ m (MLockedSizedBytes n)
- mlsbNewZero ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ m (MLockedSizedBytes n)
- mlsbZero ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedSizedBytes n → m ()
- mlsbUseAsCPtr ∷ MonadST m ⇒ MLockedSizedBytes n → (Ptr Word8 → m r) → m r
- mlsbUseAsSizedPtr ∷ ∀ n r m. MonadST m ⇒ MLockedSizedBytes n → (SizedPtr n → m r) → m r
- mlsbCopy ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedSizedBytes n → m (MLockedSizedBytes n)
- mlsbFinalize ∷ MonadST m ⇒ MLockedSizedBytes n → m ()
- mlsbCompare ∷ ∀ n m. (MonadST m, KnownNat n) ⇒ MLockedSizedBytes n → MLockedSizedBytes n → m Ordering
- mlsbEq ∷ ∀ n m. (MonadST m, KnownNat n) ⇒ MLockedSizedBytes n → MLockedSizedBytes n → m Bool
- withMLSB ∷ ∀ b n m. MonadST m ⇒ MLockedSizedBytes n → (Ptr (SizedVoid n) → m b) → m b
- withMLSBChunk ∷ ∀ b n n' m. (MonadST m, KnownNat n, KnownNat n') ⇒ MLockedSizedBytes n → Int → (MLockedSizedBytes n' → m b) → m b
- mlsbNewWith ∷ ∀ n m. MLockedAllocator m → (KnownNat n, MonadST m) ⇒ m (MLockedSizedBytes n)
- mlsbNewZeroWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → m (MLockedSizedBytes n)
- mlsbCopyWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → MLockedSizedBytes n → m (MLockedSizedBytes n)
- traceMLSB ∷ KnownNat n ⇒ MLockedSizedBytes n → IO ()
- mlsbFromByteString ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ ByteString → m (MLockedSizedBytes n)
- mlsbFromByteStringCheck ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ ByteString → m (Maybe (MLockedSizedBytes n))
- mlsbAsByteString ∷ ∀ n. KnownNat n ⇒ MLockedSizedBytes n → ByteString
- mlsbToByteString ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedSizedBytes n → m ByteString
- mlsbFromByteStringWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → ByteString → m (MLockedSizedBytes n)
- mlsbFromByteStringCheckWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → ByteString → m (Maybe (MLockedSizedBytes n))
The MLockesSizedBytes type
newtype MLockedSizedBytes (n ∷ Nat) Source #
A block of raw memory of a known size, protected with mlock().
Constructors
| MLSB (MLockedForeignPtr (SizedVoid n)) |
Instances
| KnownNat n ⇒ Show (MLockedSizedBytes n) Source # | This instance is unsafe, it will leak secrets from mlocked memory to the Haskell heap. Do not use outside of testing. |
| NFData (MLockedSizedBytes n) Source # | |
Defined in Cardano.Crypto.Libsodium.MLockedBytes.Internal Methods rnf ∷ MLockedSizedBytes n → () Source # | |
| NoThunks (MLockedSizedBytes n) Source # | |
data SizedVoid (n ∷ Nat) Source #
A void type with a type-level size attached to it. We need this in order
to express "pointer to a block of memory of a particular size that can be
manipulated through the pointer, but not as a plain Haskell value" as
Ptr (SizedVoid n), or ForeignPtr (SizedVoid n), or
MLockedForeignPtr (SizedVoid n).
Safe Functions
mlsbNew ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ m (MLockedSizedBytes n) Source #
Allocate a new MLockedSizedBytes. The caller is responsible for
deallocating it (mlsbFinalize) when done with it. The contents of the
memory block is undefined.
mlsbNewZero ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ m (MLockedSizedBytes n) Source #
Allocate a new MLockedSizedBytes, and pre-fill it with zeroes.
The caller is responsible for deallocating it (mlsbFinalize) when done
with it. (See also mlsbNew).
mlsbZero ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedSizedBytes n → m () Source #
Overwrite an existing MLockedSizedBytes with zeroes.
mlsbUseAsCPtr ∷ MonadST m ⇒ MLockedSizedBytes n → (Ptr Word8 → m r) → m r Source #
Use an MLockedSizedBytes value as a raw C pointer. Care should be taken
to never copy the contents of the MLockedSizedBytes value into managed
memory through the raw pointer, because that would violate the
secure-forgetting property of mlocked memory.
mlsbUseAsSizedPtr ∷ ∀ n r m. MonadST m ⇒ MLockedSizedBytes n → (SizedPtr n → m r) → m r Source #
Use an MLockedSizedBytes value as a SizedPtr of the same size. Care
should be taken to never copy the contents of the MLockedSizedBytes value
into managed memory through the sized pointer, because that would violate
the secure-forgetting property of mlocked memory.
mlsbCopy ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedSizedBytes n → m (MLockedSizedBytes n) Source #
Create a deep mlocked copy of an MLockedSizedBytes.
mlsbFinalize ∷ MonadST m ⇒ MLockedSizedBytes n → m () Source #
Calls finalizeMLockedForeignPtr on underlying pointer.
This function invalidates argument.
mlsbCompare ∷ ∀ n m. (MonadST m, KnownNat n) ⇒ MLockedSizedBytes n → MLockedSizedBytes n → m Ordering Source #
compareM on MLockedSizedBytes
mlsbEq ∷ ∀ n m. (MonadST m, KnownNat n) ⇒ MLockedSizedBytes n → MLockedSizedBytes n → m Bool Source #
equalsM on MLockedSizedBytes
withMLSBChunk ∷ ∀ b n n' m. (MonadST m, KnownNat n, KnownNat n') ⇒ MLockedSizedBytes n → Int → (MLockedSizedBytes n' → m b) → m b Source #
mlsbNewWith ∷ ∀ n m. MLockedAllocator m → (KnownNat n, MonadST m) ⇒ m (MLockedSizedBytes n) Source #
mlsbNewZeroWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → m (MLockedSizedBytes n) Source #
mlsbCopyWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → MLockedSizedBytes n → m (MLockedSizedBytes n) Source #
Dangerous Functions
traceMLSB ∷ KnownNat n ⇒ MLockedSizedBytes n → IO () Source #
Deprecated: Don't leave traceMLockedForeignPtr in production
mlsbFromByteString ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ ByteString → m (MLockedSizedBytes n) Source #
Allocate a new MLockedSizedBytes, and fill it with the contents of a
ByteString. The size of the input is not checked.
Note: since the input ByteString is a plain old Haskell value, it has
already violated the secure-forgetting properties afforded by
MLockedSizedBytes, so this function is useless outside of testing. Use
mlsbNew or mlsbNewZero to create MLockedSizedBytes values, and
manipulate them through withMLSB, mlsbUseAsCPtr, or mlsbUseAsSizedPtr.
(See also mlsbFromByteStringCheck)
mlsbFromByteStringCheck ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ ByteString → m (Maybe (MLockedSizedBytes n)) Source #
Allocate a new MLockedSizedBytes, and fill it with the contents of a
ByteString. The size of the input is checked.
Note: since the input ByteString is a plain old Haskell value, it has
already violated the secure-forgetting properties afforded by
MLockedSizedBytes, so this function is useless outside of testing. Use
mlsbNew or mlsbNewZero to create MLockedSizedBytes values, and
manipulate them through withMLSB, mlsbUseAsCPtr, or mlsbUseAsSizedPtr.
(See also mlsbFromByteString)
mlsbAsByteString ∷ ∀ n. KnownNat n ⇒ MLockedSizedBytes n → ByteString Source #
Note: the resulting ByteString will still refer to secure memory,
but the types don't prevent it from be exposed. Note further that any
subsequent operations (splicing & dicing, copying, conversion,
packing/unpacking, etc.) on the resulting ByteString may create copies
of the mlocked memory on the unprotected GHC heap, and thus leak secrets,
so use this function with extreme care.
mlsbToByteString ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedSizedBytes n → m ByteString Source #
Note: this function will leak mlocked memory to the Haskell heap and should not be used in production code.
mlsbFromByteStringWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → ByteString → m (MLockedSizedBytes n) Source #
mlsbFromByteStringCheckWith ∷ ∀ n m. (KnownNat n, MonadST m) ⇒ MLockedAllocator m → ByteString → m (Maybe (MLockedSizedBytes n)) Source #