Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ppad-tech/sha512

Pure Haskell SHA-512, HMAC-SHA512
https://github.com/ppad-tech/sha512

cryptography hashing haskell sha2 sha512

Last synced: 12 months ago
JSON representation

Pure Haskell SHA-512, HMAC-SHA512

Awesome Lists containing this project

README 

          
# sha512



[![](https://img.shields.io/hackage/v/ppad-sha512?color=blue)](https://hackage.haskell.org/package/ppad-sha512)

![](https://img.shields.io/badge/license-MIT-brightgreen)

[![](https://img.shields.io/badge/haddock-sha512-lightblue)](https://docs.ppad.tech/sha512)



A pure Haskell implementation of SHA-512 and HMAC-SHA512 on strict and

lazy ByteStrings, as specified by RFC's [6234][r6234] and [2104][r2104].



## Usage



A sample GHCi session:



```

  > :set -XOverloadedStrings

  >

  > -- import qualified

  > import qualified Crypto.Hash.SHA512 as SHA512

  >

  > -- 'hash' and 'hmac' operate on strict bytestrings

  >

  > let hash_s = SHA512.hash "strict bytestring input"

  > let hmac_s = SHA512.hmac "strict secret" "strict bytestring input"

  >

  > -- 'hash_lazy' and 'hmac_lazy' operate on lazy bytestrings

  > -- but note that the key for HMAC is always strict

  >

  > let hash_l = SHA512.hash_lazy "lazy bytestring input"

  > let hmac_l = SHA512.hmac_lazy "strict secret" "lazy bytestring input"

  >

  > -- results are always unformatted 512-bit (64-byte) strict bytestrings

  >

  > import qualified Data.ByteString as BS

  >

  > BS.take 10 hash_s

  "\189D*\v\166\245N\216\&1\243"

  > BS.take 10 hmac_l

  "#}9\185\179\233[&\246\205"

  >

  > -- you can use third-party libraries for rendering if needed

  > -- e.g., using base64-bytestring:

  >

  > import qualified Data.ByteString.Base64 as B64

  >

  > B64.encode (BS.take 16 hash_s)

  "vUQqC6b1Ttgx8+ydx4MmtQ=="

  > B64.encode (BS.take 16 hmac_l)

  "I305ubPpWyb2zUi4pwDkrw=="

```



## Documentation



Haddocks (API documentation, etc.) are hosted at

[docs.ppad.tech/sha512][hadoc].



## Performance



The aim is best-in-class performance for pure, highly-auditable Haskell

code.



Current benchmark figures on my mid-2020 MacBook Air look like (use

`cabal bench` to run the benchmark suite):



```

  benchmarking ppad-sha512/SHA512 (32B input)/hash

  time                 1.116 μs   (1.103 μs .. 1.130 μs)

                       0.999 R²   (0.999 R² .. 0.999 R²)

  mean                 1.142 μs   (1.132 μs .. 1.154 μs)

  std dev              37.35 ns   (30.15 ns .. 49.36 ns)

  variance introduced by outliers: 45% (moderately inflated)



  benchmarking ppad-sha512/HMAC-SHA512 (32B input)/hmac

  time                 4.943 μs   (4.823 μs .. 5.086 μs)

                       0.997 R²   (0.994 R² .. 1.000 R²)

  mean                 4.878 μs   (4.838 μs .. 4.946 μs)

  std dev              180.9 ns   (105.1 ns .. 337.4 ns)

  variance introduced by outliers: 48% (moderately inflated)

```



Compare this to Hackage's famous SHA package:



```

  benchmarking ppad-sha512/SHA512 (32B input)/SHA.sha512

  time                 2.371 μs   (2.350 μs .. 2.401 μs)

                       0.999 R²   (0.999 R² .. 1.000 R²)

  mean                 2.422 μs   (2.403 μs .. 2.443 μs)

  std dev              69.84 ns   (51.04 ns .. 114.0 ns)

  variance introduced by outliers: 37% (moderately inflated)



  benchmarking ppad-sha512/HMAC-SHA512 (32B input)/SHA.hmacSha512

  time                 8.832 μs   (8.714 μs .. 8.976 μs)

                       0.999 R²   (0.998 R² .. 1.000 R²)

  mean                 8.911 μs   (8.834 μs .. 9.006 μs)

  std dev              278.9 ns   (215.8 ns .. 365.1 ns)

  variance introduced by outliers: 37% (moderately inflated)

```



Or the relevant SHA-512-based functions from a library with similar

aims, [noble-hashes][noble] (though with no HMAC-SHA512 benchmark

available):



```

SHA512 32B x 217,296 ops/sec @ 4μs/op ± 2.00% (min: 3μs, max: 20ms)

```



## Security



This library aims at the maximum security achievable in a

garbage-collected language under an optimizing compiler such as GHC, in

which strict constant-timeness can be challenging to achieve.



The HMAC-SHA512 functions within pass all [Wycheproof vectors][wyche],

as well as various other useful unit test vectors found around the

internet.



If you discover any vulnerabilities, please disclose them via

security@ppad.tech.



## Development



You'll require [Nix][nixos] with [flake][flake] support enabled. Enter a

development shell with:



```

$ nix develop

```



Then do e.g.:



```

$ cabal repl ppad-sha512

```



to get a REPL for the main library.



## Attribution



This implementation has benefitted immensely from the [SHA][hacka]

package available on Hackage, which was used as a reference during

development. Many parts wound up being direct translations.



[nixos]: https://nixos.org/

[flake]: https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-flake.html

[hadoc]: https://docs.ppad.tech/sha512

[hacka]: https://hackage.haskell.org/package/SHA

[r6234]: https://datatracker.ietf.org/doc/html/rfc6234

[r2104]: https://datatracker.ietf.org/doc/html/rfc2104

[noble]: https://github.com/paulmillr/noble-hashes

[wyche]: https://github.com/C2SP/wycheproof