[Haskell-cafe] Re: a monad for secret information
Arie Peterson
ariep at xs4all.nl
Tue Oct 10 14:05:45 EDT 2006
David Roundy wrote:
> Try
>
>>module Secret (Secret, classify, declassify)
>>where
>>
>>data Secret a = Secret String a
>>
>>classify :: String -> a -> Secret a
>>classify pw x = Secret pw x
>>
>>declassify :: Secret a -> String -> Maybe a
>>declassify (Secret pw x) pw' | pw' == pw = Just x
>>declassify (Secret _ _) _ = Nothing
>>
>>instance Monad Secret where
>> return = classify ""
>> (Secret pw x) >>= f = case f x of
>> Secret _ y -> Secret pw y
>
> Now return itself doesn't assign a password, but you can classify
> something
> manually, and then perform computations on that data in a safe manner.
> It's just as safe as your code, because the constructor of secret is
> hidden
> which hides the password just as well as the data.
What should 'q >>= r' mean, when 'q' and 'r x' are secrets with different
passwords? In the code above, the result is a secret with the same
password as 'q'. This allows you to declassify any secret without knowing
its password:
break :: Secret a -> a
break q = fromJust $ declassify (classify "bloep" () >> q) "bloep"
.
--
Mr. Pelican Shit may be Willy.
^
/e\
---
More information about the Haskell-Cafe
mailing list