[Haskell-cafe] Re: Codec.Crypto.RSA question

Dominic Steintiz dominic at steinitz.org
Sat Nov 20 10:02:06 EST 2010 

Charles-Pierre Astolfi wrote:
> Here's a working example:
>
> import qualified Codec.Crypto.RSA as Crypto
> import System.Random (mkStdGen)
> import Data.Binary (encode)
> import Data.ByteString.Lazy.UTF8 (toString)
>
> n = 1024
> (pubKey,privKey,_) = Crypto.generateKeyPair (mkStdGen n) n
>
> encrypt :: (Data.Binary.Binary a) => a ->
> Data.ByteString.Lazy.Internal.ByteString
> encrypt str = fst $ Crypto.encrypt (mkStdGen n) pubKey (encode str)
>
> decrypt :: Data.ByteString.Lazy.Internal.ByteString -> String
> decrypt = toString . Crypto.decrypt privKey
>
> Thus,
> decrypt $ encrypt "haskell" = "\NUL\NUL\NUL\NUL\NUL\NUL\NUL\ahaskell"
>
>
> I'm using Codec.Crypto.RSA and you're quoting Codec.Encryption.RSA,
> which is not the same thing; unfortunately I need to use RSAES-OAEP
> (SHA1) so I guess I have to stick with Codec.Crypto.RSA.
> Any ideas?
> --
>   
I was quoting Codec.Encryption.RSA only to suggest that I would expect
that decrypt . encrypt == id.

Here's an example using RSAES-OAEP that demonstrates the desired property.

I'm not sure what your application is but if you want to interoperate
e.g. with openssl, it's pretty essential to be able to be able to handle
certificates. Unfortunately, it looks like the asn1 package is now
bit-rotted. At one point there was a test against openssl together with
instructions on how to interoperate. I still have the instructions if
you are interested.
> module Main(main) where
>
> import Codec.Utils
> import Data.Digest.SHA1(hash,Word160(Word160))
> import Codec.Encryption.RSA.MGF
> import Codec.Encryption.RSA.EMEOAEP
> import Codec.Encryption.RSA
> import Test.HUnit
>
> import qualified Codec.Crypto.RSA as Crypto
> import System.Random (mkStdGen)
> import qualified Data.Binary as Binary
> import Data.ByteString.Lazy.UTF8 (toString)
>
> import Data.Char
> import qualified Codec.Encryption.RSA.EMEOAEP as E
> import Codec.Encryption.RSA.MGF
>
>
> n1 = 1024
> (pubKey,privKey,_) = Crypto.generateKeyPair (mkStdGen n1) n1
>
> encrypt1 str = fst $ Crypto.encrypt (mkStdGen n1) pubKey
> (Binary.encode str)
>
> decrypt1 = toString . Crypto.decrypt privKey
>
> randomSeed :: [Octet]
> randomSeed = hash' [3]
>
> hash' xs = let (Word160 a b c d e) = hash xs in concatMap (toOctets
> 256) [a,b,c,d,e]
>
> ciphertext :: [Octet] -> [Octet] -> String -> [Octet]
> ciphertext n d x =
>    encrypt (n,d) $
>    E.encode mgf hash' [] randomSeed n $
>    map (fromIntegral . ord) x
>
> plaintext :: [Octet] -> [Octet] -> [Octet] -> String
> plaintext n e x =
>    map (chr . fromIntegral) $
>    E.decode mgf hash' [] $
>    decrypt (n,e) $ x
>
> ciphertext1 privKey x =
>    ciphertext (toOctets 256 $ Crypto.private_n privKey) (toOctets 256
> $ Crypto.private_d privKey) x
>
> plaintext1 pubKey x =
>    plaintext (toOctets 256 $ Crypto.public_n pubKey) (toOctets 256 $
> Crypto.public_e pubKey) x
>
> main = putStrLn $ plaintext1 pubKey $ ciphertext1 privKey "Hello"

More information about the Haskell-Cafe mailing list