[Haskell-cafe] Re: Crypto-API is stabilizing
Thomas DuBuisson
thomas.dubuisson at gmail.com
Sat Sep 4 10:45:30 EDT 2010
On Sat, Sep 4, 2010 at 3:23 AM, Heinrich Apfelmus
<apfelmus at quantentunnel.de> wrote:
>>> A better reason is the data structure has
>>> no way to implement generateKeyPair.
>
> That's a non-problem: each algorithm (RSA, DSA, ...) implements a
> function with the same type as generateKeyPair . Compare
>
> rsa :: RangomGen g => BitLength -> g -> ((Key,Key), g)
>
> vs
>
> ((k1 :: RSA, k2), g') = generateKeyPair g
>
> You always have to write down the name of the algorithm ("RSA") when
> using generateKeyPair , so you may as well drop it entirely.
That simply isn't true. What if you have a key exchange in which the
ephemeral key is of the same type as your signing key?
Slightly contrived example:
buildAgreementMessage :: (Monad m, CryptoRandomGen g,
ASymetricCipher k) => g -> k -> m (B.ByteString,g)
buildAgreementMessages g k = do
(e,g') <- liftM eitherToFail (buildAsymKey g `asTypeOf` k)
let eBS = encode e
msg = runPut (putByteString agreementHeader >> putWord16be
(B.length eBS) >> putByteString eBS)
return msg
More information about the Libraries
mailing list