[Haskell-cafe] Re: Crypto-API is stabilizing

Thomas DuBuisson thomas.dubuisson at gmail.com
Sat Sep 4 10:45:30 EDT 2010


On Sat, Sep 4, 2010 at 3:23 AM, Heinrich Apfelmus
<apfelmus at quantentunnel.de> wrote:
>>> A better reason is the data structure has
>>> no way to implement generateKeyPair.
>
> That's a non-problem: each algorithm (RSA, DSA, ...) implements a
> function with the same type as  generateKeyPair . Compare
>
>   rsa :: RangomGen g => BitLength -> g -> ((Key,Key), g)
>
> vs
>
>   ((k1 :: RSA, k2), g') = generateKeyPair g
>
> You always have to write down the name of the algorithm ("RSA") when
> using  generateKeyPair , so you may as well drop it entirely.

That simply isn't true.  What if you have a key exchange in which the
ephemeral key is of the same type as your signing key?

Slightly contrived example:

    buildAgreementMessage :: (Monad m, CryptoRandomGen g,
ASymetricCipher k) => g -> k -> m (B.ByteString,g)
    buildAgreementMessages g k = do
        (e,g') <- liftM eitherToFail (buildAsymKey g `asTypeOf` k)
        let eBS = encode e
            msg = runPut (putByteString agreementHeader >> putWord16be
(B.length eBS) >> putByteString eBS)
        return msg


More information about the Libraries mailing list