[Haskell-cafe] Re: Crypto-API is stabilizing

Sebastian Fischer sebf at informatik.uni-kiel.de
Thu Sep 2 18:07:43 EDT 2010


On Aug 27, 2010, at 11:12 AM, Heinrich Apfelmus wrote:

> Is it actually necessary to use a type class here? The situation is  
> very similar to
>
>   Luke Palmer. Haskell Antipattern: Existential Typeclass.
>   http://lukepalmer.wordpress.com/2010/01/24/
>
> I suggest to use good old data types
>
>   data Key = Key {
>                encrypt   :: B.ByteString -> B.ByteString,
>                decrypt   :: B.ByteString -> B.ByteString,
>                keyLength :: BitLength,
>                serialize :: B.ByteString}
>
>   rsa :: RandomGen g => BitLength -> g -> ((Key,Key), g)

In general, I like this approach, but what are

     encrypt privateKey

or

     decrypt publicKey

supposed to do? A type-class solution also does not *prevent*  
programmers to perform such non-sensical calls, but the data-type  
solution *forces* programmers to provide non-sensical encrypt and  
decrypt functions when creating the public and private keys.

>>>> class (Binary p, Serialize p) => AsymCipher p where
>>>>   generateKeypair :: RandomGen g => g -> BitLength -> Maybe  
>>>> ((p,p),g)
>>>>   encryptAsym     :: p -> B.ByteString -> B.ByteString
>>>>   decryptAsym     :: p -> B.ByteString -> B.ByteString
>>>>   asymKeyLength       :: p -> BitLength

Why not use

     generateKeypair :: MonadRandom m => BitLength -> m (Maybe (p,p))

where MonadRandom is from [1].

Sebastian

[1]: http://hackage.haskell.org/package/MonadRandom


-- 
Underestimating the novelty of the future is a time-honored tradition.
(D.G.)





More information about the Libraries mailing list