diff --git a/README.md b/README.md index e824e77ce98dc2c4f12bae819fdd89a603c0a972..173dc50acc465539b4bcfc940c923d30227c690b 100644 --- a/README.md +++ b/README.md @@ -53,8 +53,18 @@ We want a library that: * Mainly armeabi and armv7 * Is suitable for real-world security purposes * not a demo or a toy library + * documents its limitations + * is well-tested * avoids real-world pitfalls (side-channel attacks, etc), not just textbook issues * has more than a handful of other users + * is well-maintained + * developers are responsive to security reports + * has a channel for security-related disclosures + * has sound documentation for proper, safe usage + +And, +of course, +implements the required functionality. ### SHA256 diff --git a/make-keypairs/Main.hs b/make-keypairs/Main.hs index c537ae4d3420c2c0ee42f80ac67c4d3cd281cd2b..d77171e5303c5fedfedabacef1830f9c687e5581 100644 --- a/make-keypairs/Main.hs +++ b/make-keypairs/Main.hs @@ -1,11 +1,11 @@ module Main where -import Codec.Crypto.RSA (generateKeyPair) -import Crypto.Random (CryptoRandomGen (newGenIO), SystemRandom) +import qualified Crypto.PubKey.RSA as RSA import Data.ASN1.BinaryEncoding (DER (DER)) import Data.ASN1.Encoding (ASN1Encoding (encodeASN1)) import Data.ASN1.Types (ASN1Object (toASN1)) import qualified Data.ByteString.Lazy as LB +import Data.X509 (PrivKey (PrivKeyRSA)) -- | The size of the keys to generate. bits :: Int @@ -17,11 +17,12 @@ count = 5 main :: IO () main = do - g <- newGenIO :: IO SystemRandom - mapM_ (genKey g) [0 .. count - 1] + mapM_ genKey [0 .. count - 1] -genKey :: (Show a, CryptoRandomGen c) => c -> a -> IO () -genKey g n = - let (_, priv, _) = generateKeyPair g bits - bytes = encodeASN1 DER (toASN1 priv []) - in LB.writeFile ("test/data/rsa-privkey-" <> show n <> ".der") bytes +genKey :: Show a => a -> IO () +genKey n = do + (_, priv) <- RSA.generate bits e + let bytes = encodeASN1 DER (toASN1 (PrivKeyRSA priv) []) + LB.writeFile ("test/data/rsa-privkey-" <> show n <> ".der") bytes + where + e = 0x10001 diff --git a/tahoe-ssk.cabal b/tahoe-ssk.cabal index d25963a529aabf8d749de048332476419d22e7a6..2b45eec86bb69af0380e0a52e3045169f136c5e3 100644 --- a/tahoe-ssk.cabal +++ b/tahoe-ssk.cabal @@ -149,3 +149,4 @@ executable make-keypairs , base , bytestring , cryptonite + , x509