Extending ECC and ECIES #112
Conversation
* Use TypeFamilies; need to see what to do for older GHC versions * Start implementing some API related to ECIES
| encodePoint :: Point curve -> ByteString | ||
| decodePoint :: ByteString -> Point curve | ||
|
|
||
| instance {-# OVERLAPPABLE #-} Show (Point a) where |
There was a problem hiding this comment.
That seems like the ugly conclusion of having the associated type as newtype instead of types; really shouldn't be here
There was a problem hiding this comment.
I have no idea on how to make Point an instance of ByteArrayAccess.
Would you show me code?
There was a problem hiding this comment.
Is this comment for instance rather than encodePoint?
There was a problem hiding this comment.
Point and Scalar should be instance of Eq and Show because upper layer data structures in tls require so.
There was a problem hiding this comment.
I have no idea on how to make Point and Scalar instances of Eq and Show except this approach.
| decodeECPoint :: ByteString -> (Integer,Integer) | ||
| decodeECPoint mxy = (x,y) | ||
| where | ||
| xy = B.drop 1 mxy -- dropping 4 (uncompressed) |
There was a problem hiding this comment.
it really really shouldn't be a drop 1. at the very least it should be a case that check for 4, and put a note for the 2,3 format. Also this shouldn't use ByteString but should do things through the ByteArray / ByteArrayClass
|
|
||
| -- | Pseudo Random Key | ||
| data PRK a = PRK (HMAC a) | PRK_NoExpand ScrubbedBytes | ||
| deriving (Eq) | ||
|
|
||
| instance Show (PRK a) where |
There was a problem hiding this comment.
I don't think this should have a Show instance for security reason
| show (PRK hm) = show (hmacGetDigest hm) | ||
| show (PRK_NoExpand sb) = show sb | ||
|
|
||
| toByteString :: PRK a -> BS.ByteString |
There was a problem hiding this comment.
Should be ByteArray / ByteArrayAccess not direct use of ByteString
| @@ -110,3 +119,22 @@ foreign import ccall "cryptonite_curve25519_donna" | |||
| -> Ptr Word8 -- ^ secret | |||
| -> Ptr Word8 -- ^ basepoint | |||
| -> IO () | |||
|
|
|||
| generateSecretKey :: MonadRandom m => m SecretKey | |||
| generateSecretKey = return $ unsafeDoIO $ do | |||
There was a problem hiding this comment.
you really don't want to put things into a bytestring and then moved it to a Scrubbed bytes. it does defeat the purpose. getRandomBytes should gives you Scrubbed Bytes too if you want.
|
Now |
|
All issues except one, which I cannot solve, are fixed. |
|
Note that those patches are tested with the |
|
now tracked by #114 |
This patches extend the rebased
eccbranch to support ECDH, P384 and X25521.I confirmed that this can be use in the
tlslibrary.This also extends PRK which is necessary to implement TLS1.3.
Please give me comments.