mirror of
https://github.com/kazu-yamamoto/crypton.git
synced 2024-10-04 07:50:45 +03:00
Merge PR #24
This commit is contained in:
commit
aac5e5a79d
@ -37,6 +37,7 @@ import Crypto.Random.SystemDRG
|
||||
import Data.ByteArray (ByteArray, ByteArrayAccess, ScrubbedBytes)
|
||||
import qualified Data.ByteArray as B
|
||||
import Crypto.Internal.Imports
|
||||
import Crypto.Hash (Digest, SHA512, hash)
|
||||
|
||||
import qualified Crypto.Number.Serialize as Serialize
|
||||
|
||||
@ -49,7 +50,13 @@ seedLength = 40
|
||||
|
||||
-- | Create a new Seed from system entropy
|
||||
seedNew :: MonadRandom randomly => randomly Seed
|
||||
seedNew = Seed `fmap` getRandomBytes seedLength
|
||||
-- The degree of its randomness depends on the source, e.g. for iOS we
|
||||
-- have to compile with DoNotUseEntropy flag, as iOS doesn't allow
|
||||
-- using getentropy, and on some other systems it can be also
|
||||
-- potentially comprisable sources. Hashing of entropy before using
|
||||
-- it as a seed is a common mitigation for attacks via RNG/entropy
|
||||
-- source.
|
||||
seedNew = (Seed . B.take seedLength . B.convert . (hash :: ScrubbedBytes -> Digest SHA512)) `fmap` getRandomBytes 64
|
||||
|
||||
-- | Convert a Seed to an integer
|
||||
seedToInteger :: Seed -> Integer
|
||||
|
Loading…
Reference in New Issue
Block a user