mirror of
https://github.com/sdiehl/wiwinwlh.git
synced 2024-09-11 12:05:25 +03:00
Write more
This commit is contained in:
sdiehl
parent
5b127bd40d
commit
f29b29b990
@ -1,68 +1,11 @@
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
|
||||
import Data.Word
|
||||
import Data.ByteString as S
|
||||
import Data.ByteArray as B
|
||||
import Data.Serialize
|
||||
|
||||
import Crypto.Error
|
||||
import Crypto.Random
|
||||
import Crypto.Random.Entropy (getEntropy)
|
||||
|
||||
import Crypto.PubKey.DH
|
||||
import qualified Crypto.PubKey.Curve25519 as Curve25519
|
||||
|
||||
-- https://github.com/haskell-crypto/cryptonite/tree/3c087f0f4462df606524083699119445bb81dfa6/tests
|
||||
-- https://github.com/centromere/cacophony/blob/80adb3c69dd850794b038a95364693d9503a24ce/src/Crypto/Noise/DH/Curve25519.hs
|
||||
-- https://github.com/glguy/ssh-hans/blob/f49ef74a8a37ddff1f4748f46be949704d41557c/src/Network/SSH/Keys.hs
|
||||
|
||||
alicePrivate = throwCryptoError $ Curve25519.secretKey ("\x77\x07\x6d\x0a\x73\x18\xa5\x7d\x3c\x16\xc1\x72\x51\xb2\x66\x45\xdf\x4c\x2f\x87\xeb\xc0\x99\x2a\xb1\x77\xfb\xa5\x1d\xb9\x2c\x2a" :: ByteString)
|
||||
alicePublic = throwCryptoError $ Curve25519.publicKey ("\x85\x20\xf0\x09\x89\x30\xa7\x54\x74\x8b\x7d\xdc\xb4\x3e\xf7\x5a\x0d\xbf\x3a\x0d\x26\x38\x1a\xf4\xeb\xa4\xa9\x8e\xaa\x9b\x4e\x6a" :: ByteString)
|
||||
bobPrivate = throwCryptoError $ Curve25519.secretKey ("\x5d\xab\x08\x7e\x62\x4a\x8a\x4b\x79\xe1\x7f\x8b\x83\x80\x0e\xe6\x6f\x3b\xb1\x29\x26\x18\xb6\xfd\x1c\x2f\x8b\x27\xff\x88\xe0\xeb" :: ByteString)
|
||||
bobPublic = throwCryptoError $ Curve25519.publicKey ("\xde\x9e\xdb\x7d\x7b\x7d\xc1\xb4\xd3\x5b\x61\xc2\xec\xe4\x35\x37\x3f\x83\x43\xc8\x5b\x78\x67\x4d\xad\xfc\x7e\x14\x6f\x88\x2b\x4f" :: ByteString)
|
||||
|
||||
genKey :: IO (Curve25519.SecretKey, Curve25519.PublicKey)
|
||||
genKey = do
|
||||
r <- getEntropy 32 :: IO ScrubbedBytes
|
||||
let sk = throwCryptoError . Curve25519.secretKey $ r
|
||||
pk = Curve25519.toPublic sk
|
||||
return (sk, pk)
|
||||
|
||||
dh :: Curve25519.SecretKey -> Curve25519.PublicKey -> ScrubbedBytes
|
||||
dh sk pk = convert $ Curve25519.dh pk sk
|
||||
|
||||
main :: IO ()
|
||||
main = do
|
||||
(sk, pk) <- genKey
|
||||
let res = B.convert (dh sk pk) :: ByteString
|
||||
print res
|
||||
|
||||
(a, fn) <- runCurve25519dh
|
||||
print a
|
||||
let sharedKey = fn (B.convert pk)
|
||||
print sharedKey
|
||||
|
||||
-- | Implements key exchange as defined by
|
||||
-- curve25519-sha256@libssh.org.txt
|
||||
runCurve25519dh ::
|
||||
IO (S.ByteString, S.ByteString -> Maybe S.ByteString)
|
||||
{- ^ local public, remote public -> shared key -}
|
||||
runCurve25519dh =
|
||||
|
||||
-- fails if key isn't 32 bytes long
|
||||
do CryptoPassed priv <-
|
||||
fmap Curve25519.secretKey (getRandomBytes 32 :: IO S.ByteString)
|
||||
|
||||
-- Section 2: Transmit public key as "string"
|
||||
let raw_pub_s = convert $ Curve25519.toPublic priv
|
||||
|
||||
computeSecret raw_pub_c
|
||||
-- fails if key isn't 32 bytes long
|
||||
| CryptoPassed pub_c <- Curve25519.publicKey raw_pub_c
|
||||
|
||||
-- Section 4.3: Treat shared key bytes as "integer"
|
||||
= Just $ B.convert $ Curve25519.dh pub_c priv
|
||||
|
||||
| otherwise = Nothing
|
||||
|
||||
return (raw_pub_s, computeSecret)
|
||||
-- Diffie-Hellman Key Exchange for Curve25519
|
||||
dh :: IO ()
|
||||
dh = do
|
||||
alicePriv <- Curve25519.generateSecretKey
|
||||
bobPriv <- Curve25519.generateSecretKey
|
||||
let secret1 = Curve25519.dh (Curve25519.toPublic alicePriv) bobPriv
|
||||
let secret2 = Curve25519.dh (Curve25519.toPublic bobPriv) alicePriv
|
||||
print (secret1 == secret2)
|
||||
|
||||
@ -1 +0,0 @@
|
||||
module ECDH where
|
||||
@ -1 +0,0 @@
|
||||
module ECDSA where
|
||||
@ -1 +1,17 @@
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
|
||||
module Ed25519 where
|
||||
|
||||
import Crypto.PubKey.Ed25519 as Ed25519
|
||||
import Data.ByteString
|
||||
|
||||
msg :: ByteString
|
||||
msg = "My example message"
|
||||
|
||||
example :: IO ()
|
||||
example = do
|
||||
privKey <- Ed25519.generateSecretKey
|
||||
let pubKey = Ed25519.toPublic privKey
|
||||
let sig = sign privKey pubKey msg
|
||||
print sig
|
||||
print (Ed25519.verify pubKey msg sig)
|
||||
|
||||
1
src/32-cryptography/Pairing.hs
Normal file
1
src/32-cryptography/Pairing.hs
Normal file
@ -0,0 +1 @@
|
||||
module Pairing where
|
||||
@ -2,7 +2,7 @@ name: example
|
||||
version: 0.1
|
||||
author: Stephen Diehl
|
||||
maintainer: stephen.m.diehl@gmail.com
|
||||
copyright: 2016 Stephen Diehl
|
||||
copyright: 2020 Stephen Diehl
|
||||
category: Documentation
|
||||
build-type: Simple
|
||||
cabal-version: >=1.10
|
||||
@ -11,10 +11,10 @@ tested-with: GHC == 7.6.3
|
||||
library
|
||||
|
||||
build-depends:
|
||||
base >= 4.6 && <4.10,
|
||||
bytestring >= 0.10 && <0.11,
|
||||
cereal >= 0.5 && <0.6,
|
||||
memory >= 0.12 && <0.15,
|
||||
cryptonite >= 0.19 && <0.23
|
||||
|
||||
base >= 4.10 && < 4.14,
|
||||
cryptonite >= 0.20 && < 0.30,
|
||||
pairing >= 1.0 && < 2.0,
|
||||
elliptic-curve >= 0.3 && < 0.4,
|
||||
memory -any,
|
||||
bytestring -any
|
||||
default-language: Haskell2010
|
||||
|
||||
@ -1,32 +1,9 @@
|
||||
# For more information, see: https://github.com/commercialhaskell/stack/blob/release/doc/yaml_configuration.md
|
||||
|
||||
# Specifies the GHC version and set of packages available (e.g., lts-3.5, nightly-2015-09-21, ghc-7.10.2)
|
||||
resolver: lts-7.14
|
||||
|
||||
# Local packages, usually specified by relative directory name
|
||||
packages:
|
||||
- '.'
|
||||
|
||||
# Packages to be pulled from upstream that are not in the resolver (e.g., acme-missiles-0.3)
|
||||
extra-deps: []
|
||||
|
||||
# Override default flag values for local packages and extra-deps
|
||||
flags: {}
|
||||
|
||||
# Extra package databases containing global packages
|
||||
extra-package-dbs: []
|
||||
|
||||
# Control whether we use the GHC we find on the path
|
||||
# system-ghc: true
|
||||
|
||||
# Require a specific version of stack, using version ranges
|
||||
# require-stack-version: -any # Default
|
||||
# require-stack-version: >= 0.1.4.0
|
||||
|
||||
# Override the architecture used by stack, especially useful on Windows
|
||||
# arch: i386
|
||||
# arch: x86_64
|
||||
|
||||
# Extra directories used by stack for building
|
||||
# extra-include-dirs: [/path/to/dir]
|
||||
# extra-lib-dirs: [/path/to/dir]
|
||||
resolver: lts-14.7
|
||||
extra-deps:
|
||||
- elliptic-curve-0.3.0
|
||||
- pairing-1.0.0
|
||||
- galois-field-1.0.1
|
||||
- bitvec-1.0.2.0
|
||||
- poly-0.3.3.0
|
||||
- semirings-0.5.2
|
||||
- vector-algorithms-0.8.0.3
|
||||
|
||||
35
tutorial.md
35
tutorial.md
@ -8339,15 +8339,7 @@ variety of tasks that consist largely of boilerplate code generation such as:
|
||||
* Equality
|
||||
* Serialization
|
||||
* Ordering
|
||||
* Traversal
|
||||
|
||||
These are achieved through several tools and techniques outlined in the next few
|
||||
sections:
|
||||
|
||||
* Typeable / Dynamic
|
||||
* Scrap Your Boilerplate
|
||||
* GHC.Generics
|
||||
* generics-sop
|
||||
* Traversals
|
||||
|
||||
Generic
|
||||
-------
|
||||
@ -9637,6 +9629,14 @@ TODO
|
||||
Chans
|
||||
-----
|
||||
|
||||
```haskell
|
||||
data Chan a
|
||||
|
||||
newChan :: IO (Chan a)
|
||||
readChan :: Chan a -> IO a
|
||||
writeChan :: Chan a -> a -> IO ()
|
||||
```
|
||||
|
||||
TODO
|
||||
|
||||
Semaphores
|
||||
@ -10228,14 +10228,27 @@ standardized by NIST. It produces a 256-bit message digest.
|
||||
Password Hashing
|
||||
----------------
|
||||
|
||||
* Blake2
|
||||
* Argon2
|
||||
|
||||
|
||||
Curve25519 Diffie-Hellman
|
||||
-------------------------
|
||||
|
||||
~~~~ {.haskell include="src/32-cryptography/Curve25519.hs"}
|
||||
~~~~
|
||||
|
||||
Ed25519 EdDSA
|
||||
-------------
|
||||
|
||||
* Blake2
|
||||
* Argon2
|
||||
~~~~ {.haskell include="src/32-cryptography/Ed25519.hs"}
|
||||
~~~~
|
||||
|
||||
Merkle Trees
|
||||
------------
|
||||
|
||||
~~~~ {.haskell include="src/32-cryptography/Merkle.hs"}
|
||||
~~~~
|
||||
|
||||
Secure Memory Handling
|
||||
----------------------
|
||||
|
||||
Loading…
Reference in New Issue
Block a user