diff options
Diffstat (limited to 'Data/OpenPGP/Crypto.hs')
| -rw-r--r-- | Data/OpenPGP/Crypto.hs | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/Data/OpenPGP/Crypto.hs b/Data/OpenPGP/Crypto.hs index e2151fc..fee1d55 100644 --- a/Data/OpenPGP/Crypto.hs +++ b/Data/OpenPGP/Crypto.hs | |||
| @@ -1,3 +1,9 @@ | |||
| 1 | -- | This is a wrapper around <http://hackage.haskell.org/package/Crypto> | ||
| 2 | -- that currently does fingerprint generation and signature verification. | ||
| 3 | -- | ||
| 4 | -- The recommended way to import this module is: | ||
| 5 | -- | ||
| 6 | -- > import qualified Data.OpenPGP.Crypto as OpenPGP | ||
| 1 | module Data.OpenPGP.Crypto (verify, fingerprint) where | 7 | module Data.OpenPGP.Crypto (verify, fingerprint) where |
| 2 | 8 | ||
| 3 | import Data.Word | 9 | import Data.Word |
| @@ -15,7 +21,8 @@ import qualified Data.Digest.SHA512 as SHA512 | |||
| 15 | import qualified Data.OpenPGP as OpenPGP | 21 | import qualified Data.OpenPGP as OpenPGP |
| 16 | import qualified Data.BaseConvert as BaseConvert | 22 | import qualified Data.BaseConvert as BaseConvert |
| 17 | 23 | ||
| 18 | -- http://tools.ietf.org/html/rfc4880#section-12.2 | 24 | -- | Generate a key fingerprint from a PublicKeyPacket or SecretKeyPacket |
| 25 | -- <http://tools.ietf.org/html/rfc4880#section-12.2> | ||
| 19 | fingerprint :: OpenPGP.Packet -> String | 26 | fingerprint :: OpenPGP.Packet -> String |
| 20 | fingerprint p | OpenPGP.version p == 4 = | 27 | fingerprint p | OpenPGP.version p == 4 = |
| 21 | BaseConvert.toString 16 $ SHA1.toInteger $ SHA1.hash $ | 28 | BaseConvert.toString 16 $ SHA1.toInteger $ SHA1.hash $ |
| @@ -66,8 +73,12 @@ emsa_pkcs1_v1_5_encode m emLen algo = | |||
| 66 | [0, 1] ++ replicate (emLen - length t - 3) 0xff ++ [0] ++ t | 73 | [0, 1] ++ replicate (emLen - length t - 3) 0xff ++ [0] ++ t |
| 67 | where t = emsa_pkcs1_v1_5_hash_padding algo ++ hash algo m | 74 | where t = emsa_pkcs1_v1_5_hash_padding algo ++ hash algo m |
| 68 | 75 | ||
| 69 | verify :: OpenPGP.Message -> OpenPGP.Message -> Int -> Bool | 76 | -- | Verify a message signature. Only supports RSA keys for now. |
| 70 | verify keys packet sigidx = | 77 | verify :: OpenPGP.Message -- ^ Keys that may have made the signature |
| 78 | -> OpenPGP.Message -- ^ Message containing data and signature packet | ||
| 79 | -> Int -- ^ Index of signature to verify (0th, 1st, etc) | ||
| 80 | -> Bool | ||
| 81 | verify keys message sigidx = | ||
| 71 | encoded == RSA.encrypt (n, e) raw_sig | 82 | encoded == RSA.encrypt (n, e) raw_sig |
| 72 | where | 83 | where |
| 73 | raw_sig = LZ.unpack $ LZ.drop 2 $ encode (OpenPGP.signature sig) | 84 | raw_sig = LZ.unpack $ LZ.drop 2 $ encode (OpenPGP.signature sig) |
| @@ -79,4 +90,4 @@ verify keys packet sigidx = | |||
| 79 | Just issuer = OpenPGP.signature_issuer sig | 90 | Just issuer = OpenPGP.signature_issuer sig |
| 80 | sig = sigs !! sigidx | 91 | sig = sigs !! sigidx |
| 81 | (sigs, (OpenPGP.LiteralDataPacket {OpenPGP.content = dta}):_) = | 92 | (sigs, (OpenPGP.LiteralDataPacket {OpenPGP.content = dta}):_) = |
| 82 | OpenPGP.signatures_and_data packet | 93 | OpenPGP.signatures_and_data message |