diff options
Diffstat (limited to 'Data/OpenPGP/Crypto.hs')
-rw-r--r-- | Data/OpenPGP/Crypto.hs | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/Data/OpenPGP/Crypto.hs b/Data/OpenPGP/Crypto.hs index e2151fc..fee1d55 100644 --- a/Data/OpenPGP/Crypto.hs +++ b/Data/OpenPGP/Crypto.hs | |||
@@ -1,3 +1,9 @@ | |||
1 | -- | This is a wrapper around <http://hackage.haskell.org/package/Crypto> | ||
2 | -- that currently does fingerprint generation and signature verification. | ||
3 | -- | ||
4 | -- The recommended way to import this module is: | ||
5 | -- | ||
6 | -- > import qualified Data.OpenPGP.Crypto as OpenPGP | ||
1 | module Data.OpenPGP.Crypto (verify, fingerprint) where | 7 | module Data.OpenPGP.Crypto (verify, fingerprint) where |
2 | 8 | ||
3 | import Data.Word | 9 | import Data.Word |
@@ -15,7 +21,8 @@ import qualified Data.Digest.SHA512 as SHA512 | |||
15 | import qualified Data.OpenPGP as OpenPGP | 21 | import qualified Data.OpenPGP as OpenPGP |
16 | import qualified Data.BaseConvert as BaseConvert | 22 | import qualified Data.BaseConvert as BaseConvert |
17 | 23 | ||
18 | -- http://tools.ietf.org/html/rfc4880#section-12.2 | 24 | -- | Generate a key fingerprint from a PublicKeyPacket or SecretKeyPacket |
25 | -- <http://tools.ietf.org/html/rfc4880#section-12.2> | ||
19 | fingerprint :: OpenPGP.Packet -> String | 26 | fingerprint :: OpenPGP.Packet -> String |
20 | fingerprint p | OpenPGP.version p == 4 = | 27 | fingerprint p | OpenPGP.version p == 4 = |
21 | BaseConvert.toString 16 $ SHA1.toInteger $ SHA1.hash $ | 28 | BaseConvert.toString 16 $ SHA1.toInteger $ SHA1.hash $ |
@@ -66,8 +73,12 @@ emsa_pkcs1_v1_5_encode m emLen algo = | |||
66 | [0, 1] ++ replicate (emLen - length t - 3) 0xff ++ [0] ++ t | 73 | [0, 1] ++ replicate (emLen - length t - 3) 0xff ++ [0] ++ t |
67 | where t = emsa_pkcs1_v1_5_hash_padding algo ++ hash algo m | 74 | where t = emsa_pkcs1_v1_5_hash_padding algo ++ hash algo m |
68 | 75 | ||
69 | verify :: OpenPGP.Message -> OpenPGP.Message -> Int -> Bool | 76 | -- | Verify a message signature. Only supports RSA keys for now. |
70 | verify keys packet sigidx = | 77 | verify :: OpenPGP.Message -- ^ Keys that may have made the signature |
78 | -> OpenPGP.Message -- ^ Message containing data and signature packet | ||
79 | -> Int -- ^ Index of signature to verify (0th, 1st, etc) | ||
80 | -> Bool | ||
81 | verify keys message sigidx = | ||
71 | encoded == RSA.encrypt (n, e) raw_sig | 82 | encoded == RSA.encrypt (n, e) raw_sig |
72 | where | 83 | where |
73 | raw_sig = LZ.unpack $ LZ.drop 2 $ encode (OpenPGP.signature sig) | 84 | raw_sig = LZ.unpack $ LZ.drop 2 $ encode (OpenPGP.signature sig) |
@@ -79,4 +90,4 @@ verify keys packet sigidx = | |||
79 | Just issuer = OpenPGP.signature_issuer sig | 90 | Just issuer = OpenPGP.signature_issuer sig |
80 | sig = sigs !! sigidx | 91 | sig = sigs !! sigidx |
81 | (sigs, (OpenPGP.LiteralDataPacket {OpenPGP.content = dta}):_) = | 92 | (sigs, (OpenPGP.LiteralDataPacket {OpenPGP.content = dta}):_) = |
82 | OpenPGP.signatures_and_data packet | 93 | OpenPGP.signatures_and_data message |