diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-02-27 12:54:06 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-02-27 12:54:06 -0400 |
commit | 7416d4a970e0dd45c27c71fcf7ee868b26ec4c09 (patch) | |
tree | 780f442766cfae89351edf763126788e8a48122d /Types | |
parent | ff3f431794d2fd6e1754d70f3e316327fc95ae09 (diff) |
add cryptographicallySecure
Note that GPGHMAC keys are not cryptographically secure, because their
content has no relation to the name of the key. So, things that use this
function to avoid sending keys to a remote will need to special case in
support for those keys. If GPGHMAC keys were accepted as
cryptographically secure, symlinks using them could be committed to a
git repo, and their content would be accepted into the repo, with no
guarantee that two repos got the same content, which is what we're aiming
to prevent.
Diffstat (limited to 'Types')
-rw-r--r-- | Types/Key.hs | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Types/Key.hs b/Types/Key.hs index 27d56dfd9..59667ae6d 100644 --- a/Types/Key.hs +++ b/Types/Key.hs @@ -65,6 +65,14 @@ sameExceptExt (SHA1Key _) (SHA1Key _) = True sameExceptExt (MD5Key _) (MD5Key _) = True sameExceptExt _ _ = False +{- Is the Key variety cryptographically secure, such that no two differing + - file contents can be mapped to the same Key? -} +cryptographicallySecure :: KeyVariety -> Bool +cryptographicallySecure (SHA2Key _ _) = True +cryptographicallySecure (SHA3Key _ _) = True +cryptographicallySecure (SKEINKey _ _) = True +cryptographicallySecure _ = False + formatKeyVariety :: KeyVariety -> String formatKeyVariety v = case v of SHA2Key sz e -> adde e (addsz sz "SHA") |