search

tel / saltine

Cryptography that's easy to digest (NaCl/libsodium bindings)
https://github.com/tel/saltine
MIT License
61 stars 29 forks source link

Stronger types for detached signature interfaces #50

Closed shlevy closed 3 years ago

shlevy commented 5 years ago

In my code I have:

-- | A NaCl signature.
newtype Signature = Signature -- ctor not exported from public interface
  { -- | Extract the bytes of a 'Signature'. Guaranteed to be the
    -- right length.
    unSignature :: ByteString
  }

-- | Build a 'Signature'.
--
-- Can fail if the passed in bytes are not the right length.
makeSignature :: ByteString -> Maybe Signature
makeSignature b
  | BS.length b == NaClSizes.sign = Just (Signature b)
  | otherwise = Nothing

Would be nice to have something like this upstream and the relevant functions take a Signature instead of a Bytestring

linearray commented 3 years ago

I agree that most types should be wrapped in a newtype . I will start work on that for 1.0.0 as time permits, but certainly don't mind help on that front.

linearray commented 3 years ago

I've added a Signature type to the Sign and an Authenticator type to the SecretBox module.

Ideally I'd like to expand on that and add Plaintext, Ciphertext and sort of an AuthedPlaintext types in a useful way.

linearray commented 3 years ago

Ideally I'd like to expand on that and add Plaintext, Ciphertext and sort of an AuthedPlaintext types in a useful way.

I thought on this some more and I think for the most part it's just busywork and doesn't add much safety.