libsodium-bindings
libsodium-bindings copied to clipboard
haskell-cryptography
Pure cryptographic functions in `sel`
I wanted to get some opinions on this.
Might it not be safe to define a few of the cryptographic functions in sel as pure (using unsafeDupablePerformIO)?
Some examples:
Sel.Hashing.hashByteStringSel.Hashing.SHA256.hashByteStringSel.Hashing.SHA512.hashByteStringSel.Hashing.Short.hashByteStringSel.Hashing.Password.hashByteStringWithParamsSel.HMAC.SHA256.authenticateSel.HMAC.SHA512.authenticateSel.HMAC.SHA512_256.authenticateSel.SecretKey.Authentication.authenticateSel.PublicKey.Signature.signMessage
@intricate if their libsodium implementations are not secretly stateful, then you have my go-ahead.
@intricate Do you still want to proceed? I'd like to release a new major version after this change of API. :) If you cannot, I'd be happy to take on that work.
@intricate fantastic, don't hesitate to ask if you have any question or face any trouble. :)
Can you document in the haddocks why some functions are "pure" and others aren't?
@turion: were there any particular examples that you were looking at?
In Sel.PublicKey.Signature.signMessage, for example, I left some haddock there explaining why that function is impure. I'd be happy to PR docs for any other functions where you think the reason for impurity is unclear.
See for example decrypt which uses unsafeDupablePerformIO, while encrypt doesn't. I don't understand why one of them is treated that way and not the other.
I see what you mean about it not being very clear.
encrypt is impure because it also generates a random nonce for the crypto_box operation (I'm guessing this is done in an effort to prevent nonce misuse). So perhaps that should be documented.
It could also be nice to offer a pure variant of encrypt which allows the caller to specify a nonce (documented with a warning about misuse).