Skip to content


Subversion checkout URL

You can clone with
Download ZIP


buildKey from CryptoRandomGen #9

singpolyma opened this Issue · 1 comment

2 participants


Currently, the only high-level mechanism provided by crypto-api for key generation requires IO. I would like to propose the inclusion of something like:

buildKeyGen :: (BlockCipher k, CryptoRandomGen g) => g -> Either GenError (k, g)
buildKeyGen = runStateT (go (0::Int))
  go 1000 = lift $ Left $ GenErrorOther
                  "Tried 1000 times to generate a key from the system entropy.\
                  \  No keys were returned! Perhaps the system entropy is broken\
                  \ or perhaps the BlockCipher instance being used has a non-flat\
                  \ keyspace."
  go i = do
   let bs = keyLength
   kd <- StateT $ genBytes ((7 + untag bs) `div` 8)
   case buildKey kd of
      Nothing -> go (i+1)
       Just k  -> return $ k `asTaggedTypeOf` bs

Such a patch would need to include all build*Key*Gen combinations (ex: stream key, key pair), but I would certainly accept it.

@TomMD TomMD closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.