add cryptographicallySecure

Note that GPGHMAC keys are not cryptographically secure, because their content has no relation to the name of the key. So, things that use this function to avoid sending keys to a remote will need to special case in support for those keys. If GPGHMAC keys were accepted as cryptographically secure, symlinks using them could be committed to a git repo, and their content would be accepted into the repo, with no guarantee that two repos got the same content, which is what we're aiming to prevent.
author: Joey Hess <joeyh@joeyh.name> 2017-02-27 12:54:06 -0400
committer: Joey Hess <joeyh@joeyh.name> 2017-02-27 12:54:06 -0400
commit: 0fda7c08d04d6ce83a4562bbb8b1caf89082f4a3 (patch)
tree: 6044ae62f82a2fc700d3e1d02eb8ccb5040d28ea /Types
parent: 5e24e3ffe789b963328f65bbab0bf430d0d13919 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/Types/Key.hs b/Types/Key.hs
index 27d56dfd97..59667ae6d5 100644
--- a/Types/Key.hs
+++ b/Types/Key.hs
@@ -65,6 +65,14 @@ sameExceptExt (SHA1Key _) (SHA1Key _) = True
 sameExceptExt (MD5Key _) (MD5Key _) = True
 sameExceptExt _ _ = False
 
+{- Is the Key variety cryptographically secure, such that no two differing
+ - file contents can be mapped to the same Key? -}
+cryptographicallySecure :: KeyVariety -> Bool
+cryptographicallySecure (SHA2Key _ _) = True
+cryptographicallySecure (SHA3Key _ _) = True
+cryptographicallySecure (SKEINKey _ _) = True
+cryptographicallySecure _ = False
+
 formatKeyVariety :: KeyVariety -> String
 formatKeyVariety v = case v of
 	SHA2Key sz e -> adde e (addsz sz "SHA")
author	Joey Hess <joeyh@joeyh.name>	2017-02-27 12:54:06 -0400
committer	Joey Hess <joeyh@joeyh.name>	2017-02-27 12:54:06 -0400
commit	0fda7c08d04d6ce83a4562bbb8b1caf89082f4a3 (patch)
tree	6044ae62f82a2fc700d3e1d02eb8ccb5040d28ea /Types
parent	5e24e3ffe789b963328f65bbab0bf430d0d13919 (diff)