[Haskell-cafe] re: monads with take-out options
John, You write: Yes, you are describing 'co-monads'. Good catch, but actually, that's too weak. i'm requesting something that is both a monad and a co-monad. That makes it something like a bi-algebra, or a Hopf algebra. This, however, is not the full story. i'm looking for a reference to the full story. Surely, someone has already developed this theory. Best wishes, --greg From: John Meacham [EMAIL PROTECTED] Subject: Re: [Haskell-cafe] monads with take-out options To: haskell-cafe@haskell.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=utf-8 On Mon, Nov 24, 2008 at 02:06:33PM -0800, Greg Meredith wrote: Now, are there references for a theory of monads and take-out options? For example, it seems that all sensible notions of containers have take-out. Can we make the leap and define a container as a monad with a notion of take-out? Has this been done? Are there reasons for not doing? Can we say what conditions are necessary to ensure a notion of take-out? Yes, you are describing 'co-monads'. here is an example that a quick web search brought up, and there was a paper on them and their properties published a while ago http://www.eyrie.org/~zednenem/2004/hsce/Control.Comonad.html the duals in that version are extract - return duplicate - join extend - flip (=) (more or less) John -- John Meacham - ⑆repetae.net⑆john⑈ -- L.G. Meredith Managing Partner Biosimilarity LLC 806 55th St NE Seattle, WA 98105 +1 206.650.3740 http://biosimilarity.blogspot.com ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re[2]: [Haskell-cafe] Windows vs. Linux x64
Hello Don, Tuesday, November 25, 2008, 1:59:02 AM, you wrote: Is Windows running in 32 bit? What gcc versions are you using on each system? there is no 64-bit ghc for windows yet, and i think that 64-bit windows runs 32-bit programs as fast as 32-bit windows this problem naturally splits into two parts: 32-bit vs 64-bit and linux vs windows -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Hackage/Cabal/Haddock question
2008/11/25 Thomas Hartman [EMAIL PROTECTED]: I've noticed that many of the packages I upload to haddock don't build documentation properly, although the documentation builds fine locally when I run cabal haddock. For example: http://hackage.haskell.org/cgi-bin/hackage-scripts/package/HAppSHelpers It seems like hackage doesn't have the required dependencies in this case. David ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Hackage/Cabal/Haddock question
On Tue, Nov 25, 2008 at 10:52:48AM +0100, David Waern wrote: 2008/11/25 Thomas Hartman [EMAIL PROTECTED]: I've noticed that many of the packages I upload to haddock don't build documentation properly, although the documentation builds fine locally when I run cabal haddock. For example: http://hackage.haskell.org/cgi-bin/hackage-scripts/package/HAppSHelpers It seems like hackage doesn't have the required dependencies in this case. Yes, it seems syb-with-class and hspread don't build with ghc-6.10.1 and haddock-2.3.0. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Unique functor instance
I've been wondering, is it ever possible to have two (extensionally) different Functor instances for the same type? I do mean in Haskell; i.e. (,) doesn't count. I've failed to either come up with any examples or prove that they all must be the same using the laws. Thanks, Luke ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Unique functor instance
Luke Palmer wrote: I've been wondering, is it ever possible to have two (extensionally) different Functor instances for the same type? I do mean in Haskell; i.e. (,) doesn't count. I've failed to either come up with any examples or prove that they all must be the same using the laws. For not-too-exotic datatypes, in particular for algebraic data types with polynomial structure (no exponentials, embedded function types, and other nasties), I would conjecture that indeed there is always exactly one Functor instance satisfying the identity and composition laws. But for proving this the two equational laws would not be enough. Rather, one would also need to use that fmap must be sufficiently polymorphic. Basically, a proof by a version of free theorems, or equivalently in this case, properties of natural transformations. And no, I don't have a more constructive proof at the moment ;-) Ciao, Janis. -- Dr. Janis Voigtlaender http://wwwtcs.inf.tu-dresden.de/~voigt/ mailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Unique functor instance
Janis Voigtlaender wrote: Luke Palmer wrote: I've been wondering, is it ever possible to have two (extensionally) different Functor instances for the same type? I do mean in Haskell; i.e. (,) doesn't count. I've failed to either come up with any examples or prove that they all must be the same using the laws. For not-too-exotic datatypes, in particular for algebraic data types with polynomial structure (no exponentials, embedded function types, and other nasties), I would conjecture that indeed there is always exactly one Functor instance satisfying the identity and composition laws. But for proving this the two equational laws would not be enough. Rather, one would also need to use that fmap must be sufficiently polymorphic. Basically, a proof by a version of free theorems, or equivalently in this case, properties of natural transformations. And no, I don't have a more constructive proof at the moment ;-) Let me be a bit more precise. A free theorem can be used to prove that any f :: (a - b) - [a] - [b] which satisfies f id = id also satisfies f = map (for the Haskell standard map). Also, a free theorem can be used to prove that any f :: (a - b) - Tree a - Tree b for data Tree a = Node (Tree a) (Tree a) | Leaf a which satisfies f id = id also satsifies f = fmap for the following definition: fmap f (Leaf a) = Leaf (f a) fmap f (Note t1 t2) = Node (fmap f t1) (fmap f t2) That gives the desired statement of unique Functor instances for the list type and the above Tree type. And the same kind of proof is possible for what I called not-too-exotic datatypes. And since all these proofs are essentially the same, it is no doubt possible to give a generic argument that provides the more general statement that for all such datatypes exactly one Functor instance exists. Makes sense? Ciao, Janis. -- Dr. Janis Voigtlaender http://wwwtcs.inf.tu-dresden.de/~voigt/ mailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Unique functor instance
Luke Palmer wrote: I've been wondering, is it ever possible to have two (extensionally) different Functor instances for the same type? I do mean in Haskell; i.e. (,) doesn't count. I've failed to either come up with any examples or prove that they all must be the same using the laws. For not-too-exotic datatypes, in particular for algebraic data types with polynomial structure (no exponentials, embedded function types, and other nasties), I would conjecture that indeed there is always exactly one Functor instance satisfying the identity and composition laws. Are identity and composition sufficient to guarantee that the mapped function is actually applied? instance Functor f where fmap _ x = x fmap id fx ~ fx ~ id fx fmap f (fmap g fx) ~ fmap f fx ~ fx ~ fmap (f . g) fx Claus ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Unique functor instance
Are identity and composition sufficient to guarantee that the mapped function is actually applied? eek - f :: a - b, not f :: a - a, so that example doesn't work !! Sorry for the noise, Claus ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Unique functor instance
Claus Reinke wrote: Luke Palmer wrote: I've been wondering, is it ever possible to have two (extensionally) different Functor instances for the same type? I do mean in Haskell; i.e. (,) doesn't count. I've failed to either come up with any examples or prove that they all must be the same using the laws. For not-too-exotic datatypes, in particular for algebraic data types with polynomial structure (no exponentials, embedded function types, and other nasties), I would conjecture that indeed there is always exactly one Functor instance satisfying the identity and composition laws. Are identity and composition sufficient to guarantee that the mapped function is actually applied? instance Functor f where fmap _ x = x Such an fmap will not have the required type (a - b) - f a - f b Consider fmap even. Then a=Int, b=Bool, x::f Int, (fmap even x)::f Bool, type error since you assumed fmap even x = x ! Ciao, Janis. -- Dr. Janis Voigtlaender http://wwwtcs.inf.tu-dresden.de/~voigt/ mailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Data.Array.Storable vs GC
If you have a giant unboxed array that will never become garbage, it would be nice to put it somewhere where the GC won't bother with it. Since Data.Array.Storable arrays are allocated in the C heap, I thought it would be a good choice. However, I am getting very poor performance due to the GC copying 6G in each run. The only explanation that I can think of is that it is copying my giant array. Am I wrong in my understanding that Data.Array.Storable arrays should not be copied by the GC? BTW, I am using GHC 6.10.1 on linux. Thanks for reading. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Data.Array.Storable vs GC
Hello David, Tuesday, November 25, 2008, 4:45:28 PM, you wrote: However, I am getting very poor performance due to the GC copying 6G in each run. The only explanation that I can think of is that it is copying my giant array. each GC run? each program run? try to increase size of your array and check how many data are now copied by GC (of course, everything else shouldn't be changed) it's possible that your code that fills an array creates a lot of intermediate data -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Re: Unique functor instance
Luke Palmer lrpalmer at gmail.com writes: I've been wondering, is it ever possible to have two (extensionally) different Functor instances for the same type? I do mean in Haskell; i.e. (,) doesn't count. I've failed to either come up with any examples or prove that they all must be the same using the laws. Thanks, Luke A related question would be: are there two abstractions whose underlying representations (as algebraic data types) are isomorphic? For example, suppose that we represented both lists and sets as [a]. One would expect the Functor instances for list and set to be different, since sets can't contain duplicates. Unfortunately, it's not possible to express this in Haskell, because we can't assume an Eq constraint when defining our Functor instance. I suspect that the answer to the question is, yes, you can have different Functor instances. All you need is a sum-product type that it's possible to interpret as two different abstractions, leading to two different Functor instances. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Re: Problem getting code from AFP08 parallel tutorial to run in parallel
Don Stewart wrote: Which version of GHC are you using? This particular example triggers a boundary condition in ghc 6.10 where, with only one spark, GHC doesn't fire up the extra cpu. Try it with 6.8.x to see that in action. Simon Marlow may be able to comment more. Yes, it's a scheduling bug. I'll make sure it gets fixed for 6.10.2. If you have more sparks then you shouldn't see this problem. Also, GHC HEAD is quite a lot better with parallel programs than 6.10.1, I'll try to get around to posting some figures sometime. Cheers, Simon -- Don olivier.boudry: Hi all, I'm reading the following tutorial: http://research.microsoft.com/~simonpj/papers/parallel/AFP08-notes.pdf A Tutorial on Parallel and Concurrent Programming in Haskell and have problems getting the expected speed improvement from running two tasks in parallel. With any version of the code present in pages 1-7 of the tutorial I keep getting the CPU stick to 50%. I did not forget to compile the code with `-threaded` and run it with `+RTS -N2` and it runs on a dual core machine on which I already used the Control.Parallel.Strategies.parMap function and got 100% CPU usage. The first version of the parallel function in the tutorial (page 6) is: parSumFibEuler :: Int − Int − Int parSumFibEuler a b = f 'par' (f + e) where f = fib a e = sumEuler b In the tutorial, swapping f and e on the 3rd line does the job, but in my case it doesn't change anything. C:\Temp\haskellghc --make -threaded SumEulerP6.hs [1 of 1] Compiling Main ( SumEulerP6.hs, SumEulerP6.o ) Linking SumEulerP6.exe ... C:\Temp\haskellSumEulerP6 +RTS -N1 sum: 119201850 time: 36.890625 seconds C:\Temp\haskellSumEulerP6 +RTS -N2 sum: 119201850 time: 36.859375 seconds Next page of the tutorial the tasks are explicitly sequenced so the code does not depend on the ordering of the two `+` operands: parSumFibEuler :: Int - Int - Int parSumFibEuler a b = f `par` (e `pseq` (f + e)) where f = fib a e = sumEuler b With once again a disappointing result: C:\Temp\haskellghc --make -threaded SumEulerP7.hs [1 of 1] Compiling Main ( SumEulerP7.hs, SumEulerP7.o ) Linking SumEulerP7.exe ... C:\Temp\haskellSumEulerP7 +RTS -N1 sum: 119201850 time: 36.875 seconds C:\Temp\haskellSumEulerP7 +RTS -N2 sum: 119201850 time: 36.75 seconds I tried this on a Windows XP Dell Dual Core with GHC 6.10.1 and on a iMac Dual Core with GHC 6.8.3 and got the same result on both. I'm probably missing something really stupid but I'm lacking the parallel thinking skills to understand how to look at the problem and resolve it. Any pointers? Thanks, Olivier. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Re: Unique functor instance
DavidA wrote: I suspect that the answer to the question is, yes, you can have different Functor instances. All you need is a sum-product type that it's possible to interpret as two different abstractions, leading to two different Functor instances. The sum-product types are exactly the not-too-exotic types to which my proof applies. So as long as extensional equivalence means Haskell equivalence, and not some modulo an interpretation equivalence (like considering two lists equivalent if they contain the same elements but in potentially different order), the answer is no, one cannot have different funtor instances. Ciao, Janis. -- Dr. Janis Voigtlaender http://wwwtcs.inf.tu-dresden.de/~voigt/ mailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] (no subject)
hi, i am looking for someone to help me with an assignment! can anyone help me? i am looking forward to your reply. sincerely, Tolis _ BigSnapSearch.com - 24 prizes a day, every day - Search Now! http://clk.atdmt.com/UKM/go/117442309/direct/01/___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Data.Array.Storable vs GC
On Tue, 2008-11-25 at 16:51 +0300, Bulat Ziganshin wrote: Hello David, Hello Bulat, Tuesday, November 25, 2008, 4:45:28 PM, you wrote: However, I am getting very poor performance due to the GC copying 6G in each run. The only explanation that I can think of is that it is copying my giant array. each GC run? each program run? each program run try to increase size of your array and check how many data are now copied by GC (of course, everything else shouldn't be changed) Excellent idea. I made the array twice as big, Otherwise everything else is the same. The GC copies the same amount of data. The only difference I noticed is that with the array twice as big, there were about half as many collections in generation 1. The time and efficiency are about the same. I guess it is not the fault of Data.Array.Storable. When I was researching how to do this, I was really hoping for something like static areas from the Lisp Machine operating system. You could allocate any normal object in an area of the heap where the GC would not bother with it. I miss that. I wonder why GHC doesn't have such a concept? ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] (no subject)
2008/11/25 apostolos flessas [EMAIL PROTECTED]: hi, i am looking for someone to help me with an assignment! can anyone help me? Hi Tolis! Have a look at the homework help policy, so you know what people will and will not answer. http://www.haskell.org/haskellwiki/Homework_help Then let us know what you're trying to do, and what your difficulty has been. Cheers, D ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[2]: [Haskell-cafe] Data.Array.Storable vs GC
On Tue, 2008-11-25 at 17:32 +0300, Bulat Ziganshin wrote: Hello David, Tuesday, November 25, 2008, 5:27:51 PM, you wrote: When I was researching how to do this, I was really hoping for something like static areas from the Lisp Machine operating system. You could allocate any normal object in an area of the heap where the GC would not bother with it. I miss that. I wonder why GHC doesn't have such a concept? it has. bytestrings use this area, it's called pinned arrays Thanks. I'll look into it. BTW, running my program with the compacting GC improved efficiency dramatically. Your initial idea that it was my other data was my other data was absolutely correct. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re[2]: [Haskell-cafe] Data.Array.Storable vs GC
Hello David, Tuesday, November 25, 2008, 5:27:51 PM, you wrote: When I was researching how to do this, I was really hoping for something like static areas from the Lisp Machine operating system. You could allocate any normal object in an area of the heap where the GC would not bother with it. I miss that. I wonder why GHC doesn't have such a concept? it has. bytestrings use this area, it's called pinned arrays -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Re: Problem getting code from AFP08 parallel tutorial to run in parallel
On Tue, Nov 25, 2008 at 3:07 PM, Simon Marlow [EMAIL PROTECTED] wrote: Yes, it's a scheduling bug. I'll make sure it gets fixed for 6.10.2. If you have more sparks then you shouldn't see this problem. Also, GHC HEAD is quite a lot better with parallel programs than 6.10.1, I'll try to get around to posting some figures sometime. Yes, I tried it with 3 sparks and it works, Thanks for your help, Olivier. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Re: Unique functor instance
Janis Voigtlaender voigt at tcs.inf.tu-dresden.de writes: DavidA wrote: I suspect that the answer to the question is, yes, you can have different Functor instances. All you need is a sum-product type that it's possible to interpret as two different abstractions, leading to two different Functor instances. The sum-product types are exactly the not-too-exotic types to which my proof applies. So as long as extensional equivalence means Haskell equivalence, and not some modulo an interpretation equivalence (like considering two lists equivalent if they contain the same elements but in potentially different order), the answer is no, one cannot have different funtor instances. Ciao, Janis. Okay, I see. Well that's interesting, because it suggests that your proof might break under modest extensions to the language. The thing that led me to suggest list / set as an example was consideration of Data.Set. Conceptually, this should be a Functor instance - given f :: a - b, we should be able to derive fmap f :: Data.Set a - Data.Set b, eg fmap f xs = (fromList . map f . toList) xs However, we can't currently express this in Haskell, because Data.Set requires Ord a. However, there have been some proposals to fix this. I assume that if they went through, then it would be possible to define a type which could be interpreted as either a list or a set, with different functor instances in either case. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[2]: [Haskell-cafe] Password hashing
What does haskell cafe think of the following module for drop-in password hasing for webapps? Seem reasonable? import Data.Digest.SHA512 (hash) import qualified Data.ByteString as B' import qualified Data.ByteString.Char8 as B -- store passwords as md5 hash, as a security measure scramblepass :: String - IO String scramblepass p = do etSalt - try $ readFile secure/salt case etSalt of Left e - fail errmsg Right s - -- return . show . md5 . L.pack $ p ++ s return . B.unpack . B'.pack . hash . B'.unpack . B.pack $ p ++ s where errmsg = scramblepass error, you probably need to create a salt file in secure/salt. This is used for \ \hashing passwords, so keep it secure. chmod u=r secure/salt, and make sure it's skipped \ \in version control commits, etc. A good way to generate a salt file is (e.g., on ubuntu) \ \writeFile \secure/salt\ = ( strongsalt $ readFile \/dev/urandom\)\ \You could also just type some random seeming text into this file, though that's not quite as secure.\ \Keep a backup copy of this file somewhere safe in case of disaster. -- | eg, on ubuntu: strongsalt $ readFile /dev/urandom strongsalt :: IO String - IO String strongsalt randomSource = return . salt' = randomSource where salt' = show . fst . next . mkStdGen . read . concat . map (show . ord) . take 10 2008/10/30 Bulat Ziganshin [EMAIL PROTECTED]: Hello Thomas, Thursday, October 30, 2008, 3:32:46 PM, you wrote: No salt, but apart from that, should be fine, right? 1) without salt, it's not serious - easily breaked by dictionary attack 2) afair, md5 isn't condidered now as cryptographic hash -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[2]: [Haskell-cafe] Password hashing
Just to note, the comment about md5 is incorrect. I switched to SHA512 as you can see in the code. 2008/11/25 Thomas Hartman [EMAIL PROTECTED]: What does haskell cafe think of the following module for drop-in password hasing for webapps? Seem reasonable? import Data.Digest.SHA512 (hash) import qualified Data.ByteString as B' import qualified Data.ByteString.Char8 as B -- store passwords as md5 hash, as a security measure scramblepass :: String - IO String scramblepass p = do etSalt - try $ readFile secure/salt case etSalt of Left e - fail errmsg Right s - -- return . show . md5 . L.pack $ p ++ s return . B.unpack . B'.pack . hash . B'.unpack . B.pack $ p ++ s where errmsg = scramblepass error, you probably need to create a salt file in secure/salt. This is used for \ \hashing passwords, so keep it secure. chmod u=r secure/salt, and make sure it's skipped \ \in version control commits, etc. A good way to generate a salt file is (e.g., on ubuntu) \ \writeFile \secure/salt\ = ( strongsalt $ readFile \/dev/urandom\)\ \You could also just type some random seeming text into this file, though that's not quite as secure.\ \Keep a backup copy of this file somewhere safe in case of disaster. -- | eg, on ubuntu: strongsalt $ readFile /dev/urandom strongsalt :: IO String - IO String strongsalt randomSource = return . salt' = randomSource where salt' = show . fst . next . mkStdGen . read . concat . map (show . ord) . take 10 2008/10/30 Bulat Ziganshin [EMAIL PROTECTED]: Hello Thomas, Thursday, October 30, 2008, 3:32:46 PM, you wrote: No salt, but apart from that, should be fine, right? 1) without salt, it's not serious - easily breaked by dictionary attack 2) afair, md5 isn't condidered now as cryptographic hash -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Re: Unique functor instance
DavidA wrote: Okay, I see. Well that's interesting, because it suggests that your proof might break under modest extensions to the language. Yes. The free theorem used was a naive one, for the simplest possible model of Haskell, not even taking care of possible nontermination and seq. But http://linux.tcs.inf.tu-dresden.de/~voigt/ft/ can produce less naive ones as well. In particular, it can also produce free theorems for types involving class constraints, like Eq or Ord. That would deal with situations where the type variables a and b in the type of fmap were class-constrained, as you suggest. And finally, another plug: explanations for precisely the kind of type-based reasoning I used in the earlier mail can be found in the thesis I advertised today on the general list: http://wwwtcs.inf.tu-dresden.de/~voigt/habil.pdf Ciao, Janis. -- Dr. Janis Voigtlaender http://wwwtcs.inf.tu-dresden.de/~voigt/ mailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re[4]: [Haskell-cafe] Password hashing
Hello Thomas, Tuesday, November 25, 2008, 6:39:27 PM, you wrote: Just to note, the comment about md5 is incorrect. I switched to SHA512 as you can see in the code. really? :) Right s - -- return . show . md5 . L.pack $ p ++ s typical salt usage is generation of new salt for every encryption operation and storing together with encrypted data -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Hackage/Cabal/Haddock question
How come I get documentation output when I build locally then? I'm also using ghc 6.10.1 and haddock 2.3.0. 2008/11/25 Ross Paterson [EMAIL PROTECTED]: On Tue, Nov 25, 2008 at 10:52:48AM +0100, David Waern wrote: 2008/11/25 Thomas Hartman [EMAIL PROTECTED]: I've noticed that many of the packages I upload to haddock don't build documentation properly, although the documentation builds fine locally when I run cabal haddock. For example: http://hackage.haskell.org/cgi-bin/hackage-scripts/package/HAppSHelpers It seems like hackage doesn't have the required dependencies in this case. Yes, it seems syb-with-class and hspread don't build with ghc-6.10.1 and haddock-2.3.0. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[4]: [Haskell-cafe] Password hashing
ah thanks, I'll try again. typical salt usage is generation of new salt for every encryption operation and storing together with encrypted data 2008/11/25 Bulat Ziganshin [EMAIL PROTECTED]: Hello Thomas, Tuesday, November 25, 2008, 6:39:27 PM, you wrote: Just to note, the comment about md5 is incorrect. I switched to SHA512 as you can see in the code. really? :) Right s - -- return . show . md5 . L.pack $ p ++ s typical salt usage is generation of new salt for every encryption operation and storing together with encrypted data -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[4]: [Haskell-cafe] Password hashing
How about the following? The main doubts I'm having at this point concern the takerandom part. Does this seem reasonable? Also, someone in the thread mentioned that a calculation that took a couple of seconds to complete was a good thing because it makes dictionary cracking harder. But makeSaltedPasswordLinux meh is virtually instantaneous, so I guess I'm doing something wrong? Thanks for advice! thomas. [EMAIL PROTECTED]:~/hackage/HAppSHelperscat HAppS/Helpers/Security.hs -- | Password hashes are based on a salt from a source of randomness (eg /dev/urandom), and -- | the SHA512 hashing function module HAppS.Helpers.Security ( makeSaltedPassword, makeSaltedPasswordLinux, checkpass ) where import qualified Data.ByteString.Char8 as B import qualified Data.ByteString as B' import Control.Monad.Error import System.IO.Error import Random import Data.Digest.SHA512 (hash) import Data.Char data SaltedPassword = SaltedPassword HashedPass Salt deriving Show newtype Password = Password String deriving Show newtype Salt = Salt String deriving Show newtype HashedPass = HashedPass String deriving (Eq, Show) checkpass :: Password - SaltedPassword - Bool checkpass passattempt ( SaltedPassword hashedPass salt ) = let hashedPassAttempt = hashpass passattempt salt in hashedPassAttempt == hashedPass hashpass :: Password - Salt - HashedPass hashpass (Password p) (Salt s) = HashedPass . B.unpack . B'.pack . hash . B'.unpack . B.pack $ p ++ s -- | This works at least on ubuntu hardy heron, I don't know how portable it is -- makeSaltedPasswordLinux p = getSaltedPassword $ readFile /dev/urandom) makeSaltedPasswordLinux :: Password - IO SaltedPassword makeSaltedPasswordLinux = makeSaltedPassword $ readFile /dev/urandom makeSaltedPassword :: IO String - Password - IO SaltedPassword makeSaltedPassword randomsource pass = do etR - try $ return . takerandom = randomsource case etR of Left e - fail . show $ e Right s - do let salt = Salt s hp = hashpass pass salt return $ SaltedPassword hp salt takerandom :: String - String takerandom = show . fst . next . mkStdGen . read . concat . map (show . ord) . take 1000 2008/11/25 Bulat Ziganshin [EMAIL PROTECTED]: Hello Thomas, Tuesday, November 25, 2008, 6:39:27 PM, you wrote: Just to note, the comment about md5 is incorrect. I switched to SHA512 as you can see in the code. really? :) Right s - -- return . show . md5 . L.pack $ p ++ s typical salt usage is generation of new salt for every encryption operation and storing together with encrypted data -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re[6]: [Haskell-cafe] Password hashing
Hello Thomas, Tuesday, November 25, 2008, 9:13:53 PM, you wrote: don't reinvent the wheel, use PBKDF2 from PKCS #5 http://www.truecrypt.org/docs/pkcs5v2-0.pdf How about the following? The main doubts I'm having at this point concern the takerandom part. Does this seem reasonable? Also, someone in the thread mentioned that a calculation that took a couple of seconds to complete was a good thing because it makes dictionary cracking harder. But makeSaltedPasswordLinux meh is virtually instantaneous, so I guess I'm doing something wrong? Thanks for advice! thomas. [EMAIL PROTECTED]:~/hackage/HAppSHelperscat HAppS/Helpers/Security.hs -- | Password hashes are based on a salt from a source of randomness (eg /dev/urandom), and -- | the SHA512 hashing function module HAppS.Helpers.Security ( makeSaltedPassword, makeSaltedPasswordLinux, checkpass ) where import qualified Data.ByteString.Char8 as B import qualified Data.ByteString as B' import Control.Monad.Error import System.IO.Error import Random import Data.Digest.SHA512 (hash) import Data.Char data SaltedPassword = SaltedPassword HashedPass Salt deriving Show newtype Password = Password String deriving Show newtype Salt = Salt String deriving Show newtype HashedPass = HashedPass String deriving (Eq, Show) checkpass :: Password - SaltedPassword - Bool checkpass passattempt ( SaltedPassword hashedPass salt ) = let hashedPassAttempt = hashpass passattempt salt in hashedPassAttempt == hashedPass hashpass :: Password - Salt - HashedPass hashpass (Password p) (Salt s) = HashedPass . B.unpack . B'.pack . hash . B'.unpack . B.pack $ p ++ s -- | This works at least on ubuntu hardy heron, I don't know how portable it is -- makeSaltedPasswordLinux p = getSaltedPassword $ readFile /dev/urandom) makeSaltedPasswordLinux :: Password - IO SaltedPassword makeSaltedPasswordLinux = makeSaltedPassword $ readFile /dev/urandom makeSaltedPassword :: IO String - Password - IO SaltedPassword makeSaltedPassword randomsource pass = do etR - try $ return . takerandom = randomsource case etR of Left e - fail . show $ e Right s - do let salt = Salt s hp = hashpass pass salt return $ SaltedPassword hp salt takerandom :: String - String takerandom = show . fst . next . mkStdGen . read . concat . map (show . ord) . take 1000 2008/11/25 Bulat Ziganshin [EMAIL PROTECTED]: Hello Thomas, Tuesday, November 25, 2008, 6:39:27 PM, you wrote: Just to note, the comment about md5 is incorrect. I switched to SHA512 as you can see in the code. really? :) Right s - -- return . show . md5 . L.pack $ p ++ s typical salt usage is generation of new salt for every encryption operation and storing together with encrypted data -- Best regards, Bulatmailto:[EMAIL PROTECTED] -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Interactive
Thomas DuBuisson wrote: Here are the links that hold the information you desire: http://www.haskell.org/haskellwiki/Frag http://www.cse.unsw.edu.au/~pls/thesis/munc-thesis.pdf http://www.cse.unsw.edu.au/%7Epls/thesis/munc-thesis.pdf In short: FRP http://www.haskell.org/frp/ On Wed, Nov 12, 2008 at 1:52 PM, Andrew Coppin [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: I have a small question... Given that interactivity is Really Hard to do in Haskell, and that mutable state is to be strongly avoided, how come Frag exists? (I.e., how did they successfully solve these problems?) Having read the paper [again], I'm still don't understand a word of it. So I'm still wondering how Frag actually works. OOP seems like such a natural fit for describing the behaviour of a network of independent objects. But Haskell seems to require you to make a new, modified copy of the entire game state at each frame, which sounds... highly non-performant. What am I not seeing? ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Interactive
On Tue, 2008-11-25 at 18:43 +, Andrew Coppin wrote: Thomas DuBuisson wrote: Here are the links that hold the information you desire: http://www.haskell.org/haskellwiki/Frag http://www.cse.unsw.edu.au/~pls/thesis/munc-thesis.pdf http://www.cse.unsw.edu.au/%7Epls/thesis/munc-thesis.pdf In short: FRP http://www.haskell.org/frp/ On Wed, Nov 12, 2008 at 1:52 PM, Andrew Coppin [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: I have a small question... Given that interactivity is Really Hard to do in Haskell, and that mutable state is to be strongly avoided, how come Frag exists? (I.e., how did they successfully solve these problems?) Having read the paper [again], I'm still don't understand a word of it. So I'm still wondering how Frag actually works. OOP seems like such a natural fit for describing the behaviour of a network of independent objects. But Haskell seems to require you to make a new, modified copy of the entire game state at each frame, Small note: this depends on the data structure. Some structures allow for large amounts of state sharing; in particular, the old copy of any object that didn't change can probably be re-used. I don't know how much that applies to Frag, but I've found it to be quite helpful performance-wise in the past. And, in general, most of the interest in FRP isn't in making functions over time work --- that's easy --- but in minimizing re-computation, which includes precisely re-using earlier results when possible. jcc ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] monads with take-out options
On Mon, 2008-11-24 at 15:06 -0800, Greg Meredith wrote: Jonathan, Nice! Thanks. In addition to implementations, do we have more mathematical accounts? Let me expose more of my motives. * i am interested in a first-principles notion of data. Hunh. I have to say I'm not. The difference between Bool - alpha and (alpha, alpha) is not one I've ever felt a need to elaborate. And I'm not sure you *could* elaborate it, within a mathematical context --- which to me means you only work up to isomorphism anyway. Neither lambda nor π-calculus come with a criterion for determining which terms represent data and which programs. As you know, lambda-calculus was originally designed to provide a foundation for mathematics in which every mathematical object --- sets, numbers, function, etc. --- would be a function (a lambda-term) under the hood. It was designed to abstract away the distinction between values and functions, not really to express it. You can shoe-horn in such notions -- and it is clear that practical programming relies on such a separation What? `Practical programming' in my experience relies on the readiness to see functions as first-class values (as near to data as possible). Implementations want to distinguish them, in various ways --- but then once you draw that distinction, programmers want to use data structures like tries, to get your `data structure' implementation for the program design's `function' types (or some of them...) As near as I can tell, the distinction between data and code is fundamentally one of performance, which makes it quite implementation-dependent. And, for me, boring. -- but along come nice abstractions like generic programming and the boundary starts moving again. (Note, also that one of the reasons i mention π-calculus is because when you start shipping data between processes you'd like to know that this term really is data and not some nasty little program...) It's not nice to call my children^Wprograms nasty :) I think, though, that the real problem is to distinguish values with finite canonical forms (which can be communicated to another process in finite time) from values with infinite canonical forms (which cannot). The problem then is defining what a `canonical form' is. But characterizing the problem in terms of data vs. code isn't going to help: \ b - if b then 0 else 1 is a perfectly good finite canonical form of type Bool - Int, while repeat 0 is a perfectly good term of type [Int] (a data type!) with no finite canonical form (not even a finite normal form). I'm sure this fails to engage your point, but perhaps it might clarify some points you hadn't considered. jcc ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re[2]: [Haskell-cafe] Interactive
Hello Andrew, Tuesday, November 25, 2008, 9:43:11 PM, you wrote: OOP seems like such a natural fit for describing the behaviour of a network of independent objects. But Haskell seems to require you to make a new, modified copy of the entire game state at each frame, which sounds... highly non-performant. most of the game state is a few mb maximum. you don't need to copy textures and other permanent game object descriptors which occupies most part of those hundredths mbs just an example from my own work: i wrote an archiver which may use, say, 500 mb for storing list of million files. but the list itslef occupies only ~10mb, so i can do all the forms of complex processing without over-loading memory manager. each file descrption is 500 bytes long, but this info isn't changed during program run -- Best regards, Bulatmailto:[EMAIL PROTECTED] ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Windows vs. Linux x64
On Monday 24 November 2008 23:59:02 Don Stewart wrote: bartek: Hi Everybody, while working on my resent project I've noticed that my code seems to be faster under Windows than under Linux x64. Is Windows running in 32 bit? What gcc versions are you using on each system? Windows is 32 bit with GHC-6.8.3. Linux is 64 bit with GHC-6.10.1. Bartek ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] build tools and Cabal
On Tue, 2008-11-25 at 01:30 +, John Lato wrote: Hello, Cabal allows specifying arguments for tools it recognizes on the command line, e.g. runhaskell Setup.hs configure --c2hs-option=some_option Unfortunately, I can't find a way to make this work with .cabal (or .buildinfo) files, except for the specific cases of ghc, hugs, and nhc98 options. Am I missing something? No. If not, could this be added easily? Yes, but it's not clear that we should. It would be very helpful as I'm trying to work around the broken cpp Apple provides. Perhaps we should do the workaround once rather than adding the workaround to every package. What is the problem exactly? Duncan ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Windows vs. Linux x64
Bartosz Wójcik [EMAIL PROTECTED] writes: while working on my resent project I've noticed that my code seems to be faster under Windows than under Linux x64. Is Windows running in 32 bit? What gcc versions are you using on each system? Windows is 32 bit with GHC-6.8.3. Linux is 64 bit with GHC-6.10.1. This corresponds to my experiences - 64 bits is slower, something I've ascribed to the cost of increased pointer size. -k -- If I haven't seen further, it is by standing in the footprints of giants ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Re: Problem getting code from AFP08 parallel tutorial to run in parallel
olivier.boudry: On Tue, Nov 25, 2008 at 3:07 PM, Simon Marlow [EMAIL PROTECTED] wrote: Yes, it's a scheduling bug. I'll make sure it gets fixed for 6.10.2. If you have more sparks then you shouldn't see this problem. Also, GHC HEAD is quite a lot better with parallel programs than 6.10.1, I'll try to get around to posting some figures sometime. Yes, I tried it with 3 sparks and it works, Thanks for your help, What does the code look like? Simon : should we be start to try tthe HEAD for par stuff? -- Don ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Data.Array.Storable vs GC
GHC has 'pinned arrays' that have this behavior. however, you probably don't want to use them as they simply give the garbage collector less choices about what to do possibly decreasing its efficiency. The garbage collector already is free to not copy arrays if it feels it isn't worth it, by pinning them you simply take away its ability to choose to do so if it is needed. John -- John Meacham - ⑆repetae.net⑆john⑈ ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Windows vs. Linux x64
On Tue, Nov 25, 2008 at 09:39:35PM +0100, Ketil Malde wrote: This corresponds to my experiences - 64 bits is slower, something I've ascribed to the cost of increased pointer size. ghc unfortunatly also uses 64 bit integers when in 64 bit mode, so the cost paid is increased due to that as well, Also since each math instruction needs an extra byte telling it to work on 64 bit data so the code is less dense. John -- John Meacham - ⑆repetae.net⑆john⑈ ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[2]: [Haskell-cafe] Password hashing
OK, I went ahead and implemented pbkdf2, following the algorithm
linked to by bulat and Michael.
If there are any crypto gurus who can code-review this I would be much
obliged, and when I'm confident enough that this does the right thing
I'll put it up on hackage.
I don't do much crypto so this *definitely* needs a review before it
becomes a library?
How's this looks, cafe?
Thanks!
Thomas.
{-# LANGUAGE ScopedTypeVariables #-}
module Crypto.PBKDF2 (pbkdf2, pbkdf2') where
import qualified Data.ByteString.Char8 as B
import qualified Data.ByteString.Lazy as L
import GHC.Word
import Control.Monad (foldM)
import Random
import Data.Digest.SHA512 (hash)
import Data.Word
import Data.Bits
import Data.Binary
newtype Password = Password [Word8]
newtype Salt = Salt [Word8]
newtype HashedPass = HashedPass [Word8]
deriving Show
{- | A reasonable default for rsa pbkdf2? Actually I'm not really
sure, ask folk with more experience.
pbkdf2 = pbkdf2' prfSHA512 512 512 512
-}
t = pbkdf2 ( Password . toWord8s $ meh ) ( Salt . toWord8s $ moo )
pbkdf2 :: Password - Salt - HashedPass
pbkdf2 = pbkdf2' prfSHA512 512 512 512
{- | Password Based Key Derivation Function, from RSA labs.
pbkdf2' prf hlen cIters dklen (Password pass) (Salt salt)
-}
pbkdf2' :: ([Word8] - [Word8] - [Word8]) - Integer - Integer -
Integer - Password - Salt - HashedPass
pbkdf2' prf hlen cIters dklen (Password pass) (Salt salt)
| dklen ( (2^32-1) * hlen) = error $ pbkdf2, (dklen,hlen) : ++
(show (dklen,hlen))
| otherwise =
let --l,r :: Int
l = ceiling $ (fromIntegral dklen) / (fromIntegral hlen )
r = dklen - ( (l-1) * hlen)
ustream :: [Word8] - [Word8] - [[Word8]]
ustream p s = let x = prf p s
in x : ustream p x
--us :: Integer - [[Word8]]
us i = take (fromIntegral cIters) $ ustream pass ( salt `myor`
((intToFourWord8s i) ))
--f :: [Word8] - [Word8] - Integer - Integer - [Word8]
f pass salt cIters i = foldr1 myxor $ us i
ts :: [[Word8]]
ts = map (f pass salt cIters) ( [1..l] )
in HashedPass . take (fromIntegral dklen) . concat $ ts
-- The spec says
-- Here, INT (i) is a four-octet encoding of the integer i, most
significant octet first.
-- I'm reading from the right... is this the right thing?
toWord8s x = L.unpack . encode $ x
--intToFourWord8s :: Integer - [Word8]
intToFourWord8s i = let w8s = toWord8s $ i
in drop (length w8s -4) w8s
myxor :: [Word8] - [Word8] - [Word8]
myxor = zipWith xor
myor :: [Word8] - [Word8] - [Word8]
myor = zipWith (.|.)
prfSHA512 :: [Word8] - [Word8] - [Word8]
prfSHA512 x y = hash $ x ++ y
2008/11/26 John Meacham [EMAIL PROTECTED]:
What you are using there is not a salt, but rather a secret key. The
important thing about a salt is that it is different for _every user_.
and you actually store the salt unhashed along with the hash. (it is not
secret information). A salt protects against a dictionary attack, for
instance, you might have a dictionary of hash's and the common passwords
they go to but if you add a 32 bit salt, you would need 2^32 entries for
each dictionary word, making such an attack unworkable. You can also
trivially tell if two users have the _same_ password just by comparing
the hashes without a salt.
John
--
John Meacham - ⑆repetae.net⑆john⑈
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: Re[2]: [Haskell-cafe] Password hashing
Sorry about the hideous formatting above. Reattached as a text file.
t.
2008/11/26 Thomas Hartman [EMAIL PROTECTED]:
OK, I went ahead and implemented pbkdf2, following the algorithm
linked to by bulat and Michael.
If there are any crypto gurus who can code-review this I would be much
obliged, and when I'm confident enough that this does the right thing
I'll put it up on hackage.
I don't do much crypto so this *definitely* needs a review before it
becomes a library?
How's this looks, cafe?
Thanks!
Thomas.
{-# LANGUAGE ScopedTypeVariables #-}
module Crypto.PBKDF2 (pbkdf2, pbkdf2') where
import qualified Data.ByteString.Char8 as B
import qualified Data.ByteString.Lazy as L
import GHC.Word
import Control.Monad (foldM)
import Random
import Data.Digest.SHA512 (hash)
import Data.Word
import Data.Bits
import Data.Binary
newtype Password = Password [Word8]
newtype Salt = Salt [Word8]
newtype HashedPass = HashedPass [Word8]
deriving Show
{- | A reasonable default for rsa pbkdf2? Actually I'm not really
sure, ask folk with more experience.
pbkdf2 = pbkdf2' prfSHA512 512 512 512
-}
t = pbkdf2 ( Password . toWord8s $ meh ) ( Salt . toWord8s $ moo )
pbkdf2 :: Password - Salt - HashedPass
pbkdf2 = pbkdf2' prfSHA512 512 512 512
{- | Password Based Key Derivation Function, from RSA labs.
pbkdf2' prf hlen cIters dklen (Password pass) (Salt salt)
-}
pbkdf2' :: ([Word8] - [Word8] - [Word8]) - Integer - Integer -
Integer - Password - Salt - HashedPass
pbkdf2' prf hlen cIters dklen (Password pass) (Salt salt)
| dklen ( (2^32-1) * hlen) = error $ pbkdf2, (dklen,hlen) : ++
(show (dklen,hlen))
| otherwise =
let --l,r :: Int
l = ceiling $ (fromIntegral dklen) / (fromIntegral hlen )
r = dklen - ( (l-1) * hlen)
ustream :: [Word8] - [Word8] - [[Word8]]
ustream p s = let x = prf p s
in x : ustream p x
--us :: Integer - [[Word8]]
us i = take (fromIntegral cIters) $ ustream pass ( salt `myor`
((intToFourWord8s i) ))
--f :: [Word8] - [Word8] - Integer - Integer - [Word8]
f pass salt cIters i = foldr1 myxor $ us i
ts :: [[Word8]]
ts = map (f pass salt cIters) ( [1..l] )
in HashedPass . take (fromIntegral dklen) . concat $ ts
-- The spec says
-- Here, INT (i) is a four-octet encoding of the integer i, most
significant octet first.
-- I'm reading from the right... is this the right thing?
toWord8s x = L.unpack . encode $ x
--intToFourWord8s :: Integer - [Word8]
intToFourWord8s i = let w8s = toWord8s $ i
in drop (length w8s -4) w8s
myxor :: [Word8] - [Word8] - [Word8]
myxor = zipWith xor
myor :: [Word8] - [Word8] - [Word8]
myor = zipWith (.|.)
prfSHA512 :: [Word8] - [Word8] - [Word8]
prfSHA512 x y = hash $ x ++ y
2008/11/26 John Meacham [EMAIL PROTECTED]:
What you are using there is not a salt, but rather a secret key. The
important thing about a salt is that it is different for _every user_.
and you actually store the salt unhashed along with the hash. (it is not
secret information). A salt protects against a dictionary attack, for
instance, you might have a dictionary of hash's and the common passwords
they go to but if you add a 32 bit salt, you would need 2^32 entries for
each dictionary word, making such an attack unworkable. You can also
trivially tell if two users have the _same_ password just by comparing
the hashes without a salt.
John
--
John Meacham - ⑆repetae.net⑆john⑈
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
{-# LANGUAGE ScopedTypeVariables #-}
module Crypto.PBKDF2 (pbkdf2, pbkdf2') where
import qualified Data.ByteString.Char8 as B
import qualified Data.ByteString.Lazy as L
import GHC.Word
import Control.Monad (foldM)
import Random
import Data.Digest.SHA512 (hash)
import Data.Word
import Data.Bits
import Data.Binary
newtype Password = Password [Word8]
newtype Salt = Salt [Word8]
newtype HashedPass = HashedPass [Word8]
deriving Show
{- | A reasonable default for rsa pbkdf2? Actually I'm not really sure, ask folk with more experience.
pbkdf2 = pbkdf2' prfSHA512 512 512 512
-}
t = pbkdf2 ( Password . toWord8s $ meh ) ( Salt . toWord8s $ moo )
pbkdf2 :: Password - Salt - HashedPass
pbkdf2 = pbkdf2' prfSHA512 512 512 512
{- | Password Based Key Derivation Function, from RSA labs.
pbkdf2' prf hlen cIters dklen (Password pass) (Salt salt)
-}
pbkdf2' :: ([Word8] - [Word8] - [Word8]) - Integer - Integer - Integer - Password - Salt - HashedPass
pbkdf2' prf hlen cIters dklen (Password pass) (Salt salt)
| dklen ( (2^32-1) * hlen) = error $ pbkdf2, (dklen,hlen) : ++ (show (dklen,hlen))
| otherwise =
let --l,r :: Int
l = ceiling $ (fromIntegral dklen) / (fromIntegral hlen )
r = dklen - ( (l-1) * hlen)
ustream :: [Word8] - [Word8] - [[Word8]]
[Haskell-cafe] ANN: Real World Haskell, now shipping
Good evening - John Goerzen, Don Stewart and I are delighted to announce the availability of our book, Real World Haskell. It is 710 pages long, and published by O'Reilly Media. This is the first book to comprehensively cover modern Haskell programming. From an introduction to functional programming, it focuses on teaching through many worked examples. We discuss the awkward squad of I/O, concurrency, and exceptions. We cover network programming, databases, and system hacking. We motivate and work with monoids, applicative functors, monads, and monad transformers. We show you how to debug code, and how to ship well-tested software. Better yet, the book is available under a Creative Commons license, so you can read as much of it as you please before you buy: http://book.realworldhaskell.org/ We developed this book with the enthusiastic and voluble support of the Haskell community, and we are proud to share our work in a fashion that will help newcomers to our field. And best of all, if you order now (at least in North America), you can have a copy of the book in your hands in a matter of days. Thank you from all of us to our friends in the Haskell world who have been so generous with their feedback and kind words! ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] IRC question
Hello, I am using Ubuntu Linux and I want to get the Haskell IRC feed. What IRC client can I use and how to configure? Thanks, Vasili ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] IRC question
Galchin, Vasili kirjoitti: Hello, I am using Ubuntu Linux and I want to get the Haskell IRC feed. What IRC client can I use and how to configure? Thanks, Vasili ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe Pidgin uses IRC-protocol, but Xchat can be found in Synaptic which is more popular client. In start-up screen of Xchat you have a list of servers where you search Freenode or add new server (closest freenode-server for you), then join new channel (F3 if I recall, or ctrl + j, or /j #haskell in commandline of the client). Aapo ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] IRC question
aapo: Galchin, Vasili kirjoitti: Hello, I am using Ubuntu Linux and I want to get the Haskell IRC feed. What IRC client can I use and how to configure? Thanks, Vasili ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe Pidgin uses IRC-protocol, but Xchat can be found in Synaptic which is more popular client. In start-up screen of Xchat you have a list of servers where you search Freenode or add new server (closest freenode-server for you), then join new channel (F3 if I recall, or ctrl + j, or /j #haskell in commandline of the client). As with all good things, preferred clients are documented on the wiki, http://haskell.org/haskellwiki/IRC_channel Cheers, Don ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Re: [Haskell] ANN: Real World Haskell, now shipping
Mine arrives in two days; I can't wait! :) Thanks for all your hard work, and to all the members of the community which provided comments/suggestions to improve the book. __ Donnie Jones On Wed, Nov 26, 2008 at 12:15 AM, Bryan O'Sullivan [EMAIL PROTECTED]wrote: Good evening - John Goerzen, Don Stewart and I are delighted to announce the availability of our book, Real World Haskell. It is 710 pages long, and published by O'Reilly Media. This is the first book to comprehensively cover modern Haskell programming. From an introduction to functional programming, it focuses on teaching through many worked examples. We discuss the awkward squad of I/O, concurrency, and exceptions. We cover network programming, databases, and system hacking. We motivate and work with monoids, applicative functors, monads, and monad transformers. We show you how to debug code, and how to ship well-tested software. Better yet, the book is available under a Creative Commons license, so you can read as much of it as you please before you buy: http://book.realworldhaskell.org/ We developed this book with the enthusiastic and voluble support of the Haskell community, and we are proud to share our work in a fashion that will help newcomers to our field. And best of all, if you order now (at least in North America), you can have a copy of the book in your hands in a matter of days. Thank you from all of us to our friends in the Haskell world who have been so generous with their feedback and kind words! ___ Haskell mailing list [EMAIL PROTECTED] http://www.haskell.org/mailman/listinfo/haskell ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] IRC question
On Tue, Nov 25, 2008 at 11:04 PM, Don Stewart [EMAIL PROTECTED] wrote: aapo: Galchin, Vasili kirjoitti: Hello, I am using Ubuntu Linux and I want to get the Haskell IRC feed. What IRC client can I use and how to configure? Thanks, Vasili ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe Pidgin uses IRC-protocol, but Xchat can be found in Synaptic which is more popular client. In start-up screen of Xchat you have a list of servers where you search Freenode or add new server (closest freenode-server for you), then join new channel (F3 if I recall, or ctrl + j, or /j #haskell in commandline of the client). As with all good things, preferred clients are documented on the wiki, http://haskell.org/haskellwiki/IRC_channel Sadly none of the recommended clients are written in Haskell or extensible in Haskell. Two of the recommended clients on that page are ERC (an emacs client) and irssi (highly scriptable in perl). I used ERC for several years and developed a good deal of extension code and customizations for it as I found things that worked and didn't work for me. Eventually I was forced to move to irssi due to the horrible resource usage of ERC that plagued me despite spending considerable time debugging it. Being a perl illiterate, I'm always sad I can't extend my IRC client now. Does anyone have an IRC client hiding somewhere that is console friendly (I IRC from a screen session) which is also extensible in Haskell? Thanks, Jason ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
