 
            On Wed, Oct 8, 2008 at 8:14 AM, Jeffrey Drake 
I have an application where I would like to use AES to have a public/private key pair and digitally sign/verify documents.
As another responder pointed out, AES is symmetric, i.e. the same key is used for both encryption and decryption. What you most likely want is a layered approach, where you use AES to encrypt the payload and then an asymmetric crypto like RSA to encrypt the AES key. I'd strongly suggest you locate a copy of Bruce Schneier's Applied Cryptography to make sure you have a better understanding of what you are doing. Crypto is complicated, even renowned experts have been known to get things wrong :-)
I have found documentation for a library that does the encryption: http://www.haskell.org/crypto/doc/html/Codec-Encryption-AES.html
However, it seems to have only two methods:
encrypt :: AESKey a => a -> Word128 -> Word128 decrypt :: AESKey a => a -> Word128 -> Word128
A problem for me, I don't know where AESKey is supposed to come from, or how to use this to sign things. My ignorance of this topic does not help. Would it be correct to say that signing a document is similar to an MD5 hash on a document?
The key should come from a good random source. That means you need cryptographic randomness. All major OSs come with reasonable sources of randomness. However, again, here be dragons and you need to know what you're doing. Weak randomness leads to weak keys. MD5 is an example of a cryptographic hash, also known as a one-way function. That is it's easy to get the hash from a text, but _hard_ to go in the other way. The MD5 algorithm produces a hash that is 128 bits. It can be used for detecting tampering, but it isn't a signature. OTOH many implementations of signatures use a hash in order to avoid having to sign the entire document. I strongly urge you to read up on crypto before adding it to any code you are writing. It's simply too easy to get it wrong. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe