diff options
| author |  Joey Hess <joeyh@joeyh.name> | 2015-04-19 10:57:14 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-04-19 10:57:14 -0400 |
| commit | 85b079c4dfefac889d1a814e95390e29b575570d (patch) | |
| tree | aea7f0d947e54757fcc73ef5b80a275267839aed | |
| parent | 5610389a6880a82947582842db2d762a353b1f33 (diff) | |
refactor
| -rw-r--r-- | Types/Crypto.hs | 41 | ||||
| -rw-r--r-- | Utility/Hash.hs | 41 |
2 files changed, 40 insertions, 42 deletions
diff --git a/Types/Crypto.hs b/Types/Crypto.hs index ec61f1c4b..79970c288 100644 --- a/Types/Crypto.hs +++ b/Types/Crypto.hs @@ -17,12 +17,7 @@ module Types.Crypto ( calcMac, ) where -import qualified Data.Text as T -import qualified Data.Text.Encoding as T -import Data.Digest.Pure.SHA -import qualified Data.ByteString as B -import Crypto.Hash - +import Utility.Hash import Utility.Gpg (KeyIds(..)) -- XXX ideally, this would be a locked memory region @@ -34,13 +29,6 @@ data StorableCipher = EncryptedCipher String EncryptedCipherVariant KeyIds data EncryptedCipherVariant = Hybrid | PubKey deriving (Ord, Eq) -{- File names are (client-side) MAC'ed on special remotes. - - The chosen MAC algorithm needs to be same for all files stored on the - - remote. - -} -data Mac = HmacSha1 | HmacSha224 | HmacSha256 | HmacSha384 | HmacSha512 - deriving (Eq) - defaultMac :: Mac defaultMac = HmacSha1 @@ -60,30 +48,3 @@ readMac "HMACSHA256" = Just HmacSha256 readMac "HMACSHA384" = Just HmacSha384 readMac "HMACSHA512" = Just HmacSha512 readMac _ = Nothing - -calcMac - :: Mac -- ^ MAC - -> B.ByteString -- ^ secret key - -> B.ByteString -- ^ message - -> String -- ^ MAC'ed message, in hexadecimal -calcMac mac = case mac of - HmacSha1 -> use SHA1 - HmacSha224 -> use SHA224 - HmacSha256 -> use SHA256 - HmacSha384 -> use SHA384 - HmacSha512 -> use SHA512 - where - use alg k m = show (hmacGetDigest (hmacAlg alg k m)) - --- Check that all the MACs continue to produce the same. -prop_mac_stable :: Bool -prop_mac_stable = all (\(mac, result) -> calcMac mac key msg == result) - [ (HmacSha1, "46b4ec586117154dacd49d664e5d63fdc88efb51") - , (HmacSha224, "4c1f774863acb63b7f6e9daa9b5c543fa0d5eccf61e3ffc3698eacdd") - , (HmacSha256, "f9320baf0249169e73850cd6156ded0106e2bb6ad8cab01b7bbbebe6d1065317") - , (HmacSha384, "3d10d391bee2364df2c55cf605759373e1b5a4ca9355d8f3fe42970471eca2e422a79271a0e857a69923839015877fc6") - , (HmacSha512, "114682914c5d017dfe59fdc804118b56a3a652a0b8870759cf9e792ed7426b08197076bf7d01640b1b0684df79e4b67e37485669e8ce98dbab60445f0db94fce") - ] - where - key = T.encodeUtf8 $ T.pack "foo" - msg = T.encodeUtf8 $ T.pack "bar" diff --git a/Utility/Hash.hs b/Utility/Hash.hs index 9881815bd..f960a134f 100644 --- a/Utility/Hash.hs +++ b/Utility/Hash.hs @@ -9,13 +9,16 @@ module Utility.Hash ( skein256, skein512, md5, - prop_hashes_stable + prop_hashes_stable, + Mac(..), + calcMac, + prop_mac_stable, ) where import qualified Data.ByteString.Lazy as L import qualified Data.Text as T import qualified Data.Text.Encoding as T - +import qualified Data.ByteString as S import Crypto.Hash sha1 :: L.ByteString -> Digest SHA1 @@ -60,3 +63,37 @@ prop_hashes_stable = all (\(hasher, result) -> hasher foo == result) ] where foo = L.fromChunks [T.encodeUtf8 $ T.pack "foo"] + +{- File names are (client-side) MAC'ed on special remotes. + - The chosen MAC algorithm needs to be same for all files stored on the + - remote. + -} +data Mac = HmacSha1 | HmacSha224 | HmacSha256 | HmacSha384 | HmacSha512 + deriving (Eq) + +calcMac + :: Mac -- ^ MAC + -> S.ByteString -- ^ secret key + -> S.ByteString -- ^ message + -> String -- ^ MAC'ed message, in hexadecimal +calcMac mac = case mac of + HmacSha1 -> use SHA1 + HmacSha224 -> use SHA224 + HmacSha256 -> use SHA256 + HmacSha384 -> use SHA384 + HmacSha512 -> use SHA512 + where + use alg k m = show (hmacGetDigest (hmacAlg alg k m)) + +-- Check that all the MACs continue to produce the same. +prop_mac_stable :: Bool +prop_mac_stable = all (\(mac, result) -> calcMac mac key msg == result) + [ (HmacSha1, "46b4ec586117154dacd49d664e5d63fdc88efb51") + , (HmacSha224, "4c1f774863acb63b7f6e9daa9b5c543fa0d5eccf61e3ffc3698eacdd") + , (HmacSha256, "f9320baf0249169e73850cd6156ded0106e2bb6ad8cab01b7bbbebe6d1065317") + , (HmacSha384, "3d10d391bee2364df2c55cf605759373e1b5a4ca9355d8f3fe42970471eca2e422a79271a0e857a69923839015877fc6") + , (HmacSha512, "114682914c5d017dfe59fdc804118b56a3a652a0b8870759cf9e792ed7426b08197076bf7d01640b1b0684df79e4b67e37485669e8ce98dbab60445f0db94fce") + ] + where + key = T.encodeUtf8 $ T.pack "foo" + msg = T.encodeUtf8 $ T.pack "bar" |