diff options
| author |  Joey Hess <joey@kitenet.net> | 2014-07-26 20:14:09 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-07-26 20:14:31 -0400 |
| commit | eb01acf0a864385c3d863b72425ee7dff22c2924 (patch) | |
| tree | 04c858d891aa1ee7ce79fa70ae1985615d1ff014 /Crypto.hs | |
| parent | 03957e64cbfe4710615dfd774b05b6182cba5ee7 (diff) | |
Support for remotes that are chunkable and encryptable.
I'd have liked to keep these two concepts entirely separate,
but that are entagled: Storing a key in an encrypted and chunked remote
need to generate chunk keys, encrypt the keys, chunk the data, encrypt the
chunks, and send them to the remote. Similar for retrieval, etc.
So, here's an implemnetation of all of that.
The total win here is that every remote was implementing encrypted storage
and retrival, and now it can move into this single place. I expect this
to result in several hundred lines of code being removed from git-annex
eventually!
This commit was sponsored by Henrik Ahlgren.
Diffstat (limited to 'Crypto.hs')
| -rw-r--r-- | Crypto.hs | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -13,6 +13,7 @@ module Crypto ( Cipher, KeyIds(..), + EncKey, StorableCipher(..), genEncryptedCipher, genSharedCipher, @@ -138,10 +139,12 @@ decryptCipher (EncryptedCipher t variant _) = Hybrid -> Cipher PubKey -> MacOnlyCipher +type EncKey = Key -> Key + {- Generates an encrypted form of a Key. The encryption does not need to be - reversable, nor does it need to be the same type of encryption used - on content. It does need to be repeatable. -} -encryptKey :: Mac -> Cipher -> Key -> Key +encryptKey :: Mac -> Cipher -> EncKey encryptKey mac c k = stubKey { keyName = macWithCipher mac c (key2file k) , keyBackendName = "GPG" ++ showMac mac |