diff options
author | guilhem <guilhem@fripost.org> | 2013-03-29 17:06:02 +0100 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2013-03-29 18:04:52 -0400 |
commit | 71760a359f5515053085f242258dc615a1db1fd8 (patch) | |
tree | 0e49337fb773b721173aa25fc36635e05d8918f8 /Types/Crypto.hs | |
parent | f3ee9b50b3a9caff7ec65ddaa9197f6daaf6f745 (diff) |
Allow other MAC algorithms in the Remote Config.
Diffstat (limited to 'Types/Crypto.hs')
-rw-r--r-- | Types/Crypto.hs | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/Types/Crypto.hs b/Types/Crypto.hs index 135522ba1..e97d02ba8 100644 --- a/Types/Crypto.hs +++ b/Types/Crypto.hs @@ -9,8 +9,16 @@ module Types.Crypto ( Cipher(..), StorableCipher(..), KeyIds(..), + Mac(..), + readMac, + showMac, + defaultMac, + calcMac, ) where +import qualified Data.ByteString.Lazy as L +import Data.Digest.Pure.SHA + import Utility.Gpg (KeyIds(..)) -- XXX ideally, this would be a locked memory region @@ -18,3 +26,44 @@ newtype Cipher = Cipher String data StorableCipher = EncryptedCipher String KeyIds | SharedCipher String deriving (Ord, Eq) + +{- File names are (client-side) MAC'ed on special remotes. + - The chosen MAC algorithm needs to be same for all files stored on the + - remote. + -} +data Mac = HmacSha1 | HmacSha224 | HmacSha256 | HmacSha384 | HmacSha512 + deriving (Eq) + +defaultMac :: Mac +defaultMac = HmacSha1 + +-- MAC algorithms are shown as follows in the file names. +showMac :: Mac -> String +showMac HmacSha1 = "HMACSHA1" +showMac HmacSha224 = "HMACSHA224" +showMac HmacSha256 = "HMACSHA256" +showMac HmacSha384 = "HMACSHA384" +showMac HmacSha512 = "HMACSHA512" + +-- Read the MAC algorithm from the remote config. +readMac :: String -> Maybe Mac +readMac "HMACSHA1" = Just HmacSha1 +readMac "HMACSHA224" = Just HmacSha224 +readMac "HMACSHA256" = Just HmacSha256 +readMac "HMACSHA384" = Just HmacSha384 +readMac "HMACSHA512" = Just HmacSha512 +readMac _ = Nothing + +calcMac + :: Mac -- ^ MAC + -> L.ByteString -- ^ secret key + -> L.ByteString -- ^ message + -> String -- ^ MAC'ed message, in hexadecimals +calcMac mac = case mac of + HmacSha1 -> showDigest $* hmacSha1 + HmacSha224 -> showDigest $* hmacSha224 + HmacSha256 -> showDigest $* hmacSha256 + HmacSha384 -> showDigest $* hmacSha384 + HmacSha512 -> showDigest $* hmacSha512 + where + ($*) g f x y = g $ f x y |