diff options
-rw-r--r-- | Crypto.hs | 26 | ||||
-rw-r--r-- | Remote/Helper/Encryptable.hs | 19 |
2 files changed, 21 insertions, 24 deletions
@@ -10,13 +10,12 @@ module Crypto ( Cipher, + KeyIds(..), StorableCipher(..), genEncryptedCipher, genSharedCipher, updateEncryptedCipher, describeCipher, - storeCipher, - extractCipher, decryptCipher, encryptKey, withEncryptedHandle, @@ -28,7 +27,6 @@ module Crypto ( ) where import qualified Data.ByteString.Lazy.Char8 as L -import qualified Data.Map as M import Data.ByteString.Lazy.UTF8 (fromString) import Data.Digest.Pure.SHA import Control.Applicative @@ -36,8 +34,6 @@ import Control.Applicative import Common.Annex import qualified Utility.Gpg as Gpg import Types.Key -import Types.Remote -import Utility.Base64 import Types.Crypto {- The first half of a Cipher is used for HMAC; the remainder @@ -90,24 +86,6 @@ describeCipher (EncryptedCipher _ (KeyIds ks)) = keys [_] = "key" keys _ = "keys" -{- Stores an StorableCipher in a remote's configuration. -} -storeCipher :: RemoteConfig -> StorableCipher -> RemoteConfig -storeCipher c (SharedCipher t) = M.insert "cipher" (toB64 t) c -storeCipher c (EncryptedCipher t ks) = - M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (showkeys ks) c - where - showkeys (KeyIds l) = join "," l - -{- Extracts an StorableCipher from a remote's configuration. -} -extractCipher :: RemoteConfig -> Maybe StorableCipher -extractCipher c = - case (M.lookup "cipher" c, M.lookup "cipherkeys" c) of - (Just t, Just ks) -> Just $ EncryptedCipher (fromB64 t) (readkeys ks) - (Just t, Nothing) -> Just $ SharedCipher (fromB64 t) - _ -> Nothing - where - readkeys = KeyIds . split "," - {- Encrypts a Cipher to the specified KeyIds. -} encryptCipher :: Cipher -> KeyIds -> IO StorableCipher encryptCipher (Cipher c) (KeyIds ks) = do @@ -160,7 +138,7 @@ withDecryptedContent = pass withDecryptedHandle pass :: (Cipher -> IO L.ByteString -> (Handle -> IO a) -> IO a) -> Cipher -> IO L.ByteString -> (L.ByteString -> IO a) -> IO a -pass to c i a = to c i $ \h -> a =<< L.hGetContents h +pass to n s a = to n s $ \h -> a =<< L.hGetContents h hmacWithCipher :: Cipher -> String -> String hmacWithCipher c = hmacWithCipher' (cipherHmac c) diff --git a/Remote/Helper/Encryptable.hs b/Remote/Helper/Encryptable.hs index a44e6e453..789a1d996 100644 --- a/Remote/Helper/Encryptable.hs +++ b/Remote/Helper/Encryptable.hs @@ -14,6 +14,7 @@ import Types.Remote import Crypto import qualified Annex import Config +import Utility.Base64 {- Encryption setup for a remote. The user must specify whether to use - an encryption key, or not encrypt. An encrypted cipher is created, or is @@ -93,3 +94,21 @@ cipherKey Nothing _ = return Nothing cipherKey (Just c) k = maybe Nothing encrypt <$> remoteCipher c where encrypt ciphertext = Just (ciphertext, encryptKey ciphertext k) + +{- Stores an StorableCipher in a remote's configuration. -} +storeCipher :: RemoteConfig -> StorableCipher -> RemoteConfig +storeCipher c (SharedCipher t) = M.insert "cipher" (toB64 t) c +storeCipher c (EncryptedCipher t ks) = + M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (showkeys ks) c + where + showkeys (KeyIds l) = join "," l + +{- Extracts an StorableCipher from a remote's configuration. -} +extractCipher :: RemoteConfig -> Maybe StorableCipher +extractCipher c = + case (M.lookup "cipher" c, M.lookup "cipherkeys" c) of + (Just t, Just ks) -> Just $ EncryptedCipher (fromB64 t) (readkeys ks) + (Just t, Nothing) -> Just $ SharedCipher (fromB64 t) + _ -> Nothing + where + readkeys = KeyIds . split "," |