summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Crypto.hs35
-rw-r--r--doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn4
2 files changed, 29 insertions, 10 deletions
diff --git a/Crypto.hs b/Crypto.hs
index 4ec186ea2..e42a21e28 100644
--- a/Crypto.hs
+++ b/Crypto.hs
@@ -45,6 +45,24 @@ import RemoteClass
import Utility
import CryptoTypes
+{- The first half of a Cipher is used for HMAC; the remainder
+ - is used as the GPG symmetric encryption passphrase.
+ -
+ - 256 is enough for gpg's symetric cipher; unlike weaker public key
+ - crypto, the key does not need to be too large.
+ -}
+cipherHalf :: Int
+cipherHalf = 256
+
+cipherSize :: Int
+cipherSize = cipherHalf * 2
+
+cipherPassphrase :: Cipher -> String
+cipherPassphrase (Cipher c) = drop cipherHalf c
+
+cipherHmac :: Cipher -> String
+cipherHmac (Cipher c) = take cipherHalf c
+
{- Creates a new Cipher, encrypted as specified in the remote's configuration -}
genCipher :: RemoteConfig -> IO EncryptedCipher
genCipher c = do
@@ -58,10 +76,10 @@ genCipher c = do
-- newline.
[ Params "--gen-random --armor"
, Param $ show randomquality
- , Param $ show ciphersize
+ , Param $ show cipherSize
]
- randomquality = 1 :: Int -- 1 is /dev/urandom; 2 is /dev/random
- ciphersize = 256 :: Int
+ -- 1 is /dev/urandom; 2 is /dev/random
+ randomquality = 1 :: Int
{- Updates an existing Cipher, re-encrypting it to add KeyIds specified in
- the remote's configuration. -}
@@ -110,10 +128,11 @@ decryptCipher _ (EncryptedCipher encipher _) =
- reversable, nor does it need to be the same type of encryption used
- on content. It does need to be repeatable. -}
encryptKey :: Cipher -> Key -> IO Key
-encryptKey (Cipher c) k =
+encryptKey c k =
return Key {
- keyName = showDigest $
- hmacSha1 (fromString $ show k) (fromString c),
+ keyName = showDigest $ hmacSha1
+ (fromString $ show k)
+ (fromString $ cipherHmac c),
keyBackendName = "GPGHMACSHA1",
keySize = Nothing, -- size and mtime omitted
keyMtime = Nothing -- to avoid leaking data
@@ -153,12 +172,12 @@ gpgPipeStrict params input = do
{- Runs gpg with a cipher and some parameters, feeding it an input,
- and passing a handle to its output to an action. -}
gpgCipherHandle :: [CommandParam] -> Cipher -> L.ByteString -> (Handle -> IO a) -> IO a
-gpgCipherHandle params (Cipher c) input a = do
+gpgCipherHandle params c input a = do
-- pipe the passphrase into gpg on a fd
(frompipe, topipe) <- createPipe
_ <- forkIO $ do
toh <- fdToHandle topipe
- hPutStrLn toh c
+ hPutStrLn toh $ cipherPassphrase c
hClose toh
let Fd passphrasefd = frompipe
let passphrase = [Param "--passphrase-fd", Param $ show passphrasefd]
diff --git a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn
index 1980a8f44..9fc31fa48 100644
--- a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn
+++ b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn
@@ -4,5 +4,5 @@ Also, ttbomk, HMAC needs two keys, not one. Are you re-using the same key twice?
Compability for old buckets and support for different ones can be maintained by introducing a new option and simply copying over the encryption key's identifier into this new option should it be missing.
-> See [[design/encryption]]. I don't think this bug needs to be kept
-> open. [[done]] --[[Joey]]
+> Bug was filed prematurely, but was a good bit of paranoia, and gpg and
+> hmac are given different secret keys [[done]] --[[Joey]]