aboutsummaryrefslogtreecommitdiff
path: root/Crypto.hs
Commit message (Collapse)AuthorAge
* Fix initremote with encryption=pubkey to work with S3, glacier, webdav, and ↵Gravatar Joey Hess2014-02-06
| | | | external special remotes.
* remove *>=> and >=*> ; use <$$> insteadGravatar Joey Hess2013-09-27
| | | | | | | | I forgot I had <$$> hidden away in Utility.Applicative. It allows doing the same kind of currying as does >=*> and I found using it made the code more readable for me. (*>=> was not used)
* rename constructor for clariyGravatar Joey Hess2013-09-05
|
* Leverage an ambiguities between CiphersGravatar guilhem2013-09-05
| | | | | | | | | Cipher is now a datatype data Cipher = Cipher String | MacOnlyCipher String which makes more precise its interpretation MAC-only vs. MAC + used to derive a key for symmetric crypto.
* keep Utility.Gpg free of dependencies on git-annexGravatar Joey Hess2013-09-04
|
* redundant commentGravatar Joey Hess2013-09-04
|
* replace an over-explained Bool with a data typeGravatar Joey Hess2013-09-04
| | | | | This also highlights several places where a Read/Show or similar for the new data type could avoid redundant strings.
* wordingGravatar Joey Hess2013-09-04
|
* fix build (seems getGpgEncOpts got renamed to getGpgEncParams)Gravatar Joey Hess2013-09-04
|
* Allow public-key encryption of file content.Gravatar guilhem2013-09-03
| | | | | | | | | | | | With the initremote parameters "encryption=pubkey keyid=788A3F4C". /!\ Adding or removing a key has NO effect on files that have already been copied to the remote. Hence using keyid+= and keyid-= with such remotes should be used with care, and make little sense unless the point is to replace a (sub-)key by another. /!\ Also, a test case has been added to ensure that the cipher and file contents are encrypted as specified by the chosen encryption scheme.
* Allow revocation of OpenPGP keys.Gravatar guilhem2013-08-29
| | | | | | | | | | | | | | | | | | | | | | | /!\ It is to be noted that revoking a key does NOT necessarily prevent the owner of its private part from accessing data on the remote /!\ The only sound use of `keyid-=` is probably to replace a (sub-)key by another, where the private part of both is owned by the same person/entity: git annex enableremote myremote keyid-=2512E3C7 keyid+=788A3F4C Reference: http://git-annex.branchable.com/bugs/Using_a_revoked_GPG_key/ * Other change introduced by this patch: New keys now need to be added with option `keyid+=`, and the scheme specified (upon initremote only) with `encryption=`. The motivation for this change is to open for new schemes, e.g., strict asymmetric encryption. git annex initremote myremote encryption=hybrid keyid=2512E3C7 git annex enableremote myremote keyid+=788A3F4C
* Generate ciphers with a better entropy.Gravatar guilhem2013-04-06
| | | | | | | | | | Unless highRandomQuality=false (or --fast) is set, use Libgcypt's 'GCRY_VERY_STRONG_RANDOM' level by default for cipher generation, like it's done for OpenPGP key generation. On the assistant side, the random quality is left to the old (lower) level, in order not to scare the user with an enless page load due to the blocking PRNG waiting for IO actions.
* hlintGravatar Joey Hess2013-04-03
|
* minor wording fixesGravatar Joey Hess2013-03-29
|
* Allow other MAC algorithms in the Remote Config.Gravatar guilhem2013-03-29
|
* linelengthGravatar Joey Hess2013-03-12
|
* GnuPG options for symmetric encryption.Gravatar guilhem2013-03-11
|
* improve comments and variable names WRT base64 encoded encryption keysGravatar Joey Hess2013-03-03
|
* whitespace fixesGravatar Joey Hess2012-12-13
|
* refactorGravatar Joey Hess2012-11-18
|
* upload progress bars for webdav!Gravatar Joey Hess2012-11-18
|
* better streaming while encrypting/decryptingGravatar Joey Hess2012-11-18
| | | | | | Both the directory and webdav special remotes used to have to buffer the whole file contents before it could be decrypted, as they read from chunks. Now the chunks are streamed through gpg with no buffering.
* indentation foo, and a new coding style page. no code changesGravatar Joey Hess2012-10-28
|
* add routes to pause/start/cancel transfersGravatar Joey Hess2012-08-08
| | | | | | | | | | | | | | | | This commit includes a paydown on technical debt incurred two years ago, when I didn't know that it was bad to make custom Read and Show instances for types. As the routes need Read and Show for Transfer, which includes a Key, and deriving my own Read instance of key was not practical, I had to finally clean that up. So the compact Key read and show functions are now file2key and key2file, and Read and Show are now derived instances. Changed all code that used the old instances, compiler checked. (There were a few places, particularly in Command.Unused, and the test suite where the Show instance continue to be used for legitimate comparisons; ie show key_x == show key_y (though really in a bloom filter))
* avoid ByteString.Char8 where not neededGravatar Joey Hess2012-06-20
| | | | | Its truncation behavior is a red flag, so avoid using it in these places where only raw ByteStrings are used, without looking at the data inside.
* hlintGravatar Joey Hess2012-06-12
|
* refactorGravatar Joey Hess2012-04-29
|
* Added shared cipher mode to encryptable special remotes.Gravatar Joey Hess2012-04-29
| | | | | | This option avoids gpg key distribution, at the expense of flexability, and with the requirement that all clones of the git repository be equally trusted.
* split out Utility.Gpg with the generic gpg interface, from CryptoGravatar Joey Hess2011-12-20
|
* make gpg code more genericGravatar Joey Hess2011-12-20
|
* factored out some useful error catching methodsGravatar Joey Hess2011-11-10
|
* clean up read/show abuseGravatar Joey Hess2011-11-08
| | | | | | | Avoid ever using read to parse a non-haskell formatted input string. show :: Key is arguably still show abuse, but displaying Keys as filenames is just too useful to give up.
* minor syntax changesGravatar Joey Hess2011-10-11
|
* renameGravatar Joey Hess2011-10-05
|
* renameGravatar Joey Hess2011-10-04
|
* factor out common importsGravatar Joey Hess2011-10-03
| | | | no code changes
* when all you have is a zombie, everything looks like a shotgunGravatar Joey Hess2011-10-02
| | | | | | Actually, let's do a targeted fix of the actual forkProcess that was not waited on. The global reap is moved back to the end, after the long-running git processes actually exit.
* code simplification thanks to applicative functorsGravatar Joey Hess2011-08-25
|
* split groups of related functions out of UtilityGravatar Joey Hess2011-08-22
|
* hlint tweaksGravatar Joey Hess2011-07-15
| | | | Did all sources except Remotes/* and Command/*
* renameGravatar Joey Hess2011-07-05
|
* rename modules for data types into Types/ directoryGravatar Joey Hess2011-06-01
|
* simplified a bunch of Maybe handlingGravatar Joey Hess2011-05-15
|
* factor out base64 codeGravatar Joey Hess2011-05-01
|
* S3: When encryption is enabled, the Amazon S3 login credentials are stored, ↵Gravatar Joey Hess2011-05-01
| | | | encrypted, in .git-annex/remotes.log, so environment variables need not be set after the remote is initialized.
* Revert "Use haskell Crypto library instead of haskell SHA library.a"Gravatar Joey Hess2011-04-26
| | | | | | | | | This reverts commit 892593c5efacbc084d19af4b5d7164ededaea7ff. Conflicts: Crypto.hs debian/control
* add test to ensure hmac remains stableGravatar Joey Hess2011-04-21
|
* Use haskell Crypto library instead of haskell SHA library.aGravatar Joey Hess2011-04-21
| | | | Since hS3 needs Crypto anyway, this actually reduces dependencies.
* bup: Avoid memory leak when transferring encrypted data.Gravatar Joey Hess2011-04-19
| | | | | | | | | | | | | | | | | | | | | | | | This was a most surprising leak. It occurred in the process that is forked off to feed data to gpg. That process was passed a lazy ByteString of input, and ghc seemed to not GC the ByteString as it was lazily read and consumed, so memory slowly leaked as the file was read and passed through gpg to bup. To fix it, I simply changed the feeder to take an IO action that returns the lazy bytestring, and fed the result directly to hPut. AFAICS, this should change nothing WRT buffering. But somehow it makes ghc's GC do the right thing. Probably I triggered some weakness in ghc's GC (version 6.12.1). (Note that S3 still has this leak, and others too. Fixing it will involve another dance with the type system.) Update: One theory I have is that this has something to do with the forking of the feeder process. Perhaps, when the ByteString is produced before the fork, ghc decides it need to hold a pointer to the start of it, for some reason -- maybe it doesn't realize that it is only used in the forked process.
* Fix stalls in S3 when transferring encrypted data.Gravatar Joey Hess2011-04-19
| | | | | | | | | | | | | | | | | | | Stalls were caused by code that did approximatly: content' <- liftIO $ withEncryptedContent cipher content return store content' The return evaluated without actually reading content from S3, and so the cleanup code began waiting on gpg to exit before gpg could send all its data. Fixing it involved moving the `store` type action into the IO monad: liftIO $ withEncryptedContent cipher content store Which was a bit of a pain to do, thank you type system, but avoids the problem as now the whole content is consumed, and stored, before cleanup.