git-annex/Crypto.hs

255 lines
7.9 KiB
Haskell
Raw Normal View History

2011-04-15 22:18:39 +00:00
{- git-annex crypto
-
- Currently using gpg; could later be modified to support different
- crypto backends if neccessary.
2011-04-15 22:18:39 +00:00
-
- Copyright 2011 Joey Hess <joey@kitenet.net>
-
- Licensed under the GNU GPL version 3 or higher.
-}
module Crypto (
Cipher,
EncryptedCipher,
2011-04-15 22:18:39 +00:00
genCipher,
updateCipher,
2011-04-17 22:18:27 +00:00
describeCipher,
2011-04-15 22:18:39 +00:00
storeCipher,
extractCipher,
decryptCipher,
encryptKey,
2011-04-17 17:11:38 +00:00
withEncryptedHandle,
withDecryptedHandle,
withEncryptedContent,
withDecryptedContent,
2011-04-15 22:18:39 +00:00
) where
import qualified Data.ByteString.Lazy.Char8 as L
import qualified Data.Map as M
import qualified Codec.Binary.Base64 as B64
import Data.ByteString.Lazy.UTF8 (fromString)
import Data.Digest.Pure.SHA
2011-04-15 22:18:39 +00:00
import System.Cmd.Utils
import Data.String.Utils
import Data.List
import Data.Bits.Utils
import System.IO
import System.Posix.IO
import System.Posix.Types
import System.Posix.Process
import Control.Concurrent
import Control.Exception (finally)
import System.Exit
import System.Environment
2011-04-15 22:18:39 +00:00
import Types
import Key
2011-04-15 22:18:39 +00:00
import RemoteClass
import Utility
2011-04-16 20:41:46 +00:00
import CryptoTypes
2011-04-15 22:18:39 +00:00
{- The first half of a Cipher is used for HMAC; the remainder
- is used as the GPG symmetric encryption passphrase.
-
2011-04-17 15:13:54 +00:00
- HMAC SHA1 needs only 64 bytes. The remainder is for expansion,
- perhaps to HMAC SHA512, which needs 128 bytes (ideally).
-
- 256 is enough for gpg's symetric cipher; unlike weaker public key
- crypto, the key does not need to be too large.
-}
cipherHalf :: Int
cipherHalf = 256
cipherSize :: Int
cipherSize = cipherHalf * 2
cipherPassphrase :: Cipher -> String
cipherPassphrase (Cipher c) = drop cipherHalf c
cipherHmac :: Cipher -> String
cipherHmac (Cipher c) = take cipherHalf c
2011-04-15 22:18:39 +00:00
{- Creates a new Cipher, encrypted as specified in the remote's configuration -}
genCipher :: RemoteConfig -> IO EncryptedCipher
genCipher c = do
ks <- configKeyIds c
2011-04-15 22:18:39 +00:00
random <- genrandom
encryptCipher (Cipher random) ks
2011-04-15 22:18:39 +00:00
where
genrandom = gpgRead
-- Armor the random data, to avoid newlines,
-- since gpg only reads ciphers up to the first
-- newline.
[ Params "--gen-random --armor"
2011-04-15 22:18:39 +00:00
, Param $ show randomquality
, Param $ show cipherSize
2011-04-15 22:18:39 +00:00
]
-- 1 is /dev/urandom; 2 is /dev/random
randomquality = 1 :: Int
2011-04-15 22:18:39 +00:00
{- Updates an existing Cipher, re-encrypting it to add KeyIds specified in
- the remote's configuration. -}
2011-04-15 22:18:39 +00:00
updateCipher :: RemoteConfig -> EncryptedCipher -> IO EncryptedCipher
updateCipher c encipher@(EncryptedCipher _ ks) = do
ks' <- configKeyIds c
cipher <- decryptCipher c encipher
encryptCipher cipher (combine ks ks')
where
combine (KeyIds a) (KeyIds b) = KeyIds $ a ++ b
2011-04-15 22:18:39 +00:00
2011-04-17 22:18:27 +00:00
describeCipher :: EncryptedCipher -> String
describeCipher (EncryptedCipher _ (KeyIds ks)) =
"with gpg " ++ keys ks ++ " " ++ unwords ks
where
keys [_] = "key"
keys _ = "keys"
2011-04-15 22:18:39 +00:00
{- Stores an EncryptedCipher in a remote's configuration. -}
storeCipher :: RemoteConfig -> EncryptedCipher -> RemoteConfig
storeCipher c (EncryptedCipher t ks) =
M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (show ks) c
2011-04-15 22:18:39 +00:00
{- Extracts an EncryptedCipher from a remote's configuration. -}
extractCipher :: RemoteConfig -> Maybe EncryptedCipher
extractCipher c =
case (M.lookup "cipher" c, M.lookup "cipherkeys" c) of
(Just t, Just ks) -> Just $ EncryptedCipher (fromB64 t) (read ks)
_ -> Nothing
{- Encrypts a Cipher to the specified KeyIds. -}
encryptCipher :: Cipher -> KeyIds -> IO EncryptedCipher
encryptCipher (Cipher c) (KeyIds ks) = do
let ks' = nub $ sort ks -- gpg complains about duplicate recipient keyids
encipher <- gpgPipeStrict (encrypt++recipients ks') c
return $ EncryptedCipher encipher (KeyIds ks')
where
encrypt = [ Params "--encrypt" ]
recipients l =
-- Force gpg to only encrypt to the specified
-- recipients, not configured defaults.
[ Params "--no-encrypt-to --no-default-recipient"] ++
(concat $ map (\k -> [Param "--recipient", Param k]) l)
2011-04-15 22:18:39 +00:00
{- Decrypting an EncryptedCipher is expensive; the Cipher should be cached. -}
decryptCipher :: RemoteConfig -> EncryptedCipher -> IO Cipher
decryptCipher _ (EncryptedCipher encipher _) =
return . Cipher =<< gpgPipeStrict decrypt encipher
where
decrypt = [ Param "--decrypt" ]
2011-04-15 22:18:39 +00:00
{- Generates an encrypted form of a Key. The encryption does not need to be
2011-04-15 22:18:39 +00:00
- reversable, nor does it need to be the same type of encryption used
- on content. It does need to be repeatable. -}
2011-04-15 22:18:39 +00:00
encryptKey :: Cipher -> Key -> IO Key
encryptKey c k =
return Key {
keyName = showDigest $ hmacSha1
(fromString $ cipherHmac c)
(fromString $ show k),
keyBackendName = "GPGHMACSHA1",
keySize = Nothing, -- size and mtime omitted
keyMtime = Nothing -- to avoid leaking data
}
2011-04-15 22:18:39 +00:00
2011-04-17 17:11:38 +00:00
{- Runs an action, passing it a handle from which it can
- stream encrypted content. -}
withEncryptedHandle :: Cipher -> (IO L.ByteString) -> (Handle -> IO a) -> IO a
2011-04-17 17:11:38 +00:00
withEncryptedHandle = gpgCipherHandle [Params "--symmetric --force-mdc"]
{- Runs an action, passing it a handle from which it can
- stream decrypted content. -}
withDecryptedHandle :: Cipher -> (IO L.ByteString) -> (Handle -> IO a) -> IO a
2011-04-17 17:11:38 +00:00
withDecryptedHandle = gpgCipherHandle [Param "--decrypt"]
{- Streams encrypted content to an action. -}
withEncryptedContent :: Cipher -> (IO L.ByteString) -> (L.ByteString -> IO a) -> IO a
2011-04-17 17:11:38 +00:00
withEncryptedContent = pass withEncryptedHandle
2011-04-15 22:18:39 +00:00
{- Streams decrypted content to an action. -}
withDecryptedContent :: Cipher -> (IO L.ByteString) -> (L.ByteString -> IO a) -> IO a
2011-04-17 17:11:38 +00:00
withDecryptedContent = pass withDecryptedHandle
2011-04-15 22:18:39 +00:00
pass :: (Cipher -> (IO L.ByteString) -> (Handle -> IO a) -> IO a)
-> Cipher -> (IO L.ByteString) -> (L.ByteString -> IO a) -> IO a
2011-04-17 17:11:38 +00:00
pass to c i a = to c i $ \h -> a =<< L.hGetContents h
2011-04-15 22:18:39 +00:00
gpgParams :: [CommandParam] -> IO [String]
gpgParams params = do
-- Enable batch mode if GPG_AGENT_INFO is set, to avoid extraneous
-- gpg output about password prompts.
e <- catch (getEnv "GPG_AGENT_INFO") (const $ return "")
let batch = if null e then [] else ["--batch"]
return $ batch ++ defaults ++ toCommand params
where
-- be quiet, even about checking the trustdb
defaults = ["--quiet", "--trust-model", "always"]
2011-04-15 22:18:39 +00:00
gpgRead :: [CommandParam] -> IO String
gpgRead params = do
params' <- gpgParams params
pOpen ReadFromPipe "gpg" params' hGetContentsStrict
gpgPipeStrict :: [CommandParam] -> String -> IO String
gpgPipeStrict params input = do
params' <- gpgParams params
(pid, fromh, toh) <- hPipeBoth "gpg" params'
_ <- forkIO $ finally (hPutStr toh input) (hClose toh)
output <- hGetContentsStrict fromh
forceSuccess pid
return output
{- Runs gpg with a cipher and some parameters, feeding it an input,
- and passing a handle to its output to an action.
-
- Note that to avoid deadlock with the cleanup stage,
- the action must fully consume gpg's input before returning. -}
gpgCipherHandle :: [CommandParam] -> Cipher -> (IO L.ByteString) -> (Handle -> IO a) -> IO a
gpgCipherHandle params c a b = do
-- pipe the passphrase into gpg on a fd
(frompipe, topipe) <- createPipe
_ <- forkIO $ do
toh <- fdToHandle topipe
hPutStrLn toh $ cipherPassphrase c
hClose toh
let Fd passphrasefd = frompipe
let passphrase = [Param "--passphrase-fd", Param $ show passphrasefd]
params' <- gpgParams $ passphrase ++ params
(pid, fromh, toh) <- hPipeBoth "gpg" params'
_ <- forkProcess $ do
L.hPut toh =<< a
hClose toh
exitSuccess
hClose toh
ret <- b fromh
-- cleanup
forceSuccess pid
closeFd frompipe
return ret
configKeyIds :: RemoteConfig -> IO KeyIds
configKeyIds c = do
let k = configGet c "encryption"
s <- gpgRead [Params "--with-colons --list-public-keys", Param k]
return $ KeyIds $ parseWithColons s
where
parseWithColons s = map keyIdField $ filter pubKey $ lines s
pubKey = isPrefixOf "pub:"
keyIdField s = (split ":" s) !! 4
configGet :: RemoteConfig -> String -> String
configGet c key =
case M.lookup key c of
Just v -> v
Nothing -> error $ "missing " ++ key ++ " in remote config"
toB64 :: String -> String
toB64 = B64.encode . s2w8
fromB64 :: String -> String
fromB64 s =
case B64.decode s of
Nothing -> error "bad base64 encoded data"
Just ws -> w82s ws