Support for remotes that are chunkable and encryptable.
I'd have liked to keep these two concepts entirely separate, but that are entagled: Storing a key in an encrypted and chunked remote need to generate chunk keys, encrypt the keys, chunk the data, encrypt the chunks, and send them to the remote. Similar for retrieval, etc. So, here's an implemnetation of all of that. The total win here is that every remote was implementing encrypted storage and retrival, and now it can move into this single place. I expect this to result in several hundred lines of code being removed from git-annex eventually! This commit was sponsored by Henrik Ahlgren.
This commit is contained in:
Joey Hess
parent
d4d68f57e5
commit
1400cbb032
4 changed files with 254 additions and 15 deletions
|
|
@ -13,6 +13,7 @@
|
|||
module Crypto (
|
||||
Cipher,
|
||||
KeyIds(..),
|
||||
EncKey,
|
||||
StorableCipher(..),
|
||||
genEncryptedCipher,
|
||||
genSharedCipher,
|
||||
|
|
@ -138,10 +139,12 @@ decryptCipher (EncryptedCipher t variant _) =
|
|||
Hybrid -> Cipher
|
||||
PubKey -> MacOnlyCipher
|
||||
|
||||
type EncKey = Key -> Key
|
||||
|
||||
{- Generates an encrypted form of a Key. The encryption does not need to be
|
||||
- reversable, nor does it need to be the same type of encryption used
|
||||
- on content. It does need to be repeatable. -}
|
||||
encryptKey :: Mac -> Cipher -> Key -> Key
|
||||
encryptKey :: Mac -> Cipher -> EncKey
|
||||
encryptKey mac c k = stubKey
|
||||
{ keyName = macWithCipher mac c (key2file k)
|
||||
, keyBackendName = "GPG" ++ showMac mac
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue