Allow public-key encryption of file content.
With the initremote parameters "encryption=pubkey keyid=788A3F4C". /!\ Adding or removing a key has NO effect on files that have already been copied to the remote. Hence using keyid+= and keyid-= with such remotes should be used with care, and make little sense unless the point is to replace a (sub-)key by another. /!\ Also, a test case has been added to ensure that the cipher and file contents are encrypted as specified by the chosen encryption scheme.
This commit is contained in:
guilhem
Joey Hess
parent
f8082933e7
commit
8293ed619f
17 changed files with 307 additions and 140 deletions
|
|
@ -55,7 +55,7 @@ gen r u c gc = do
|
|||
let o = RsyncOpts url (transport ++ opts) escape
|
||||
islocal = rsyncUrlIsPath $ rsyncUrl o
|
||||
return $ encryptableRemote c
|
||||
(storeEncrypted o $ getGpgOpts gc)
|
||||
(storeEncrypted o $ getGpgEncParams (c,gc))
|
||||
(retrieveEncrypted o)
|
||||
Remote
|
||||
{ uuid = u
|
||||
|
|
@ -137,7 +137,7 @@ rsyncUrls o k = map use annexHashes
|
|||
store :: RsyncOpts -> Key -> AssociatedFile -> MeterUpdate -> Annex Bool
|
||||
store o k _f p = sendAnnex k (void $ remove o k) $ rsyncSend o p k False
|
||||
|
||||
storeEncrypted :: RsyncOpts -> GpgOpts -> (Cipher, Key) -> Key -> MeterUpdate -> Annex Bool
|
||||
storeEncrypted :: RsyncOpts -> [CommandParam] -> (Cipher, Key) -> Key -> MeterUpdate -> Annex Bool
|
||||
storeEncrypted o gpgOpts (cipher, enck) k p = withTmp enck $ \tmp ->
|
||||
sendAnnex k (void $ remove o enck) $ \src -> do
|
||||
liftIO $ encrypt gpgOpts cipher (feedFile src) $
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue