metadata: Fix encoding problem that led to mojibake when storing metadata strings that contained both unicode characters and a space (or '!') character.

The fix is to stop using w82s, which does not properly reconstitute unicode
strings. Instrad, use utf8 bytestring to get the [Word8] to base64. This
passes unicode through perfectly, including any invalid filesystem encoded
characters.

Note that toB64 / fromB64 are also used for creds and cipher
embedding. It would be unfortunate if this change broke those uses.

For cipher embedding, note that ciphers can contain arbitrary bytes (should
really be using ByteString.Char8 there). Testing indicated it's not safe to
use the new fromB64 there; I think that characters were incorrectly
combined.

For credpair embedding, the username or password could contain unicode.
Before, that unicode would fail to round-trip through the b64.
So, I guess this is not going to break any embedded creds that worked
before.

This bug may have affected some creds before, and if so,
this change will not fix old ones, but should fix new ones at least.
This commit is contained in:
Joey Hess 2015-03-04 11:16:03 -04:00
parent b9ff4a6001
commit 9b93278e8a
8 changed files with 88 additions and 13 deletions

View file

@ -20,13 +20,14 @@ module Remote.Helper.Encryptable (
) where
import qualified Data.Map as M
import qualified "dataenc" Codec.Binary.Base64 as B64
import Data.Bits.Utils
import Common.Annex
import Types.Remote
import Crypto
import Types.Crypto
import qualified Annex
import Utility.Base64
-- Used to ensure that encryption has been set up before trying to
-- eg, store creds in the remote config that would need to use the
@ -137,9 +138,9 @@ cipherKey c = fmap make <$> remoteCipher c
{- Stores an StorableCipher in a remote's configuration. -}
storeCipher :: RemoteConfig -> StorableCipher -> RemoteConfig
storeCipher c (SharedCipher t) = M.insert "cipher" (toB64 t) c
storeCipher c (SharedCipher t) = M.insert "cipher" (toB64bs t) c
storeCipher c (EncryptedCipher t _ ks) =
M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (showkeys ks) c
M.insert "cipher" (toB64bs t) $ M.insert "cipherkeys" (showkeys ks) c
where
showkeys (KeyIds l) = intercalate "," l
@ -149,11 +150,11 @@ extractCipher c = case (M.lookup "cipher" c,
M.lookup "cipherkeys" c,
M.lookup "encryption" c) of
(Just t, Just ks, encryption) | maybe True (== "hybrid") encryption ->
Just $ EncryptedCipher (fromB64 t) Hybrid (readkeys ks)
Just $ EncryptedCipher (fromB64bs t) Hybrid (readkeys ks)
(Just t, Just ks, Just "pubkey") ->
Just $ EncryptedCipher (fromB64 t) PubKey (readkeys ks)
Just $ EncryptedCipher (fromB64bs t) PubKey (readkeys ks)
(Just t, Nothing, encryption) | maybe True (== "shared") encryption ->
Just $ SharedCipher (fromB64 t)
Just $ SharedCipher (fromB64bs t)
_ -> Nothing
where
readkeys = KeyIds . split ","
@ -169,3 +170,14 @@ describeEncryption c = case extractCipher c of
PubKey -> Nothing
Hybrid -> Just "(hybrid mode)"
]
{- Not using Utility.Base64 because these "Strings" are really
- bags of bytes and that would convert to unicode and not roung-trip
- cleanly. -}
toB64bs :: String -> String
toB64bs = B64.encode . s2w8
fromB64bs :: String -> String
fromB64bs s = fromMaybe bad $ w82s <$> B64.decode s
where
bad = error "bad base64 encoded data"