refactor
This commit is contained in:
Joey Hess
parent
9f04367336
commit
bd592d1450
2 changed files with 21 additions and 24 deletions
26
Crypto.hs
26
Crypto.hs
|
|
@ -10,13 +10,12 @@
|
||||||
|
|
||||||
module Crypto (
|
module Crypto (
|
||||||
Cipher,
|
Cipher,
|
||||||
|
KeyIds(..),
|
||||||
StorableCipher(..),
|
StorableCipher(..),
|
||||||
genEncryptedCipher,
|
genEncryptedCipher,
|
||||||
genSharedCipher,
|
genSharedCipher,
|
||||||
updateEncryptedCipher,
|
updateEncryptedCipher,
|
||||||
describeCipher,
|
describeCipher,
|
||||||
storeCipher,
|
|
||||||
extractCipher,
|
|
||||||
decryptCipher,
|
decryptCipher,
|
||||||
encryptKey,
|
encryptKey,
|
||||||
withEncryptedHandle,
|
withEncryptedHandle,
|
||||||
|
|
@ -28,7 +27,6 @@ module Crypto (
|
||||||
) where
|
) where
|
||||||
|
|
||||||
import qualified Data.ByteString.Lazy.Char8 as L
|
import qualified Data.ByteString.Lazy.Char8 as L
|
||||||
import qualified Data.Map as M
|
|
||||||
import Data.ByteString.Lazy.UTF8 (fromString)
|
import Data.ByteString.Lazy.UTF8 (fromString)
|
||||||
import Data.Digest.Pure.SHA
|
import Data.Digest.Pure.SHA
|
||||||
import Control.Applicative
|
import Control.Applicative
|
||||||
|
|
@ -36,8 +34,6 @@ import Control.Applicative
|
||||||
import Common.Annex
|
import Common.Annex
|
||||||
import qualified Utility.Gpg as Gpg
|
import qualified Utility.Gpg as Gpg
|
||||||
import Types.Key
|
import Types.Key
|
||||||
import Types.Remote
|
|
||||||
import Utility.Base64
|
|
||||||
import Types.Crypto
|
import Types.Crypto
|
||||||
|
|
||||||
{- The first half of a Cipher is used for HMAC; the remainder
|
{- The first half of a Cipher is used for HMAC; the remainder
|
||||||
|
|
@ -90,24 +86,6 @@ describeCipher (EncryptedCipher _ (KeyIds ks)) =
|
||||||
keys [_] = "key"
|
keys [_] = "key"
|
||||||
keys _ = "keys"
|
keys _ = "keys"
|
||||||
|
|
||||||
{- Stores an StorableCipher in a remote's configuration. -}
|
|
||||||
storeCipher :: RemoteConfig -> StorableCipher -> RemoteConfig
|
|
||||||
storeCipher c (SharedCipher t) = M.insert "cipher" (toB64 t) c
|
|
||||||
storeCipher c (EncryptedCipher t ks) =
|
|
||||||
M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (showkeys ks) c
|
|
||||||
where
|
|
||||||
showkeys (KeyIds l) = join "," l
|
|
||||||
|
|
||||||
{- Extracts an StorableCipher from a remote's configuration. -}
|
|
||||||
extractCipher :: RemoteConfig -> Maybe StorableCipher
|
|
||||||
extractCipher c =
|
|
||||||
case (M.lookup "cipher" c, M.lookup "cipherkeys" c) of
|
|
||||||
(Just t, Just ks) -> Just $ EncryptedCipher (fromB64 t) (readkeys ks)
|
|
||||||
(Just t, Nothing) -> Just $ SharedCipher (fromB64 t)
|
|
||||||
_ -> Nothing
|
|
||||||
where
|
|
||||||
readkeys = KeyIds . split ","
|
|
||||||
|
|
||||||
{- Encrypts a Cipher to the specified KeyIds. -}
|
{- Encrypts a Cipher to the specified KeyIds. -}
|
||||||
encryptCipher :: Cipher -> KeyIds -> IO StorableCipher
|
encryptCipher :: Cipher -> KeyIds -> IO StorableCipher
|
||||||
encryptCipher (Cipher c) (KeyIds ks) = do
|
encryptCipher (Cipher c) (KeyIds ks) = do
|
||||||
|
|
@ -160,7 +138,7 @@ withDecryptedContent = pass withDecryptedHandle
|
||||||
|
|
||||||
pass :: (Cipher -> IO L.ByteString -> (Handle -> IO a) -> IO a)
|
pass :: (Cipher -> IO L.ByteString -> (Handle -> IO a) -> IO a)
|
||||||
-> Cipher -> IO L.ByteString -> (L.ByteString -> IO a) -> IO a
|
-> Cipher -> IO L.ByteString -> (L.ByteString -> IO a) -> IO a
|
||||||
pass to c i a = to c i $ \h -> a =<< L.hGetContents h
|
pass to n s a = to n s $ \h -> a =<< L.hGetContents h
|
||||||
|
|
||||||
hmacWithCipher :: Cipher -> String -> String
|
hmacWithCipher :: Cipher -> String -> String
|
||||||
hmacWithCipher c = hmacWithCipher' (cipherHmac c)
|
hmacWithCipher c = hmacWithCipher' (cipherHmac c)
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,7 @@ import Types.Remote
|
||||||
import Crypto
|
import Crypto
|
||||||
import qualified Annex
|
import qualified Annex
|
||||||
import Config
|
import Config
|
||||||
|
import Utility.Base64
|
||||||
|
|
||||||
{- Encryption setup for a remote. The user must specify whether to use
|
{- Encryption setup for a remote. The user must specify whether to use
|
||||||
- an encryption key, or not encrypt. An encrypted cipher is created, or is
|
- an encryption key, or not encrypt. An encrypted cipher is created, or is
|
||||||
|
|
@ -93,3 +94,21 @@ cipherKey Nothing _ = return Nothing
|
||||||
cipherKey (Just c) k = maybe Nothing encrypt <$> remoteCipher c
|
cipherKey (Just c) k = maybe Nothing encrypt <$> remoteCipher c
|
||||||
where
|
where
|
||||||
encrypt ciphertext = Just (ciphertext, encryptKey ciphertext k)
|
encrypt ciphertext = Just (ciphertext, encryptKey ciphertext k)
|
||||||
|
|
||||||
|
{- Stores an StorableCipher in a remote's configuration. -}
|
||||||
|
storeCipher :: RemoteConfig -> StorableCipher -> RemoteConfig
|
||||||
|
storeCipher c (SharedCipher t) = M.insert "cipher" (toB64 t) c
|
||||||
|
storeCipher c (EncryptedCipher t ks) =
|
||||||
|
M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (showkeys ks) c
|
||||||
|
where
|
||||||
|
showkeys (KeyIds l) = join "," l
|
||||||
|
|
||||||
|
{- Extracts an StorableCipher from a remote's configuration. -}
|
||||||
|
extractCipher :: RemoteConfig -> Maybe StorableCipher
|
||||||
|
extractCipher c =
|
||||||
|
case (M.lookup "cipher" c, M.lookup "cipherkeys" c) of
|
||||||
|
(Just t, Just ks) -> Just $ EncryptedCipher (fromB64 t) (readkeys ks)
|
||||||
|
(Just t, Nothing) -> Just $ SharedCipher (fromB64 t)
|
||||||
|
_ -> Nothing
|
||||||
|
where
|
||||||
|
readkeys = KeyIds . split ","
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue