Added new encryption=sharedpubkey mode for special remotes.
This is useful for makking a special remote that anyone with a clone of the repo and your public keys can upload files to, but only you can decrypt the files stored in it.
This commit is contained in:
Joey Hess
parent
2d00523609
commit
e219289c83
7 changed files with 114 additions and 63 deletions
|
|
@ -10,6 +10,7 @@ module Types.Crypto (
|
|||
StorableCipher(..),
|
||||
EncryptedCipherVariant(..),
|
||||
KeyIds(..),
|
||||
cipherKeyIds,
|
||||
Mac(..),
|
||||
readMac,
|
||||
showMac,
|
||||
|
|
@ -23,12 +24,19 @@ import Utility.Gpg (KeyIds(..))
|
|||
-- XXX ideally, this would be a locked memory region
|
||||
data Cipher = Cipher String | MacOnlyCipher String
|
||||
|
||||
data StorableCipher = EncryptedCipher String EncryptedCipherVariant KeyIds
|
||||
| SharedCipher String
|
||||
data StorableCipher
|
||||
= EncryptedCipher String EncryptedCipherVariant KeyIds
|
||||
| SharedCipher String
|
||||
| SharedPubKeyCipher String KeyIds
|
||||
deriving (Ord, Eq)
|
||||
data EncryptedCipherVariant = Hybrid | PubKey
|
||||
deriving (Ord, Eq)
|
||||
|
||||
cipherKeyIds :: StorableCipher -> Maybe KeyIds
|
||||
cipherKeyIds (EncryptedCipher _ _ ks) = Just ks
|
||||
cipherKeyIds (SharedPubKeyCipher _ ks) = Just ks
|
||||
cipherKeyIds (SharedCipher _) = Nothing
|
||||
|
||||
defaultMac :: Mac
|
||||
defaultMac = HmacSha1
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue