diff options
Diffstat (limited to 'Share.hs')
-rw-r--r-- | Share.hs | 16 |
1 files changed, 13 insertions, 3 deletions
@@ -41,18 +41,28 @@ instance HasCreationCost ShareIdents where instance Bruteforceable ShareIdents UnknownName where getBruteCostCalc = identsBruteForceCalc +data Distinguisher + = Distinguisher SecretKeySource + | AnyGpgKey + -- ^ Use to avoid the gpg keyid needing to be provided + -- at restore time. + deriving (Eq) + -- | Generates identifiers to use for storing shares. -- -- This is an expensive operation, to make it difficult for an attacker -- to brute force known/guessed names and find matching shares. -- The keyid or filename is used as a salt, to avoid collisions -- when the same name is chosen for multiple keys. -shareIdents :: Tunables -> Name -> SecretKeySource -> ShareIdents -shareIdents tunables (Name name) keyid = +shareIdents :: Tunables -> Name -> Distinguisher -> ShareIdents +shareIdents tunables (Name name) shareident = ShareIdents (segmentbyshare idents) creationcost bruteforcecalc where (ExpensiveHash creationcost basename) = - expensiveHash hashtunables (Salt keyid) name + expensiveHash hashtunables salt name + salt = case shareident of + Distinguisher sks -> Salt sks + AnyGpgKey -> Salt (GpgKey (KeyId "")) mk n = StorableObjectIdent $ Raaz.toByteString $ mksha $ E.encodeUtf8 $ basename <> T.pack (show n) mksha :: B.ByteString -> Raaz.Base16 |