diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-11 16:47:55 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-11 16:47:55 -0400 |
| commit | 3d33805c61db111dbd324df4a19eddb6aad42606 (patch) | |
| tree | 3049e4058990af048c2d3fd34160f4dcfa0e4029 | |
| parent | b2719f6e84c0c1f49ac6ab9b60846a899563961c (diff) | |
| download | keysafe-3d33805c61db111dbd324df4a19eddb6aad42606.tar.gz | |
partial demo
| -rw-r--r-- | Types.hs | 3 | ||||
| -rw-r--r-- | keysafe.hs | 36 |
2 files changed, 36 insertions, 3 deletions
@@ -18,6 +18,9 @@ newtype SecretKey = SecretKey B.ByteString -- | The secret key, encrypted with a password. data EncryptedSecretKey = EncryptedSecretKey B.ByteString (CostCalc BruteForceOp UnknownPassword) +instance Show EncryptedSecretKey where + show (EncryptedSecretKey b _) = show b + instance Bruteforceable EncryptedSecretKey UnknownPassword where getBruteCostCalc (EncryptedSecretKey _ cc) = cc @@ -15,14 +15,20 @@ import Raaz.Core.Encode import System.IO import System.Posix.ByteString import qualified Data.ByteString as B +import Control.DeepSeq main :: IO () main = do + storedemo + retrievedemo + +storedemo :: IO () +storedemo = do kek <- genKeyEncryptionKey tunables name password let esk = encrypt kek secretkey let sis = shardIdents tunables name keyid shards <- genShards esk tunables - mapM_ (uncurry store) (zip (getIdents sis) shards) + mapM_ (uncurry storeShard) (zip (getIdents sis) shards) where password = Password "foo" name = Name "bar" @@ -30,11 +36,35 @@ main = do keyid = KeyId gpgKey "foobar" secretkey = SecretKey "this is a gpg private key" -store :: StorableObjectIdent -> StorableObject -> IO () -store i o = do +retrievedemo :: IO () +retrievedemo = do + let sis = shardIdents tunables name keyid + shards <- mapM retrieveShard (drop 1 $ getIdents sis) + let esk = combineShards tunables shards + kek <- genKeyEncryptionKey tunables name password + -- TODO: need to solve the encryption puzzle + case decrypt kek esk of + Just (SecretKey sk) -> print sk + Nothing -> print ("Failed" :: String, esk) + where + password = Password "foo" + name = Name "bar" + tunables = testModeTunables -- defaultTunables + keyid = KeyId gpgKey "foobar" + +storeShard :: StorableObjectIdent -> StorableObject -> IO () +storeShard i o = do print $ toByteString i fd <- openFd (toByteString i) WriteOnly (Just 0o666) (defaultFileFlags { exclusive = True } ) h <- fdToHandle fd B.hPut h (fromStorableObject o) hClose h + +retrieveShard :: StorableObjectIdent -> IO StorableObject +retrieveShard i = do + fd <- openFd (toByteString i) ReadOnly Nothing defaultFileFlags + h <- fdToHandle fd + b <- B.hGetContents h + b `deepseq` hClose h + return (StorableObject b) |