implement client-server Proof Of Work

Mashed up a argon2-based PoW with token buckets and bloom filters.
This is intended to prevent a few abuses including:

* Using a keysafe server for general file storage, by storing a whole
  lot of chunks.
* An attacker guessing names that people will use, and uploading junk
  to keysafe servers under those names, to make it harder for others to use
  keysafe later.
* An attacker trying to guess the names used for objects on keysafe
  servers in order to download them and start password cracking.
  (As a second level of defense, since the name generation hash
  is expensive already.)

Completely untested, but it builds!

This commit was sponsored by Andreas on Patreon.

1 files changed, 30 insertions, 0 deletions

diff --git a/ByteStrings.hs b/ByteStrings.hs
new file mode 100644
index 0000000..02e22ab
--- /dev/null
+++ b/ByteStrings.hs
@@ -0,0 +1,30 @@
+{- Copyright 2016 Joey Hess <id@joeyh.name>
+ -
+ - Licensed under the GNU AGPL version 3 or higher.
+ -}
+
+module ByteStrings where
+
+import qualified Data.ByteString as B
+
+allByteStringsOfLength :: Int -> [B.ByteString]
+allByteStringsOfLength = go []
+  where
+	go ws n
+		| n == 0 = return (B.pack ws)
+		| otherwise = do
+			w <- [0..255]
+			go (w:ws) (n-1)
+
+-- | Contains every possible byte strings, with shorter ones first.
+allByteStrings :: [B.ByteString]
+allByteStrings = concatMap allByteStringsOfLength [1..]
+
+chunkByteString :: Int -> B.ByteString -> [B.ByteString]
+chunkByteString n = go []
+  where
+	go cs b
+		| B.length b <= n = reverse (b:cs)
+		| otherwise = 
+			let (h, t) = B.splitAt n b
+			in go (h:cs) t