use name, not password as IV

It was probably ok to use the password, but it's certianly ok to use the
name:

* The name must be known if the shards have been reassembled to get to the
  point of decrypting the sharded data.
* The name is unique, while a user might reuse a password for eg, storing
  different versions of the same key.

1 files changed, 5 insertions, 5 deletions

diff --git a/Encryption.hs b/Encryption.hs
index d5a9879..649cfed 100644
--- a/Encryption.hs
+++ b/Encryption.hs
@@ -96,7 +96,7 @@ genKeyEncryptionKeys :: [SaltPrefix] -> Tunables -> Name -> Password -> [KeyEncr
 genKeyEncryptionKeys saltprefixes tunables (Name name) (Password password) =
 	map mk saltprefixes
   where
-	iv = genIV (Password password)
+	iv = genIV (Name name)
 	-- To brute force data encrypted with a key,
 	-- an attacker needs to pay the decryptcost for
 	-- each password checked.
@@ -128,12 +128,12 @@ allByteStringsOfLength = go []
 			w <- [0..255]
 			go (w:ws) (n-1)
 
--- Use the sha256 of the password (truncated) as the IV.
-genIV :: Password -> Raaz.IV
-genIV (Password password) =
+-- Use the sha256 of the name (truncated) as the IV.
+genIV :: Name -> Raaz.IV
+genIV (Name name) =
 	fromMaybe (error "genIV fromByteString failed") $
 		Raaz.fromByteString $ B.take ivlen $
-			Raaz.toByteString $ Raaz.sha256 password
+			Raaz.toByteString $ Raaz.sha256 name
   where
 	ivlen = fromIntegral $ Raaz.byteSize (undefined :: Raaz.IV)