switch to random salt byte to make decryption expensive

author: Joey Hess <joeyh@joeyh.name> 2016-08-16 12:57:19 -0400
committer: Joey Hess <joeyh@joeyh.name> 2016-08-16 13:04:07 -0400
commit: 3b4a775d536b2b2956269a59f886487efe29ed51 (patch)
tree: bbd8fd580afad11f822b2929061b034abf376c50 /keysafe.hs
parent: d7696832e183cc3e98d094b35ee4392d0c8d3df5 (diff)
download: keysafe-3b4a775d536b2b2956269a59f886487efe29ed51.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/keysafe.hs b/keysafe.hs
index 6306511..4058487 100644
--- a/keysafe.hs
+++ b/keysafe.hs
@@ -12,6 +12,7 @@ import Tunables
 import qualified CmdLine
 import UI
 import Encryption
+import Entropy
 import Cost
 import Shard
 import Storage
@@ -45,7 +46,7 @@ storedemo ui keyid tunables = do
 	kek <- genKeyEncryptionKey tunables name password
 	putStrLn "Very rough estimate of cost to brute-force the password:"
 	print $ estimateAttack spotAWS $ estimateBruteforceOf kek
-		(passwordEntropy password)
+		(passwordEntropy password [])
 	let esk = encrypt tunables kek secretkey
 	let sis = shardIdents tunables name keyid
 	shards <- genShards esk tunables
@@ -77,8 +78,7 @@ retrievedemo ui keyid = do
 		<$> mapM (uncurry (retrieveShard localFiles)) l
 	_ <- obscureShards localFiles
 	let esk = combineShards tunables shards
-	basekek <- genKeyEncryptionKey tunables name password
-	go esk (candidateKeyEncryptionKeys tunables basekek)
+	go esk (candidateKeyEncryptionKeys tunables name password)
   where
 	go _ [] = error "decryption failed"
 	go esk (kek:rest) = case decrypt kek esk of
author	Joey Hess <joeyh@joeyh.name>	2016-08-16 12:57:19 -0400
committer	Joey Hess <joeyh@joeyh.name>	2016-08-16 13:04:07 -0400
commit	3b4a775d536b2b2956269a59f886487efe29ed51 (patch)
tree	bbd8fd580afad11f822b2929061b034abf376c50 /keysafe.hs
parent	d7696832e183cc3e98d094b35ee4392d0c8d3df5 (diff)
download	keysafe-3b4a775d536b2b2956269a59f886487efe29ed51.tar.gz