diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-08-11 23:46:42 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-08-11 23:46:42 -0400 |
commit | 863393ab2c656759e1c225537f692961d70041dc (patch) | |
tree | 355a249c9931196887b4b7286b059d62beee02d2 /keysafe.hs | |
parent | 891347401d603ded3db2efe3a67cd289ada08cb0 (diff) | |
download | keysafe-863393ab2c656759e1c225537f692961d70041dc.tar.gz |
don't use IV as puzzle after all
Not a good idea to use IV, because all the parts of the IV that are 0
will not obscure the data in the first block at all.
Instead, sha256 the password to generate the IV, and keep the puzzle as
part of the key.
Diffstat (limited to 'keysafe.hs')
-rw-r--r-- | keysafe.hs | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -53,7 +53,7 @@ retrievedemo = do where go _ [] = error "decryption failed" go esk (kek:rest) = do - print (keyEncryptionKey kek) + putStr "." hFlush stdout case decrypt kek esk of -- TODO: verify checksum to avoid false positives |