diff options
| -rw-r--r-- | Encryption.hs | 18 | ||||
| -rw-r--r-- | keysafe.hs | 2 |
2 files changed, 12 insertions, 8 deletions
diff --git a/Encryption.hs b/Encryption.hs index 19cb650..385f36a 100644 --- a/Encryption.hs +++ b/Encryption.hs @@ -73,15 +73,15 @@ cipher = Raaz.aes256cbc blocksize :: Int blocksize = fromIntegral $ Raaz.blockSize cipher -encrypt :: KeyEncryptionKey -> SecretKey -> EncryptedSecretKey -encrypt kek (SecretKey secret) = EncryptedSecretKey b (keyBruteForceCalc kek) +encrypt :: Tunables -> KeyEncryptionKey -> SecretKey -> EncryptedSecretKey +encrypt tunables kek (SecretKey secret) = EncryptedSecretKey b (keyBruteForceCalc kek) where -- Raaz does not seem to provide a high-level interface -- for AES encryption, so use unsafeEncrypt, doing our own padding -- of the secret key, so that it is a multiple of -- the block size. b = Raaz.unsafeEncrypt cipher (keyEncryptionKey kek, keyEncryptionIV kek) $ - getPaddedBytes $ toPaddedBytes blocksize secret + getPaddedBytes $ toPaddedBytes tunables blocksize secret decrypt :: KeyEncryptionKey -> EncryptedSecretKey -> Maybe SecretKey decrypt kek (EncryptedSecretKey b _) = SecretKey <$> fromPaddedBytes pbs @@ -195,16 +195,20 @@ newtype PaddedBytes = PaddedBytes { getPaddedBytes :: B.ByteString } deriving (Show) -- Pad with NULs. Since the bytestring can itself include NULs, prefix --- with the length. -toPaddedBytes :: Int -> B.ByteString -> PaddedBytes -toPaddedBytes n b = PaddedBytes $ - B8.pack (show len) <> B.singleton 0 <> b <> padding +-- with the length. Length is itself padded with 0's. +toPaddedBytes :: Tunables -> Int -> B.ByteString -> PaddedBytes +toPaddedBytes tunables n b = PaddedBytes $ + B8.pack paddedlen <> B.singleton 0 <> b <> padding where len = B.length b r = len `rem` n padding | r == 0 = B.empty | otherwise = B.replicate (n - r) 0 + paddedlen = + let s = show len + in replicate (lensz - length s) '0' ++ s + lensz = length $ show $ objectSize tunables fromPaddedBytes :: PaddedBytes -> Maybe B.ByteString fromPaddedBytes (PaddedBytes b) = case B.break (== 0) b of @@ -27,7 +27,7 @@ storedemo = do putStrLn "Very rough estimate of cost to brute-force the password:" print $ estimateAttack spotAWS $ estimateBruteforceOf kek (passwordEntropy password) - let esk = encrypt kek secretkey + let esk = encrypt tunables kek secretkey let sis = shardIdents tunables name keyid shards <- genShards esk tunables print =<< mapM (uncurry (storeShard localFiles)) (zip (getIdents sis) shards) |