blob: 083aedd38b6203b180394acbd2c1e713afba59e5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
{-# LANGUAGE OverloadedStrings #-}
module Encryption where
import Types
import ExpensiveHash
import qualified Data.ByteString as B
import Raaz.Core.Encode
import qualified Raaz.Cipher.AES as AES
import Data.Word
-- | An AES key, which is used to encrypt the key that is stored
-- in keysafe.
newtype KeyEncryptionKey = KeyEncryptionKey AES.KEY256
-- | An ExpensiveHash of the KeyIdent and a RandomObstacle are combined
-- to form the AES key.
--
-- An attacker has to brute force both, while a legitimate user
-- only has to brute force the RandomObstacle.
genKeyEncryptionKey :: KeyIdent -> Password -> KeyEncryptionKey
genKeyEncryptionKey = undefined
-- | A random value which adds difficulty to decrypting, since it's never
-- written down anywhere and must always be brute-forced.
--
-- It's always 64 bits long, and is left padded with 0's,
-- which are followed by a series of random bits (which necessarily always
-- starts with 1). Eg:
--
-- > 0000000000000000000000000000000000000000000000000000000100011100
--
-- The fewer leading 0's and thus longer the random bits,
-- the harder it is.
data RandomObstacle = RandomObstacle Word64
genRandomObstacle :: Int -> RandomObstacle
genRandomObstacle difficulty = undefined
|
