haskell/cryptoids
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor cleanup

Browse Source
This commit is contained in:
Gregor Kleen 2017-10-10 03:59:48 +02:00
parent 0cdc29fbf4
commit 03d67910e2
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cryptoids/src/Data/CryptoID/Poly.hs
View File

@ -1,14 +1,14 @@
{-# LANGUAGE ScopedTypeVariables #-} {-# LANGUAGE ScopedTypeVariables #-}
{-| {-|
Description: Reversably generate variable length bytestrings from arbitrary serializable types in a secure fashion Description: Encryption of bytestrings using a type level nonce for determinism
License: BSD3 License: BSD3
Given a value of a serializable type (like 'Int') we perform serialization and Given a value of a serializable type (like 'Int') we perform serialization and
compute a cryptographic hash of the associated namespace (carried as a phantom compute a cryptographic hash of the associated namespace (carried as a phantom
type of kind 'Symbol'). type of kind 'Symbol').
The serialized payload is then encrypted using the a symmetric cipher in CBC The serialized payload is then encrypted using the symmetric cipher in CBC mode
mode using the hashed namespace as an initialization vector (IV). using the hashed namespace as an initialization vector (IV).
The probability of detecting a namespace mismatch is thus \(1 - 2^{128-l}\) The probability of detecting a namespace mismatch is thus \(1 - 2^{128-l}\)
where \(l\) is the length of the serialized payload. where \(l\) is the length of the serialized payload.

12
uuid-crypto/src/Data/UUID/Cryptographic.hs
View File

@ -47,8 +47,8 @@ import GHC.TypeLits
type CryptoUUID (namespace :: Symbol) = CryptoID namespace UUID type CryptoUUID (namespace :: Symbol) = CryptoID namespace UUID
mapCiphertext :: Functor m => (a -> m b) -> CryptoID n a -> m (CryptoID n b) _ciphertext :: Functor m => (a -> m b) -> CryptoID n a -> m (CryptoID n b)
mapCiphertext f (CryptoID x) = CryptoID <$> f x _ciphertext f (CryptoID x) = CryptoID <$> f x
-- | @pad err size src@ appends null bytes to @src@ until it has length @size@. -- | @pad err size src@ appends null bytes to @src@ until it has length @size@.
@ -76,7 +76,7 @@ encrypt :: forall a m namespace.
encrypt key val = do encrypt key val = do
plaintext <- pad 16 . Lazy.ByteString.toStrict $ encode val plaintext <- pad 16 . Lazy.ByteString.toStrict $ encode val
mapCiphertext uuidConversion =<< Poly.encrypt key plaintext _ciphertext uuidConversion =<< Poly.encrypt key plaintext
where where
uuidConversion = maybe (throwError CiphertextConversionFailed) return . fromByteString . Lazy.ByteString.fromStrict uuidConversion = maybe (throwError CiphertextConversionFailed) return . fromByteString . Lazy.ByteString.fromStrict
@ -91,9 +91,9 @@ decrypt :: forall a m namespace.
, Binary a , Binary a
, MonadError CryptoIDError m , MonadError CryptoIDError m
) => CryptoIDKey -> CryptoUUID namespace -> m a ) => CryptoIDKey -> CryptoUUID namespace -> m a
decrypt key id = do decrypt key cId = do
id' <- (return . Lazy.ByteString.toStrict . toByteString) `mapCiphertext` id cId' <- _ciphertext (return . Lazy.ByteString.toStrict . toByteString) cId
plaintext <- Lazy.ByteString.fromStrict <$> Poly.decrypt key id' plaintext <- Lazy.ByteString.fromStrict <$> Poly.decrypt key cId'
case decodeOrFail plaintext of case decodeOrFail plaintext of
Left err -> throwError $ DeserializationError err Left err -> throwError $ DeserializationError err