Add cabal files

.gitignore

@@ -2,12 +2,11 @@
 **/result*
 **/.stack-work
 **/dist
+**/.cabal-sandbox
+**/cabal.sandbox.config
 
-cryptoids/cryptoids.cabal
 cryptoids/cryptoids.nix
-cryptoids-types/cryptoids-types.cabal
 cryptoids-types/cryptoids-types.nix
-filepath-crypto/filepath-crypto.cabal
+cryptoids-class/cryptoids-class.nix
 filepath-crypto/filepath-crypto.nix
-uuid-crypto/uuid-crypto.cabal
 uuid-crypto/uuid-crypto.nix

cryptoids-class/changes.md

@@ -1,3 +1,7 @@
+# 1.0.0
+
+Provide additional instances
+
 # 0.0.0
 
 First published version

cryptoids-class/cryptoids-class.cabal

@@ -1,8 +1,10 @@
--- This file has been generated from package.yaml by hpack version 0.21.2.
+cabal-version: 1.12
+
+-- This file has been generated from package.yaml by hpack version 0.33.0.
 --
 -- see: https://github.com/sol/hpack
 --
--- hash: 58e6a5c78e58b86751a93cc27c85fb09bbdd1b80ba3aaae841dca1bae5abd231
+-- hash: dd9f9a0b050372518a87252f0a06cdf31bc4d937f491d2e05e3d74bfef2b9129
 
 name:           cryptoids-class
 version:        0.0.0
@@ -13,8 +15,6 @@ maintainer:     Gregor Kleen <aethoago@141.li>
 license:        BSD3
 license-file:   LICENSE
 build-type:     Simple
-cabal-version:  >= 1.10
-
 extra-source-files:
     changes.md
 
@@ -30,10 +30,10 @@ library
       Paths_cryptoids_class
   hs-source-dirs:
       src
-  default-extensions: DataKinds KindSignatures MultiParamTypeClasses TypeFamilies FlexibleContexts ConstraintKinds PatternSynonyms
+  default-extensions: DataKinds KindSignatures MultiParamTypeClasses TypeFamilies FlexibleContexts ConstraintKinds PatternSynonyms TypeFamilyDependencies
   ghc-options: -Wall -fno-warn-name-shadowing
   build-depends:
-      base
-    , cryptoids-types
-    , exceptions
+      base >=4.9 && <5
+    , cryptoids-types >=0.0.0 && <1.1
+    , exceptions >=0.8.3 && <0.11
   default-language: Haskell2010

cryptoids-class/package.yaml

@@ -18,15 +18,16 @@ default-extensions:
   - FlexibleContexts
   - ConstraintKinds
   - PatternSynonyms
+  - TypeFamilyDependencies
 
 ghc-options:
   - -Wall
   - -fno-warn-name-shadowing
 
 dependencies:
-  - base
-  - cryptoids-types
-  - exceptions
+  - base >=4.9 && <5
+  - cryptoids-types >=0.0.0 && <1.1
+  - exceptions >=0.8.3 && <0.11
 
 library:
   source-dirs: src

cryptoids-types/cryptoids-types.cabal

@@ -0,0 +1,42 @@
+cabal-version: 1.12
+
+-- This file has been generated from package.yaml by hpack version 0.33.0.
+--
+-- see: https://github.com/sol/hpack
+--
+-- hash: 6a350506959cbc3b9a183f3cc46044d4b469d5ead2516549318893200ed52c1f
+
+name:           cryptoids-types
+version:        1.0.0
+synopsis:       Shared types for encrypting internal object identifiers before exposure
+category:       Web
+author:         Gregor Kleen <aethoago@141.li>
+maintainer:     Gregor Kleen <aethoago@141.li>
+license:        BSD3
+license-file:   LICENSE
+build-type:     Simple
+extra-source-files:
+    changes.md
+
+source-repository head
+  type: git
+  location: https://git.rheperire.org/cryptoids/cryptoids-types
+
+library
+  exposed-modules:
+      Data.CryptoID
+  other-modules:
+      Paths_cryptoids_types
+  hs-source-dirs:
+      src
+  default-extensions: KindSignatures DataKinds GeneralizedNewtypeDeriving DeriveGeneric DeriveDataTypeable
+  ghc-options: -Wall -fno-warn-name-shadowing
+  build-depends:
+      aeson >=1.2.4.0 && <1.5
+    , base >=4.9 && <5
+    , binary >=0.8.3 && <0.11
+    , deepseq >=1.4.3.0 && <1.5
+    , hashable >=1.2.6.1 && <1.4
+    , http-api-data >=0.3.7 && <0.5
+    , path-pieces >=0.2.1 && <0.3
+  default-language: Haskell2010

cryptoids-types/package.yaml

@@ -1,6 +1,6 @@
 name: cryptoids-types
 synopsis: Shared types for encrypting internal object identifiers before exposure
-version: 0.0.0
+version: 1.0.0
 license: BSD3
 license-file: LICENSE
 author: Gregor Kleen <aethoago@141.li>
@@ -22,10 +22,13 @@ ghc-options:
   - -fno-warn-name-shadowing
 
 dependencies:
-  - base
-  - binary
-  - path-pieces
-  - http-api-data
+  - base >=4.9 && <5
+  - binary >=0.8.3 && <0.11
+  - path-pieces >=0.2.1 && <0.3
+  - http-api-data >=0.3.7 && <0.5
+  - aeson >=1.2.4.0 && <1.5
+  - deepseq >=1.4.3.0 && <1.5
+  - hashable >=1.2.6.1 && <1.4
 
 library:
   source-dirs: src

cryptoids-types/src/Data/CryptoID.hs

@@ -13,10 +13,16 @@ import Foreign.Storable (Storable)
 import Web.PathPieces (PathPiece)
 import Web.HttpApiData (ToHttpApiData, FromHttpApiData)
 
+import Control.DeepSeq (NFData)
+import Data.Aeson (ToJSON, ToJSONKey, FromJSON, FromJSONKey)
+
+import Data.Hashable (Hashable)
+
 newtype CryptoID (namespace :: Symbol) a = CryptoID { ciphertext :: a }
   deriving ( Eq, Ord
            , Read, Show
-           , Binary, Storable
+           , Binary, Storable, NFData, Hashable
            , Data, Typeable, Generic
            , PathPiece, ToHttpApiData, FromHttpApiData
+           , ToJSON, ToJSONKey, FromJSON, FromJSONKey
            )

cryptoids/changes.md

@@ -1,22 +1,33 @@
+# 0.5.1.0
+
+    - Add 'CiphertextIsWrongLength'
+    - Bump version bound on 'cryptonite'
+
 # 0.5.0.0
+
     - Add support for 'cryptoids-class'
 
 # 0.4.0.0
+
     - Expose 'cipherBlockSize'
     - Adjust 'Data.CryptoID.Poly' to allow for more dynamic padding
 
 # 0.3.0.0
+
     - Better exception type (does no longer leak private information)
     - 'Data.CryptoID.Poly' now supports padding the plaintext to a certain length before encryption
 
 # 0.2.0.0
+
     - Rename 'Data.CryptoID.Poly' to 'Data.CryptoID.ByteString'
     - Introduce 'Data.CryptoID.Poly' doing actual serialization
 
 # 0.1.0.1
+
     - Correct mistakes in the documentation
 
 # 0.1.0
+
     - Switch to using 'MonadThrow' instead of 'MonadError'
     - Introduce 'readKeyFile'
 

cryptoids/cryptoids.cabal

@@ -0,0 +1,48 @@
+cabal-version: 1.12
+
+-- This file has been generated from package.yaml by hpack version 0.33.0.
+--
+-- see: https://github.com/sol/hpack
+--
+-- hash: fe6fa2663ccd1e8201fcf5fc8f1c76ab6a14a25ddea79a68540cdf5f9b40e080
+
+name:           cryptoids
+version:        0.5.1.0
+synopsis:       Reversable and secure encoding of object ids as a bytestring
+category:       cryptography
+author:         Gregor Kleen <aethoago@141.li>
+maintainer:     Gregor Kleen <aethoago@141.li>
+license:        BSD3
+license-file:   LICENSE
+build-type:     Simple
+extra-source-files:
+    changes.md
+
+source-repository head
+  type: git
+  location: https://git.rheperire.org/cryptoids/cryptoids
+
+library
+  exposed-modules:
+      Data.CryptoID.Poly
+      Data.CryptoID.Poly.ImplicitNamespace
+      Data.CryptoID.ByteString
+      Data.CryptoID.ByteString.ImplicitNamespace
+  other-modules:
+      Paths_cryptoids
+  hs-source-dirs:
+      src
+  default-extensions: RankNTypes DataKinds GeneralizedNewtypeDeriving ViewPatterns RecordWildCards FlexibleContexts FlexibleInstances MultiParamTypeClasses TypeFamilies ConstraintKinds
+  ghc-options: -Wall -fno-warn-name-shadowing
+  build-depends:
+      base >=4.9 && <5
+    , binary >=0.8.3 && <0.11
+    , bytestring >=0.10.8 && <0.11
+    , cryptoids-class >=0.0 && <0.1
+    , cryptoids-types >=0.0 && <1.1
+    , cryptonite >=0.23 && <0.27
+    , directory >=1.3.0 && <1.4
+    , exceptions >=0.8.3 && <0.11
+    , filepath >=1.4.1 && <1.5
+    , memory >=0.14.6 && <0.16
+  default-language: Haskell2010

cryptoids/package.yaml

@@ -1,5 +1,5 @@
 name: cryptoids
-version: 0.5.0.0
+version: 0.5.1.0
 synopsis: Reversable and secure encoding of object ids as a bytestring
 category: cryptography
 author: Gregor Kleen <aethoago@141.li>
@@ -24,16 +24,16 @@ ghc-options:
   - -Wall
   - -fno-warn-name-shadowing
 dependencies:
-  - base
-  - cryptoids-types
-  - cryptoids-class
-  - cryptonite
-  - bytestring
-  - binary
-  - memory
-  - exceptions
-  - filepath
-  - directory
+  - base >=4.9 && <5
+  - cryptoids-types >=0.0 && <1.1
+  - cryptoids-class >=0.0 && <0.1
+  - cryptonite >=0.23 && <0.27
+  - bytestring >=0.10.8 && <0.11
+  - binary >=0.8.3 && <0.11
+  - memory >=0.14.6 && <0.16
+  - exceptions >=0.8.3 && <0.11
+  - filepath >=1.4.1 && <1.5
+  - directory >=1.3.0 && <1.4
 
 library:
   source-dirs: src

cryptoids/src/Data/CryptoID/ByteString.hs

@@ -123,6 +123,11 @@ data CryptoIDError
     --   'CryptoCipher'
     --
     -- The length of the offending plaintext is included.
+  | CiphertextIsWrongLength ByteString
+    -- ^ The length of the ciphertext is not a multiple of the block size of
+    --   'CryptoCipher'
+    --
+    -- The offending ciphertext is included.
   | NamespaceHashIsWrongLength ByteString
     -- ^ The length of the digest produced by 'CryptoHash' does
     --   not match the block size of 'CryptoCipher'.
@@ -222,11 +227,16 @@ decrypt :: forall m namespace.
 decrypt (keyMaterial -> key) CryptoID{..} = do
   cipher <- cryptoFailable (cipherInit key :: CryptoFailable CryptoCipher)
   namespace <- namespace' (Proxy :: Proxy namespace)
+  when (ByteString.length ciphertext `mod` blockSize cipher /= 0) $
+    throwM $ CiphertextIsWrongLength ciphertext
   return $ cbcDecrypt cipher namespace ciphertext
 
--- | This instance is somewhat improper in that it works only for plaintexts whose length is a multiple of 'cipherBlockSize'
+-- | This instance is somewhat improper in that it works only for plain- and
+--   ciphertexts whose length is a multiple of 'cipherBlockSize'
 --
 -- Improper plaintext lengths throw 'PlaintextIsWrongLength'
+--
+-- Improper ciphertext lengths throw 'CiphertextIsWrongLength'
 instance ( MonadCrypto m
          , MonadCryptoKey m ~ CryptoIDKey
          , KnownSymbol namespace

filepath-crypto/changes.md

@@ -1,13 +1,17 @@
 # 0.1.0.0
+
     - Add support for 'cryptoids-class'
 
 # 0.0.0.3
+
     - Got rid of `encoding`
 
 # 0.0.0.2
+
     - Improved documentation
 
 # 0.0.0.1
+
     - Improved documentation
 
 # 0.0.0.0

filepath-crypto/filepath-crypto.cabal

@@ -0,0 +1,51 @@
+cabal-version: 1.12
+
+-- This file has been generated from package.yaml by hpack version 0.33.0.
+--
+-- see: https://github.com/sol/hpack
+--
+-- hash: 2e91d9536d44bca5e2a2633264a1def3fa433a473b33f87f19b9ddffd8bea9f2
+
+name:           filepath-crypto
+version:        0.1.0.0
+synopsis:       Reversable and secure encoding of object ids as filepaths
+category:       cryptography
+author:         Gregor Kleen <aethoago@141.li>
+maintainer:     Gregor Kleen <aethoago@141.li>
+license:        BSD3
+license-file:   LICENSE
+build-type:     Simple
+extra-source-files:
+    changes.md
+
+source-repository head
+  type: git
+  location: https://git.rheperire.org/cryptoids/filepath-crypto
+
+library
+  exposed-modules:
+      System.FilePath.Cryptographic
+      System.FilePath.Cryptographic.ImplicitNamespace
+      Data.Binary.SerializationLength
+      Data.Binary.SerializationLength.TH
+  other-modules:
+      Data.Binary.SerializationLength.Class
+      Paths_filepath_crypto
+  hs-source-dirs:
+      src
+  default-extensions: KindSignatures ViewPatterns FlexibleContexts GeneralizedNewtypeDeriving PatternGuards RecordWildCards DataKinds DeriveDataTypeable DeriveGeneric FlexibleInstances MultiParamTypeClasses TypeFamilies ConstraintKinds
+  other-extensions: ScopedTypeVariables
+  ghc-options: -Wall -fno-warn-name-shadowing
+  build-depends:
+      base >=4.9 && <5
+    , base32 <0.3.0.0
+    , binary >=0.8.3 && <0.11
+    , bytestring >=0.10.8 && <0.11
+    , case-insensitive >=1.2.0 && <1.3
+    , cryptoids >=0.5 && <0.6
+    , cryptoids-class >=0.0.0 && <0.1
+    , cryptoids-types >=0.0.0 && <1.1
+    , exceptions >=0.8.3 && <0.11
+    , filepath >=1.4.1 && <1.5
+    , template-haskell >=2.11.1 && <2.16
+  default-language: Haskell2010

filepath-crypto/package.yaml

@@ -29,17 +29,17 @@ ghc-options:
   - -Wall
   - -fno-warn-name-shadowing
 dependencies:
-  - base
-  - cryptoids-types
-  - cryptoids-class
-  - cryptoids
-  - filepath
-  - sandi
-  - case-insensitive
-  - binary
-  - bytestring
-  - exceptions
-  - template-haskell
+  - base >=4.9 && <5
+  - cryptoids-types >=0.0.0 && <1.1
+  - cryptoids-class >=0.0.0 && <0.1
+  - cryptoids >=0.5 && <0.6
+  - filepath >=1.4.1 && <1.5
+  - case-insensitive >=1.2.0 && <1.3
+  - binary >=0.8.3 && <0.11
+  - bytestring >=0.10.8 && <0.11
+  - exceptions >=0.8.3 && <0.11
+  - template-haskell >=2.11.1 && <2.16
+  - base32 <0.3.0.0
 
 library:
   source-dirs: src

filepath-crypto/src/System/FilePath/Cryptographic.hs

@@ -44,7 +44,7 @@ import Data.CryptoID.Class (HasCryptoID)
 import qualified Data.CryptoID.Class as Class (HasCryptoID(..))
 
 import System.FilePath (FilePath)
-import qualified Codec.Binary.Base32 as Base32
+import Data.ByteString.Base32
 import Data.CaseInsensitive (CI)
 import qualified Data.CaseInsensitive as CI
 import Data.Binary
@@ -90,7 +90,7 @@ encrypt = Poly.encrypt determineLength $ return . encode
       unless (fromIntegral l == natVal (Proxy :: Proxy (SerializationLength a))) $
         throwM $ CiphertextConversionFailed str
       return . Just $ paddedLength l
-    encode str = CI.mk . dropWhileEnd (== '=') . ByteString.Char8.unpack $ Base32.encode str
+    encode str = CI.mk . ByteString.Char8.unpack $ encodeBase32Unpadded' str
 
 
 -- | Decrypt an arbitrary serializable value
@@ -102,14 +102,8 @@ decrypt :: forall a m namespace.
            ( KnownSymbol namespace
            , Binary a
            , MonadThrow m
-           , HasFixedSerializationLength a
            ) => CryptoIDKey -> CryptoFileName namespace -> m a
-decrypt = Poly.decrypt $ (\str -> either (const . throwM $ CiphertextConversionFailed str) return $ Base32.decode str) . ByteString.Char8.pack . padding (natVal (Proxy :: Proxy (SerializationLength a))) . map toUpper . CI.original
-  where
-    padding l str = str ++ replicate (genericIndex paddingTable $ l' `mod` 5) '='
-      where
-        l' = paddedLength l
-    paddingTable = [0, 6, 4, 3, 1]
+decrypt = Poly.decrypt $ (\str -> either (const . throwM $ CiphertextConversionFailed str) return $ decodeBase32Unpadded str) . ByteString.Char8.pack . map toUpper . CI.original
 
 instance ( MonadCrypto m
          , MonadCryptoKey m ~ CryptoIDKey

stack.nix

@@ -4,10 +4,7 @@ let
   inherit (nixpkgs) haskell pkgs;
 in haskell.lib.buildStackProject {
   inherit ghc;
-  name = ''stackenv-uuid-crypto'';
+  name = ''stackenv-cryptoids'';
   buildInputs = with pkgs;
-    [ postgresql zlib.dev ncurses.dev
-      haskellPackages.yesod-bin haskellPackages.happy
-      haskellPackages.alex
-    ];
+    [];
 }

stack.yaml

@@ -15,7 +15,8 @@
 # resolver:
 #  name: custom-snapshot
 #  location: "./custom-snapshot.yaml"
-resolver: lts-10.3
+resolver: lts-13.22
+#resolver: nightly-2018-02-24
 
 # User packages to be built.
 # Various formats can be used as shown in the example below.
@@ -44,7 +45,7 @@ packages:
 # Dependency packages to be pulled from upstream that are not in the resolver
 # (e.g., acme-missiles-0.3)
 extra-deps:
-  - regex-compat-0.93.1
+  - sandi-0.5
 
 # Override default flag values for local packages and extra-deps
 flags: {}

stack.yaml.lock

@@ -0,0 +1,19 @@
+# This file was autogenerated by Stack.
+# You should not edit this file by hand.
+# For more information, please see the documentation at:
+#   https://docs.haskellstack.org/en/stable/lock_files
+
+packages:
+- completed:
+    hackage: sandi-0.5@sha256:b278d072ca717706ea38f9bd646e023f7f2576a778fb43565b434f93638849aa,3010
+    pantry-tree:
+      size: 3455
+      sha256: 5ca7ce4bc22ab9d4427bb149b5e283ab9db43375df14f7131fdfd48775f36350
+  original:
+    hackage: sandi-0.5
+snapshots:
+- completed:
+    size: 498186
+    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/13/22.yaml
+    sha256: d4f07dc3d5658260c2fe34266ad7618f6c84d34decf559c9c786ac1cfccf4e7b
+  original: lts-13.22

uuid-crypto/changes.md

@@ -1,26 +1,34 @@
 # 1.4.0.0
+
     - Add support for 'cryptoids-class'
 
 # 1.3.1.0
+
     - Fix documentation mistake
     - Bump @cryptoids@ to @0.4.0.*@
 
 # 1.3.0.1
+
     - Fix documentation typo
 
 # 1.3.0.0
+
     - Fix decryption
 
 # 1.2.0.0
+
     - Pad plaintext before encryption, allowing encryption of payloads shorter than 128 bits
 
 # 1.1.1.0
+
     - Switch to using the new 'Data.CryptoID.Poly'
 
 # 1.1.0.1
+
     - Update version constraint on @cryptoids@
 
 # 1.1.0
+
     - Switch to using 'MonadThrow' instead of 'MonadError'
 
 # 1.0.0

uuid-crypto/package.yaml

@@ -29,14 +29,14 @@ ghc-options:
   - -Wall
   - -fno-warn-name-shadowing
 dependencies:
-  - base
-  - cryptoids-types
-  - cryptoids-class
-  - cryptoids
-  - uuid
-  - binary
-  - bytestring
-  - exceptions
+  - base >=4.9 && <5
+  - cryptoids-types >=0.0.0 && <1.1
+  - cryptoids-class >=0.0.0 && <0.1
+  - cryptoids >=0.5 && <0.6
+  - uuid >=1.3.13 && <1.4
+  - bytestring >=0.10.8 && <0.11
+  - binary >=0.8.3 && <0.11
+  - exceptions >=0.8.3 && <0.11
 
 library:
   source-dirs: src

uuid-crypto/uuid-crypto.cabal

@@ -0,0 +1,45 @@
+cabal-version: 1.12
+
+-- This file has been generated from package.yaml by hpack version 0.33.0.
+--
+-- see: https://github.com/sol/hpack
+--
+-- hash: 436d8bb40fa1a295d05fc5cc2352580727cbe146ebde3b4d2d256b5e15160ee6
+
+name:           uuid-crypto
+version:        1.4.0.0
+synopsis:       Reversable and secure encoding of object ids as uuids
+category:       cryptography
+author:         Gregor Kleen <aethoago@141.li>
+maintainer:     Gregor Kleen <aethoago@141.li>
+license:        BSD3
+license-file:   LICENSE
+build-type:     Simple
+extra-source-files:
+    changes.md
+
+source-repository head
+  type: git
+  location: https://git.rheperire.org/cryptoids/uuid-crypto
+
+library
+  exposed-modules:
+      Data.UUID.Cryptographic
+      Data.UUID.Cryptographic.ImplicitNamespace
+  other-modules:
+      Paths_uuid_crypto
+  hs-source-dirs:
+      src
+  default-extensions: KindSignatures ViewPatterns FlexibleContexts GeneralizedNewtypeDeriving PatternGuards RecordWildCards DataKinds DeriveDataTypeable DeriveGeneric FlexibleInstances MultiParamTypeClasses TypeFamilies ConstraintKinds
+  other-extensions: ScopedTypeVariables
+  ghc-options: -Wall -fno-warn-name-shadowing
+  build-depends:
+      base >=4.9 && <5
+    , binary >=0.8.3 && <0.11
+    , bytestring >=0.10.8 && <0.11
+    , cryptoids >=0.5 && <0.6
+    , cryptoids-class >=0.0.0 && <0.1
+    , cryptoids-types >=0.0.0 && <1.1
+    , exceptions >=0.8.3 && <0.11
+    , uuid >=1.3.13 && <1.4
+  default-language: Haskell2010