Rework Poly to admit more encodings

2017-10-25 22:05:15 +02:00 · 2017-10-25 22:05:15 +02:00 · 66cb9f261f
commit 66cb9f261f
parent 3f453d907a
7 changed files with 22 additions and 15 deletions
--- a/cryptoids/changes.md
+++ b/cryptoids/changes.md
@ -1,3 +1,7 @@
 # 0.4.0.0
    - Expose 'cipherBlockSize'
    - Adjust 'Data.CryptoID.Poly' to allow for more dynamic padding
 # 0.3.0.0
    - Better exception type (does no longer leak private information)
    - 'Data.CryptoID.Poly' now supports padding the plaintext to a certain length before encryption
--- a/cryptoids/cryptoids.cabal
+++ b/cryptoids/cryptoids.cabal
@ -1,5 +1,5 @@
 name:                cryptoids
-version:             0.3.0.0
+version:             0.4.0.0
 synopsis:            Reversable and secure encoding of object ids as a bytestring
 license:             BSD3
 license-file:        LICENSE
--- a/cryptoids/src/Data/CryptoID/ByteString.hs
+++ b/cryptoids/src/Data/CryptoID/ByteString.hs
@ -20,6 +20,7 @@ module Data.CryptoID.ByteString
  , decrypt
  , CryptoIDError(..)
  , CryptoCipher, CryptoHash
  , cipherBlockSize
  ) where
 import Data.CryptoID
@ -32,8 +33,6 @@ import Data.ByteString (ByteString)
 import qualified Data.ByteString as ByteString
 import qualified Data.ByteString.Char8 as ByteString.Char
 import qualified Data.ByteString.Lazy as Lazy (ByteString)
 import Data.List (sortOn)
 import Data.Ord (Down(..))
@ -71,6 +70,10 @@ type CryptoCipher = Blowfish
 --
 -- Violation of this expectation causes runtime errors.
 type CryptoHash   = SHAKE128 64
 cipherBlockSize :: Int
 cipherBlockSize = blockSize (undefined :: CryptoCipher)
 -- | This newtype ensures only keys of the correct length can be created
@ -209,4 +212,3 @@ decrypt (keyMaterial -> key) CryptoID{..} = do
  cipher <- cryptoFailable (cipherInit key :: CryptoFailable CryptoCipher)
  namespace <- namespace' (Proxy :: Proxy namespace)
  return $ cbcDecrypt cipher namespace ciphertext
--- a/cryptoids/src/Data/CryptoID/Poly.hs
+++ b/cryptoids/src/Data/CryptoID/Poly.hs
@ -54,16 +54,16 @@ encrypt :: forall a m c namespace.
           ( KnownSymbol namespace
           , MonadThrow m
           , Binary a
-           ) => Maybe Int -- ^ Ensure the resulting ciphertext is of this size (needs to be a multiple of the block size of 'CryptoCipher' in bytes, otherwise an exception will be thrown at runtime)
+           ) => (ByteString -> m (Maybe Int)) -- ^ Ensure the resulting ciphertext is of the provided length (needs to be a multiple of the block size of 'CryptoCipher' in bytes, otherwise an exception will be thrown at runtime). The computation has access to the serialized plaintext
        -> (ByteString -> m c)
        -> CryptoIDKey
        -> a
        -> m (CryptoID namespace c)
-encrypt pLength encode' key plaintext = do
+encrypt pLength' encode' key plaintext = do
-  cID <- ByteString.encrypt key <=< pad . Lazy.ByteString.toStrict $ encode plaintext
+  cID <- ByteString.encrypt key <=< (\str -> pad str =<< pLength' str) . Lazy.ByteString.toStrict $ encode plaintext
  _ciphertext encode' cID
  where
-    pad str
+    pad str pLength
      | Just l <- pLength
      , l' <= l           = return $ str <> ByteString.replicate (l - l') 0
      | Just _ <- pLength = throwM $ CiphertextConversionFailed str
--- a/uuid-crypto/changes.md
+++ b/uuid-crypto/changes.md
@ -1,3 +1,7 @@
 # 1.3.1.0
    - Fix documentation mistake
    - Bump @cryptoids@ to @0.4.0.*@
 # 1.3.0.1
    - Fix documentation typo
--- a/uuid-crypto/src/Data/UUID/Cryptographic.hs
+++ b/uuid-crypto/src/Data/UUID/Cryptographic.hs
@ -44,16 +44,13 @@ type CryptoUUID (namespace :: Symbol) = CryptoID namespace UUID
 -- | Encrypt an arbitrary serializable value
 --
 -- We only expect to fail if the given value is not serialized in such a fashion
-- that it fits within one 'CryptoCipher'-block.
+-- that it fits within 128 bits (the length of an 'UUID').
 --
 -- Larger values could likely not be contained wholly within 128 bits (the size
 -- of an 'UUID') in any case.
 encrypt :: forall a m namespace.
           ( KnownSymbol namespace
           , Binary a
           , MonadThrow m
           ) => CryptoIDKey -> a -> m (CryptoUUID namespace)
-encrypt = Poly.encrypt (Just 16) $ \str -> maybe (throwM $ CiphertextConversionFailed str) return . fromByteString $ Lazy.ByteString.fromStrict str
+encrypt = Poly.encrypt (const . return $ Just 16) $ \str -> maybe (throwM $ CiphertextConversionFailed str) return . fromByteString $ Lazy.ByteString.fromStrict str
 -- | Decrypt an arbitrary serializable value
--- a/uuid-crypto/uuid-crypto.cabal
+++ b/uuid-crypto/uuid-crypto.cabal
@ -1,5 +1,5 @@
 name:                uuid-crypto
-version:             1.3.0.1
+version:             1.3.1.0
 synopsis:            Reversable and secure encoding of object ids as uuids
 license:             BSD3
 license-file:        LICENSE
@ -28,7 +28,7 @@ library
  other-extensions:    ScopedTypeVariables
  build-depends:       base            >=4.9      && <4.11
                     , cryptoids-types ==0.0.0
-                     , cryptoids       ==0.3.0.*
+                     , cryptoids       ==0.4.0.*
                     , uuid            >=1.3.13   && <1.4
                     , binary          >=0.8.3.0  && <0.9
                     , bytestring      >=0.10.8.1 && <0.11