mumble keys mumble encryption

need to move the key stuff to a new branch and finish it on its own probably

src/Tahoe/SDMF/Internal/Capability.hs

 module Tahoe.SDMF.Internal.Capability where
 
 import Crypto.Cipher.AES128 (AESKey128)
+import Crypto.Classes (buildKey)
+import Crypto.Types (IV)
 import qualified Data.ByteString as B
 import Data.Serialize (encode)
-import Tahoe.CHK.Crypto (taggedHash)
+import Tahoe.CHK.Crypto (taggedHash, taggedPairHash)
 
 data Reader = Reader
     { readerReadKey :: B.ByteString
@@ -25,3 +27,19 @@ readKeyLength = 32
 
 mutableReadKeyTag :: B.ByteString
 mutableReadKeyTag = "allmydata_mutable_writekey_to_readkey_v1"
+
+{- | Compute the encryption (and decryption) key used to convert the
+ application payload plaintext to ciphertext and back again.
+-}
+deriveEncryptionKey :: MonadFail m => Reader -> IV AESKey128 -> m AESKey128
+deriveEncryptionKey Reader{readerReadKey} iv = do
+    let k = buildKey $ taggedPairHash encryptionKeyLength mutableDataKeyTag readerReadKey (encode iv)
+    case k of
+        Nothing -> fail "Could not build AESKey128 when deriving encryption key"
+        Just key -> pure key
+
+mutableDataKeyTag :: B.ByteString
+mutableDataKeyTag = "allmydata_mutable_readkey_to_datakey_v1"
+
+encryptionKeyLength :: Int
+encryptionKeyLength = 16

src/Tahoe/SDMF/Internal/Encoding.hs

@@ -92,10 +92,6 @@ capabilityForKeyPair keypair =
     verificationKeyHash = hashVerificationKey . RSA.toPublicKey $ keypair
     writerReader = deriveReader <$> writerWriteKey <*> pure verificationKeyHash
 
--- | Compute the write key for a given signature key for an SDMF share.
-deriveWriteKey :: RSA.PrivateKey -> Maybe AESKey128
-deriveWriteKey = buildKey . taggedHash writeKeyLength mutableWriteKeyTag . signatureKeyToBytes
-
 maybeToEither :: a -> Maybe b -> Either a b
 maybeToEither a Nothing = Left a
 maybeToEither _ (Just b) = Right b

src/Tahoe/SDMF/Internal/Encrypting.hs

+module Tahoe.SDMF.Internal.Encrypting where
+
+encrypt :: LB.ByteString -> LB.ByteString

src/Tahoe/SDMF/Internal/Keys.hs

+module Tahoe.SDMF.Internal.Keys where
+
+import Prelude hiding (Read)
+
+import Codec.Crypto.RSA (generateKeyPair)
+import Crypto.Cipher.AES128 (AESKey128)
+import qualified Crypto.PubKey.RSA.Types as RSA
+import "crypto-api" Crypto.Random (SystemRandom, newGenIO)
+import qualified Data.ByteString as B
+import Tahoe.CHK.Server (StorageServerID)
+
+newtype Pair = Pair {unPair :: RSA.KeyPair}
+newtype Verification = Verification {unVerification :: RSA.PublicKey}
+newtype Signature = Signature {unSignature :: RSA.PrivateKey}
+newtype Write = Write {unWrite :: AESKey128}
+newtype Read = Read {unRead :: AESKey128}
+newtype StorageIndex = StorageIndex {unStorageIndex :: B.ByteString}
+
+newtype WriteEnablerMaster = WriteEnablerMaster B.ByteString
+data WriteEnabler = WriteEnabler StorageServerID B.ByteString
+
+newtype Encryption = Encryption AESKey128
+
+-- | The size of the keys to generate.
+bits :: Int
+bits = 2048
+
+{- | Create a new, random key pair (public/private aka verification/signature)
+ of the appropriate type and size for SDMF encryption.
+-}
+newKeyPair :: IO Pair
+newKeyPair = do
+    g <- newGenIO :: IO SystemRandom
+    let (_, priv, _) = generateKeyPair g bits
+    pure . Pair . RSA.KeyPair $ priv
+
+-- | Compute the write key for a given signature key for an SDMF share.
+deriveWriteKey :: Signature -> Maybe Write
+deriveWriteKey = buildKey . taggedHash writeKeyLength mutableWriteKeyTag . signatureKeyToBytes . unSignature
+
+-- | Compute the read key for a given signature key for an SDMF share.
+deriveReadKey :: Write -> Maybe Read
+deriveReadKey = buildKey . taggedHash readKeyLength mutableReadKeyTag . encode . unWrite

tahoe-ssk.cabal

@@ -65,6 +65,7 @@ library
     Tahoe.SDMF
     Tahoe.SDMF.Internal.Capability
     Tahoe.SDMF.Internal.Encoding
+    Tahoe.SDMF.Internal.Keys
     Tahoe.SDMF.Internal.Share
 
   build-depends:
@@ -91,6 +92,7 @@ library
     GeneralizedNewtypeDeriving
     NamedFieldPuns
     OverloadedStrings
+    PackageImports
     RecordWildCards
 
   default-language:   Haskell2010

test/Spec.hs

@@ -50,6 +50,9 @@ tests =
 
                 recovered <- Tahoe.SDMF.decode writerReader (zip [0 ..] shares')
                 diff ciphertext (==) recovered
+        , testProperty "Plaintext round-trips through encrypt . decrypt" $
+            property $
+                do
         ]
 
 {- | Load a known-correct SDMF bucket and assert that bytes in the slot it