diff --git a/src/Tahoe/SDMF/Internal/Encoding.hs b/src/Tahoe/SDMF/Internal/Encoding.hs
index f7c5c89fa248d61b28d0600f8183533d98f49d1b..298d1b5f5b4fe302443443a89ba912ae4b08e946 100644
--- a/src/Tahoe/SDMF/Internal/Encoding.hs
+++ b/src/Tahoe/SDMF/Internal/Encoding.hs
@@ -30,7 +30,7 @@ randomIV = (makeIV :: B.ByteString -> Maybe (IV AES128)) <$> getRandomBytes (blo
-}
encode :: (MonadFail m, MonadIO m, MonadRandom m) => Keys.KeyPair -> Word64 -> Word16 -> Word16 -> LB.ByteString -> m ([Share], Writer)
encode keypair shareSequenceNumber required total ciphertext = do
- blocks <- liftIO $ fmap LB.fromStrict <$> zfec (fromIntegral required) (fromIntegral total) (LB.toStrict $ padCiphertext required ciphertext)
+ blocks <- liftIO $ fmap LB.fromStrict <$> zfec (fromIntegral required) (fromIntegral total) paddedCiphertext
(Just iv) <- randomIV
@@ -51,6 +51,7 @@ encode keypair shareSequenceNumber required total ciphertext = do
resultE = (traverse . flip fmap) encryptedPrivateKey makeShare''
either (fail . T.unpack) pure ((,) <$> resultE <*> cap)
where
+ paddedCiphertext = LB.toStrict $ padCiphertext required ciphertext
-- We can compute a capability immediately.
cap = capabilityForKeyPair keypair
encryptedPrivateKey = flip Keys.encryptSignatureKey (Keys.toSignatureKey keypair) <$> (writerWriteKey <$> cap)
@@ -65,21 +66,21 @@ makeShare ::
B.ByteString ->
LB.ByteString ->
Share
-makeShare shareSequenceNumber shareIV shareRequiredShares shareTotalShares shareSegmentSize shareVerificationKey shareEncryptedPrivateKey shareData = Share{..}
+makeShare shareSequenceNumber shareIV shareRequiredShares shareTotalShares shareDataLength shareVerificationKey shareEncryptedPrivateKey shareData = Share{..}
where
shareRootHash = B.replicate 32 0
- shareDataLength = fromIntegral $ LB.length shareData -- XXX Partial
+ shareSegmentSize = fromIntegral $ LB.length shareData -- XXX Partial
shareSignature = B.replicate 32 0 -- XXX Actually compute sig, and is it 32 bytes?
shareHashChain = HashChain []
shareBlockHashTree = MerkleLeaf (B.replicate 32 0) -- XXX Real hash here, plus length check
decode :: (MonadFail m, MonadIO m) => Reader -> [(Word16, Share)] -> m LB.ByteString
decode _ [] = fail "Cannot decode with no shares"
-decode _ s@((_, Share{shareRequiredShares, shareTotalShares, shareSegmentSize}) : shares)
+decode _ s@((_, Share{shareRequiredShares, shareTotalShares, shareDataLength}) : shares)
| length s < fromIntegral shareRequiredShares = fail $ "got " <> show (length shares) <> " shares, required " <> show shareRequiredShares
| otherwise = do
ciphertext <- liftIO $ zunfec (fromIntegral shareRequiredShares) (fromIntegral shareTotalShares) (take (fromIntegral shareRequiredShares) blocks)
- pure . LB.take (fromIntegral shareSegmentSize) . LB.fromStrict $ ciphertext
+ pure . LB.take (fromIntegral shareDataLength) . LB.fromStrict $ ciphertext
where
blocks = bimap fromIntegral (LB.toStrict . shareData) <$> s
diff --git a/src/Tahoe/SDMF/Internal/Share.hs b/src/Tahoe/SDMF/Internal/Share.hs
index 2931fce95fde6459eb6652a57236e33031b13ea3..e01b8b4e4b874ec6a581e92e62ee49fed16bd1f9 100644
--- a/src/Tahoe/SDMF/Internal/Share.hs
+++ b/src/Tahoe/SDMF/Internal/Share.hs
@@ -63,7 +63,8 @@ data Share = Share
shareTotalShares :: Word8
, -- | The number of shares required for decoding (N).
shareRequiredShares :: Word8
- , -- | The size of a single ciphertext segment.
+ , -- | The size of a single ciphertext segment. This differs from
+ -- shareDataLength in that it includes padding.
shareSegmentSize :: Word64
, -- | The length of the original plaintext.
shareDataLength :: Word64