From 4e06e3e0687cde8da7bf29681390916ed631df19 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Tue, 9 May 2023 09:17:11 -0400
Subject: [PATCH] Comment each field of Share and change some representations.

* We can always interpret the IV so represent it using the IV type instead of
  as bytes.

* We cannot interpret the private key without its decryption key so represent
  its encrypted form as bytes.
---
 src/Tahoe/SDMF/Internal/Share.hs | 59 +++++++++++++++++++++-----------
 tahoe-ssk.cabal                  |  2 ++
 2 files changed, 41 insertions(+), 20 deletions(-)

diff --git a/src/Tahoe/SDMF/Internal/Share.hs b/src/Tahoe/SDMF/Internal/Share.hs
index c31124d..9f2dba0 100644
--- a/src/Tahoe/SDMF/Internal/Share.hs
+++ b/src/Tahoe/SDMF/Internal/Share.hs
@@ -1,34 +1,53 @@
 -- | Deal with details related to the structural layout of an SDMF share.
 module Tahoe.SDMF.Internal.Share where
 
+import Crypto.Cipher.AES (AES128)
+import Crypto.Types (IV)
 import qualified Crypto.Types.PubKey.RSA as RSA
 import qualified Data.ByteString as B
 import qualified Data.ByteString.Lazy as LB
-import Data.Word (Word32, Word64, Word8)
+import Data.Word (Word64, Word8)
 import Tahoe.CHK.Merkle (MerkleTree)
 
-{- | Structured representation of a single version 0 SDMF share.
+{- | Structured representation of a single version SDMF share.
 
  See Tahoe-LAFS "mutable" specification document, section title "SDMF Slot
  Format".
+
+ Since the only version of SDMF that is specified uses version 0, this
+ implicitly represents a version 0 SDMF.  If new versions of SDMF are
+ specified then new constructors may be added.
 -}
 data Share = Share
-    { shareSequenceNumber :: Word64
-    , shareRootHash :: B.ByteString
-    , shareIV :: B.ByteString
-    , shareTotalShares :: Word8
-    , shareRequiredShares :: Word8
-    , shareSegmentSize :: Word64
-    , shareDataLength :: Word8
-    , shareOffsetSignature :: Word32
-    , shareOffsetShareHashChain :: Word32
-    , shareOffsetData :: Word32
-    , shareOffsetEncryptedPrivateKey :: Word64
-    , shareOffsetEOF :: Word64
-    , shareVerificationKey :: RSA.PublicKey
-    , shareSignature :: B.ByteString
-    , shareHashChain :: [(Word8, B.ByteString)]
-    , shareBlockHashTree :: MerkleTree
-    , shareData :: LB.ByteString
-    , sharePrivateKey :: RSA.PrivateKey
+    { -- | sequence number. 2^64-1 must be handled specially, TBD
+      shareSequenceNumber :: Word64
+    , -- | "R" (root of share hash merkle tree)
+      shareRootHash :: B.ByteString
+    , -- | The IV for encryption of share data.
+      shareIV :: IV AES128
+    , -- | The total number of encoded shares (k).
+      shareTotalShares :: Word8
+    , -- | The number of shares required for decoding (N).
+      shareRequiredShares :: Word8
+    , -- | The size of a single ciphertext segment.
+      shareSegmentSize :: Word64
+    , -- | The length of the original plaintext.
+      shareDataLength :: Word8
+    , -- | The 2048 bit "verification" RSA key.
+      shareVerificationKey :: RSA.PublicKey
+    , -- | The RSA signature of
+      -- H('\x00'+shareSequenceNumber+shareRootHash+shareIV+encoding
+      -- parameters) where '\x00' gives the version of this share format (0)
+      -- and the encoding parameters are a certain serialization of
+      -- shareRequiredShares and shareTotalShares.
+      shareSignature :: B.ByteString
+    , -- | The share numbers and shareRootHash values which are required to
+      -- ... something about verification I dunno. XXX
+      shareHashChain :: [(Word8, B.ByteString)]
+    , -- | A merkle tree where leaves are the hashes of the blocks in this share.
+      shareBlockHashTree :: MerkleTree
+    , -- | The share data (erasure encoded ciphertext).
+      shareData :: LB.ByteString
+    , -- | The encrypted 2048 bit "signature" RSA key.
+      shareEncryptedPrivateKey :: B.ByteString
     }
diff --git a/tahoe-ssk.cabal b/tahoe-ssk.cabal
index de3a3f9..742d149 100644
--- a/tahoe-ssk.cabal
+++ b/tahoe-ssk.cabal
@@ -68,7 +68,9 @@ library
   build-depends:
     , base
     , bytestring
+    , crypto-api
     , crypto-pubkey-types
+    , cryptonite
 
   -- This dependency isn't ideal.  Move common bits out to
   -- another library.
-- 
GitLab