From 72bddb2dbb90c044aba33304ed2712fc6ef9c8b4 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Mon, 15 May 2023 13:22:56 -0400
Subject: [PATCH] some more comments

---
 src/Tahoe/SDMF/Internal/Encoding.hs   | 9 ++++++++-
 src/Tahoe/SDMF/Internal/Encrypting.hs | 7 +++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/Tahoe/SDMF/Internal/Encoding.hs b/src/Tahoe/SDMF/Internal/Encoding.hs
index 298d1b5..9df4d7e 100644
--- a/src/Tahoe/SDMF/Internal/Encoding.hs
+++ b/src/Tahoe/SDMF/Internal/Encoding.hs
@@ -1,3 +1,6 @@
+{- | Implement the scheme for encoding ciphertext into SDMF shares (and
+ decoding it again).
+-}
 module Tahoe.SDMF.Internal.Encoding where
 
 import Control.Monad.IO.Class (MonadIO (liftIO))
@@ -5,7 +8,6 @@ import Crypto.Cipher.AES (AES128)
 import Crypto.Cipher.Types (BlockCipher (blockSize), IV, makeIV)
 import Crypto.Random (MonadRandom (getRandomBytes))
 import Data.Bifunctor (Bifunctor (bimap))
-import qualified Data.ByteArray as ByteArray
 import qualified Data.ByteString as B
 import qualified Data.ByteString.Lazy as LB
 import qualified Data.Text as T
@@ -74,6 +76,11 @@ makeShare shareSequenceNumber shareIV shareRequiredShares shareTotalShares share
     shareHashChain = HashChain []
     shareBlockHashTree = MerkleLeaf (B.replicate 32 0) -- XXX Real hash here, plus length check
 
+{- | Decode some SDMF shares to recover the original ciphertext.
+
+ TODO: Use the read capability to verify the shares were constructed with
+ information from the matching write capability.
+-}
 decode :: (MonadFail m, MonadIO m) => Reader -> [(Word16, Share)] -> m LB.ByteString
 decode _ [] = fail "Cannot decode with no shares"
 decode _ s@((_, Share{shareRequiredShares, shareTotalShares, shareDataLength}) : shares)
diff --git a/src/Tahoe/SDMF/Internal/Encrypting.hs b/src/Tahoe/SDMF/Internal/Encrypting.hs
index 27ff29a..b3b1db8 100644
--- a/src/Tahoe/SDMF/Internal/Encrypting.hs
+++ b/src/Tahoe/SDMF/Internal/Encrypting.hs
@@ -1,11 +1,18 @@
+-- | Implement the encryption scheme used by SDMF.
 module Tahoe.SDMF.Internal.Encrypting where
 
 import Crypto.Cipher.Types (ctrCombine, nullIV)
 import qualified Data.ByteString.Lazy as LB
 import qualified Tahoe.SDMF.Internal.Keys as Keys
 
+{- | Encrypt plaintext bytes according to the scheme used for SDMF share
+ construction.
+-}
 encrypt :: Keys.Data -> LB.ByteString -> LB.ByteString
 encrypt Keys.Data{unData} = LB.fromStrict . ctrCombine unData nullIV . LB.toStrict
 
+{- | Decrypt ciphertext bytes according to the scheme used for SDMF share
+ construction.
+-}
 decrypt :: Keys.Data -> LB.ByteString -> LB.ByteString
 decrypt = encrypt
-- 
GitLab