diff --git a/CHANGELOG.md b/CHANGELOG.md
index d6eb434a857498b2ea11a1f5c82b72a6a4e5527c..5dd0a736111452bf755a2a9bdf34d41abec16bb8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,19 @@
-# Revision history for tahoe-ssk
+# Changelog for tahoe-ssk
-## 0.1.0.0 -- YYYY-mm-dd
+## 0.2.1.0
-* First version. Released on an unsuspecting world.
+* Add Ord instances for StorageIndex, Verifier, Reader, and Writer.
+* Add ConfidentialShowable instances for SDMF, Verifier, Reader, and Writer.
+* Deprecate dangerRealShow.
+
+## 0.2.0.0
+
+* Add the IV as a parameter to Tahoe.SDMF.encode.
+ The IV must be the value used to create the ciphertext so Tahoe.SDMF.encode cannot randomly generate one.
+* Add Tahoe.SDMF.randomIV for randomly generating a new IV.
+
+## 0.1.0.0
+
+* Initial release.
+* Very basic non-verifying decoding support.
+* Enough encoding support for simple round-trip tests for the decoding functionality.
diff --git a/ChangeLog.rst b/ChangeLog.rst
deleted file mode 100644
index 32a4fc8e6f1b77956a663aa5a541c5692c19e467..0000000000000000000000000000000000000000
--- a/ChangeLog.rst
+++ /dev/null
@@ -1,16 +0,0 @@
-Changelog for tahoe-ssk
-=======================
-
-0.2.0.0
--------
-
-* Add the IV as a parameter to Tahoe.SDMF.encode.
- The IV must be the value used to create the ciphertext so Tahoe.SDMF.encode cannot randomly generate one.
-* Add Tahoe.SDMF.randomIV for randomly generating a new IV.
-
-0.1.0.0
--------
-
-* Initial release.
-* Very basic non-verifying decoding support.
-* Enough encoding support for simple round-trip tests for the decoding functionality.
diff --git a/LICENSE b/LICENSE
index 7e5ffdaf3e86a33150a46b86a1e32aa00ecd5aa8..6eae75578178fa08588f3c8edc1c2e99ef7117f1 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,4 +1,5 @@
-Copyright (c) 2023, PrivateStorage.io Inc.
+Copyright 2023
+Jean-Paul Calderone
All rights reserved.
diff --git a/README.md b/README.md
index c6c90a641e67bb4d1f31bb563ae01d7eaa4c9851..2a9f903c6bf7a4214edc13ea7f077a693d6b28e5 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,7 @@ However, its APIs are intended to be easy to integrate with such an implementati
* SDMF write, read, and verify capabilities can be parsed and serialized.
* SDMF shares can be deserialized, decoded, and decrypted.
+ * The cryptographic integrity and authenticity is not verified.
* Plaintext can be encrypted, encoded into shares, and the shares serialized to bytes.
* Not all fields of the shares contain correctly initialized values.
* Enough fields are correctly populated to recover the original plaintext.
diff --git a/flake.lock b/flake.lock
index e3c3233096af1d811160f64a5fff53f189cea36d..17b6fae41c1253ed5ed7f7d73569158bcc7b662f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -216,11 +216,11 @@
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
- "lastModified": 1686149618,
- "narHash": "sha256-/IHWacNutk3tklouWOgClp7FnOH+Yk6If13kKJMSEi8=",
+ "lastModified": 1692187439,
+ "narHash": "sha256-m7c4EPFWmB1OmV3dSYQk2qtXR53xOjZdLCjMtzHSK34=",
"ref": "main",
- "rev": "49696f704eb965f57d729871c6d450ac0aff2b68",
- "revCount": 12,
+ "rev": "408f3deab2e2f6ae60349776dde02c44f71fb386",
+ "revCount": 16,
"type": "git",
"url": "https://whetstone.private.storage/jcalderone/hs-flake-utils.git"
},
diff --git a/flake.nix b/flake.nix
index 9ee3d72aabb1d248a287ae32ffe927047cf85166..4fe75f92082b0c4a95343044a9db510b032380b4 100644
--- a/flake.nix
+++ b/flake.nix
@@ -79,23 +79,10 @@
}/bin/generate-cabal-project";
};
- # Using the working directory of `nix run`, do a build with cabal and
- # then run the test suite.
- apps.cabal-test = {
- type = "app";
- program = "${
- pkgs.writeShellApplication {
- name = "cabal-build-and-test";
- runtimeInputs = with pkgs; [pkg-config haskell.compiler.${ghcVersion} cabal-install];
-
- text = ''
- nix run .#generate-cabal-project
- cabal update hackage.haskell.org
- cabal build all
- cabal run tests
- '';
- }
- }/bin/cabal-build-and-test";
+ apps.cabal-test = hslib.apps.cabal-test {
+ preBuild = "nix run .#generate-cabal-project";
};
+
+ apps.release = hslib.apps.release {};
});
}
diff --git a/tahoe-ssk.cabal b/tahoe-ssk.cabal
index 680c2a2c100e91d0819f393a2b31958f4b47ae81..6eceb3ee18a43068ffecdfa1666efa0d1fa7475f 100644
--- a/tahoe-ssk.cabal
+++ b/tahoe-ssk.cabal
@@ -28,7 +28,9 @@ synopsis:
An implementation of the Tahoe-LAFS SSK cryptographic protocols
-- A longer description of the package.
--- description:
+description:
+ This currently includes a partial implementation of SDMF. A future version
+ may include an implementation of MDMF.
-- URL for the project homepage or repository.
homepage: https://whetstone.private.storage/PrivateStorage/tahoe-ssk
@@ -43,7 +45,7 @@ license-file: LICENSE
author: Jean-Paul Calderone
-- An email address to which users can send suggestions, bug reports, and patches.
-maintainer: jean-paul@private.storage
+maintainer: exarkun@twistedmatrix.com
-- A copyright notice.
-- copyright:
@@ -51,14 +53,34 @@ category: Cryptography,Library,Parsers,Security
build-type: Simple
-- Extra doc files to be distributed with the package, such as a CHANGELOG or a README.
-extra-doc-files: CHANGELOG.md
+extra-doc-files:
+ CHANGELOG.md
+ README.md
-- Extra source files to be distributed with the package, such as examples, or
-- a tutorial module.
extra-source-files:
- ChangeLog.rst
- README.rst
- test/data/*
+ test/data/3of10.0
+ test/data/3of10.1
+ test/data/3of10.2
+ test/data/3of10.3
+ test/data/3of10.4
+ test/data/3of10.5
+ test/data/3of10.6
+ test/data/3of10.7
+ test/data/3of10.8
+ test/data/3of10.9
+ test/data/rsa-privkey-0.der
+ test/data/rsa-privkey-1.der
+ test/data/rsa-privkey-2.der
+ test/data/rsa-privkey-3.der
+ test/data/rsa-privkey-4.der
+ test/data/tahoe-lafs-generated-rsa-privkey.der
+
+source-repository head
+ type: git
+ location:
+ gitlab@whetstone.private.storage:privatestorage/tahoe-ssk.git
common warnings
ghc-options: -Wall -Werror=missing-fields
@@ -93,24 +115,24 @@ library
Tahoe.SDMF.Keys
build-depends:
- , asn1-encoding
- , asn1-types
- , base
- , base32
- , binary
- , bytestring
- , cereal
- , containers
- , cryptonite
- , megaparsec
- , memory
- , tahoe-capabilities
- , text
- , x509
+ , asn1-encoding >=0.9.6 && <0.10
+ , asn1-types >=0.3.4 && <0.4
+ , base >=4.7 && <5
+ , base32 >=0.2.1 && <0.3
+ , binary >=0.8.6 && <0.9
+ , bytestring >=0.10.8.2 && <0.11
+ , cereal >=0.5.8.1 && <0.6
+ , containers >=0.6.0.1 && <0.7
+ , cryptonite >=0.27 && <0.30
+ , megaparsec >=8.0 && <9.3
+ , memory >=0.15 && <0.17
+ , tahoe-capabilities >=0.1 && <0.2
+ , text >=1.2.3.1 && <1.3
+ , x509 >=1.7.5 && <1.8
-- This dependency isn't ideal. Move common bits out to
-- another library.
- build-depends: tahoe-chk
+ build-depends: tahoe-chk >=0.1 && <0.2
test-suite tahoe-ssk-test
import:
@@ -134,24 +156,24 @@ test-suite tahoe-ssk-test
-- Test dependencies.
build-depends:
- , asn1-encoding
- , asn1-types
- , base
- , base32
- , binary
- , bytestring
- , cryptonite
- , hedgehog
- , megaparsec
- , memory
- , tahoe-capabilities
- , tahoe-chk
+ , asn1-encoding >=0.9.6 && <0.10
+ , asn1-types >=0.3.4 && <0.4
+ , base >=4.7 && <5
+ , base32 >=0.2.1 && <0.3
+ , binary >=0.8.6 && <0.9
+ , bytestring >=0.10.8.2 && <0.11
+ , cryptonite >=0.27 && <0.30
+ , hedgehog >=1.0.3 && <1.1
+ , megaparsec >=8.0 && <9.3
+ , memory >=0.15 && <0.17
+ , tahoe-capabilities >=0.1 && <0.2
+ , tahoe-chk >=0.1 && <0.2
, tahoe-ssk
- , tasty
- , tasty-hedgehog
- , tasty-hunit
- , text
- , x509
+ , tasty >=1.2.3 && <1.5
+ , tasty-hedgehog >=1.0.0.2 && <1.2
+ , tasty-hunit >=0.10.0.2 && <0.11
+ , text >=1.2.3.1 && <1.3
+ , x509 >=1.7.5 && <1.8
-- A helper for generating RSA key pairs for use by the test suite.
executable make-keypairs
@@ -162,13 +184,13 @@ executable make-keypairs
main-is: Main.hs
hs-source-dirs: make-keypairs
build-depends:
- , asn1-encoding
- , asn1-types
- , base
- , bytestring
- , cryptonite
+ , asn1-encoding >=0.9.6 && <0.10
+ , asn1-types >=0.3.4 && <0.4
+ , base >=4.7 && <5
+ , bytestring >=0.10.8.2 && <0.11
+ , cryptonite >=0.27 && <0.30
, tahoe-ssk
- , x509
+ , x509 >=1.7.5 && <1.8
executable encode-ssk
import:
@@ -178,11 +200,11 @@ executable encode-ssk
main-is: Main.hs
hs-source-dirs: encode-ssk
build-depends:
- , base
- , base32
- , binary
- , bytestring
- , cryptonite
- , tahoe-capabilities
+ , base >=4.7 && <5
+ , base32 >=0.2.1 && <0.3
+ , binary >=0.8.6 && <0.9
+ , bytestring >=0.10.8.2 && <0.11
+ , cryptonite >=0.27 && <0.30
+ , tahoe-capabilities >=0.1 && <0.2
, tahoe-ssk
- , text
+ , text >=1.2.3.1 && <1.3