From f9c1205faa15254e0b4125eb39953211f10ad407 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Fri, 12 May 2023 14:42:01 -0400
Subject: [PATCH] add storage index derivation
---
src/Tahoe/SDMF/Internal/Keys.hs | 6 ++++++
src/Tahoe/SDMF/Keys.hs | 2 ++
test/Spec.hs | 8 +++++++-
test/expected_values.py | 8 +++++++-
4 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/src/Tahoe/SDMF/Internal/Keys.hs b/src/Tahoe/SDMF/Internal/Keys.hs
index 3478225..29c017f 100644
--- a/src/Tahoe/SDMF/Internal/Keys.hs
+++ b/src/Tahoe/SDMF/Internal/Keys.hs
@@ -97,9 +97,15 @@ deriveDataKey (SDMF_IV iv) r =
sbs = B.take keyLength . taggedPairHash keyLength mutableDataKeyTag (B.pack . ByteArray.unpack $ iv) . ByteArray.convert . readKeyBytes $ r
key = maybeCryptoError . cipherInit $ sbs
+-- | Compute the storage index for a given read key for an SDMF share.
mutableDataKeyTag :: B.ByteString
mutableDataKeyTag = "allmydata_mutable_readkey_to_datakey_v1"
+deriveStorageIndex :: Read -> StorageIndex
+deriveStorageIndex r = StorageIndex si
+ where
+ si = taggedHash keyLength mutableStorageIndexTag . ByteArray.convert . readKeyBytes $ r
+
mutableStorageIndexTag :: B.ByteString
mutableStorageIndexTag = "allmydata_mutable_readkey_to_storage_index_v1"
diff --git a/src/Tahoe/SDMF/Keys.hs b/src/Tahoe/SDMF/Keys.hs
index f5ba4ce..75a503b 100644
--- a/src/Tahoe/SDMF/Keys.hs
+++ b/src/Tahoe/SDMF/Keys.hs
@@ -6,9 +6,11 @@ import Tahoe.SDMF.Internal.Keys (
Read (..),
SDMF_IV (..),
Signature (..),
+ StorageIndex (..),
Write (..),
deriveDataKey,
deriveReadKey,
+ deriveStorageIndex,
deriveWriteKey,
toPublicKey,
)
diff --git a/test/Spec.hs b/test/Spec.hs
index b576ac0..cb08caa 100644
--- a/test/Spec.hs
+++ b/test/Spec.hs
@@ -84,12 +84,14 @@ tests =
expectedWriteKey = ("v7iymuxkc5yv2fomi3xwbjdd4e" :: T.Text)
expectedReadKey = ("6ir6husgx6ubro3tbimmzskqri" :: T.Text)
expectedDataKey = ("bbj67exlrkfcaqutwlgwvukbfe" :: T.Text)
+ expectedStorageIndex = ("cmkuloz2t6fhsh7npxxteba6sq" :: T.Text)
-- Derive all the keys.
(Just iv) = Keys.SDMF_IV <$> makeIV (B.replicate 16 0x42)
(Just w@(Keys.Write _ derivedWriteKey)) = Keys.deriveWriteKey sigKey
(Just r@(Keys.Read _ derivedReadKey)) = Keys.deriveReadKey w
- (Just d@(Keys.Data _ derivedDataKey)) = Keys.deriveDataKey iv r
+ (Just (Keys.Data _ derivedDataKey)) = Keys.deriveDataKey iv r
+ (Keys.StorageIndex derivedStorageIndex) = Keys.deriveStorageIndex r
-- A helper to format a key as text for convenient
-- comparison to expected value.
@@ -112,6 +114,10 @@ tests =
"expected datakey /= derived datakey"
expectedDataKey
(fmtKey derivedDataKey)
+ assertEqual
+ "expected storage index /= derived storage index"
+ expectedStorageIndex
+ (T.toLower . encodeBase32Unpadded $ derivedStorageIndex)
, testProperty "Share round-trips through bytes" $
property $ do
share <- forAll shares
diff --git a/test/expected_values.py b/test/expected_values.py
index c85de97..8ad03d9 100644
--- a/test/expected_values.py
+++ b/test/expected_values.py
@@ -4,7 +4,11 @@
from allmydata.crypto import rsa
from allmydata.mutable.common import derive_mutable_keys
from allmydata.util import base32
-from allmydata.util.hashutil import ssk_readkey_hash, ssk_readkey_data_hash
+from allmydata.util.hashutil import (
+ ssk_readkey_hash,
+ ssk_readkey_data_hash,
+ ssk_storage_index_hash,
+)
# Arbitrarily select an IV.
iv = b"\x42" * 16
@@ -15,11 +19,13 @@ with open("data/rsa-privkey-0.der", "rb") as f:
writekey, encprivkey, fingerprint = derive_mutable_keys((pub, priv))
readkey = ssk_readkey_hash(writekey)
datakey = ssk_readkey_data_hash(iv, readkey)
+storage_index = ssk_storage_index_hash(readkey)
print("SDMF")
print("writekey: ", base32.b2a(writekey))
print("readkey: ", base32.b2a(readkey))
print("datakey: ", base32.b2a(datakey))
+print("storage index: ", base32.b2a(storage_index))
print("encrypted private key: ", base32.b2a(encprivkey))
print("signature key hash: ", base32.b2a(fingerprint))
--
GitLab