James/purr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Secrets are now stored as AES encrypted -> Base64 encoded strings, retrieval is still plaintext and will need to be updated to reflect the required unencoding and decryption process

Browse Source
This commit is contained in:
James Eversole 2022-07-29 20:31:58 -05:00
parent bbe315c450
commit 478384aae9
8 changed files with 50 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Purr.cabal
View File

@ -48,8 +48,11 @@ library
ScopedTypeVariables
build-depends:
base >=4.7
, base64-bytestring >=1.2.0.0
, blaze-html >=0.9.1.0
, containers
, bytestring >=0.10.12.1
, containers >=0.6.4.1
, crypto-simple >=0.1.0.0
, dhall >=1.40 && <1.41.2
, http-types >=0.12.3
, iso8601-time >=0.1.5
@ -58,7 +61,7 @@ library
, scotty ==0.12
, shakespeare >=2.0.20
, sqlite-simple >=0.4.18.0
, text >=1.2
, text >=1.2.5.0
, time >=1.9
, wai-extra >=3.1.12.1
, wai-middleware-static >=0.5
@ -82,8 +85,11 @@ executable Purr-exe
build-depends:
Purr
, base >=4.7
, base64-bytestring >=1.2.0.0
, blaze-html >=0.9.1.0
, containers
, bytestring >=0.10.12.1
, containers >=0.6.4.1
, crypto-simple >=0.1.0.0
, dhall >=1.40 && <1.41.2
, http-types >=0.12.3
, iso8601-time >=0.1.5
@ -92,7 +98,7 @@ executable Purr-exe
, scotty ==0.12
, shakespeare >=2.0.20
, sqlite-simple >=0.4.18.0
, text >=1.2
, text >=1.2.5.0
, time >=1.9
, wai-extra >=3.1.12.1
, wai-middleware-static >=0.5
@ -117,8 +123,11 @@ test-suite Purr-test
build-depends:
Purr
, base >=4.7
, base64-bytestring >=1.2.0.0
, blaze-html >=0.9.1.0
, containers
, bytestring >=0.10.12.1
, containers >=0.6.4.1
, crypto-simple >=0.1.0.0
, dhall >=1.40 && <1.41.2
, http-types >=0.12.3
, iso8601-time >=0.1.5
@ -127,7 +136,7 @@ test-suite Purr-test
, scotty ==0.12
, shakespeare >=2.0.20
, sqlite-simple >=0.4.18.0
, text >=1.2
, text >=1.2.5.0
, time >=1.9
, wai-extra >=3.1.12.1
, wai-middleware-static >=0.5

2
examples/config.dhall
View File

@ -10,6 +10,6 @@
, applicationHost = "REPLACEME"
, applicationPort = +3000
, dbFile = "data/Purr.sqlite"
, dbSalt = "REPLACEME!!!!!"
, dbKey = "REPLACEME!!!!!"
, linkLength = +24
}

7
package.yaml
View File

@ -29,8 +29,11 @@ description: https://git.eversole.co/James/Purr
dependencies:
- base >= 4.7
- base64-bytestring >= 1.2.0.0
- blaze-html >= 0.9.1.0
- containers
- bytestring >= 0.10.12.1
- containers >= 0.6.4.1
- crypto-simple >= 0.1.0.0
- dhall >= 1.40 && < 1.41.2
- http-types >= 0.12.3
- iso8601-time >= 0.1.5
@ -40,7 +43,7 @@ dependencies:
- shakespeare >= 2.0.20
- sqlite-simple >= 0.4.18.0
- time >= 1.9
- text >= 1.2
- text >= 1.2.5.0
- wai-extra >= 3.1.12.1
- wai-middleware-static >= 0.5

5
src/Core/SQLite.hs
View File

@ -22,3 +22,8 @@ dbPath :: PurrAction String
dbPath = do
conf <- lift ask
return $ dbFile conf
encKey :: PurrAction String
encKey = do
conf <- lift ask
return $ dbKey conf

2
src/Core/Types.hs
View File

@ -20,6 +20,6 @@ data DhallConfig = DhallConfig
, applicationHost :: String
, applicationPort :: Int
, dbFile :: String
, dbSalt :: String
, dbKey :: String
, linkLength :: Int
} deriving (Generic, Show)

27
src/Feature/Sharing/SQLite.hs
View File

@ -4,14 +4,18 @@ import Core.Types
import Core.SQLite
import Feature.Sharing.Types
import Control.Monad.Reader (ask, lift, liftIO)
import Data.Maybe (listToMaybe)
import Data.Time.Clock.POSIX (getPOSIXTime)
import Control.Monad.Reader (ask, lift, liftIO)
import Crypto.Simple.CBC (encrypt, decrypt)
import Data.Maybe (listToMaybe)
import Data.Time.Clock.POSIX (getPOSIXTime)
import Database.SQLite.Simple
import Database.SQLite.Simple.FromRow
import qualified Data.Text as T
import qualified Data.Text.Lazy as LT
import qualified Data.ByteString.Base64 as B64
import qualified Data.ByteString.Char8 as B
import qualified Data.Text as T
import qualified Data.Text.Encoding as ET
import qualified Data.Text.Lazy as LT
findByLink :: String -> PurrAction (Maybe SecretEntry)
findByLink link = do
@ -23,13 +27,18 @@ findByLink link = do
insertNewSecret :: T.Text -> T.Text -> PurrAction ()
insertNewSecret sec link = do
db <- dbPath
conn <- liftIO $ open db
time <- liftIO $ epochTime
db <- dbPath
key <- encKey
encSec <- liftIO $ encrypt (B.pack key) (ET.encodeUtf8 sec)
conn <- liftIO $ open db
time <- liftIO $ epochTime
liftIO $ execute conn
"INSERT INTO pws (link, secret, date) VALUES (?, ?, ?)"
(SecretEntry link sec time)
(SecretEntry link (encodeSecret encSec) time)
liftIO $ close conn
epochTime :: IO Integer
epochTime = fmap round getPOSIXTime
encodeSecret :: B.ByteString -> T.Text
encodeSecret b = ET.decodeUtf8 $ B64.encode b

3
stack.yaml
View File

@ -36,8 +36,7 @@ packages:
# forks / in-progress versions pinned to a git hash. For example:
#
extra-deps:
- AesonBson-0.4.1@sha256:30a4ecb39e8da94dc1e1e8945eb0d4e33a833ae4342841b3c87c56b5918a90a1,1398
- bson-generic-0.0.9@sha256:ea6685daa618b2bbe6e189c33e195e812501baf42f53183eedc16f011690895a,817
- crypto-simple-0.1.0.0@sha256:5c0e1e04a814d903743d7543245951a91a46817230fdf478fadca57116805fc1,1502
ghc-options:
'$everything': -haddock

15
stack.yaml.lock
View File

@ -5,19 +5,12 @@
packages:
- completed:
hackage: AesonBson-0.4.1@sha256:30a4ecb39e8da94dc1e1e8945eb0d4e33a833ae4342841b3c87c56b5918a90a1,1398
hackage: crypto-simple-0.1.0.0@sha256:5c0e1e04a814d903743d7543245951a91a46817230fdf478fadca57116805fc1,1502
pantry-tree:
size: 378
sha256: 10c7444de357f7fc1473542d8b3307811420889be32d5a2033d0dbc2d32a375d
size: 472
sha256: 66c4ac2c2ddb74d31370026799a44fa78dc3b64d82cec0a1bc87b30e816195a4
original:
hackage: AesonBson-0.4.1@sha256:30a4ecb39e8da94dc1e1e8945eb0d4e33a833ae4342841b3c87c56b5918a90a1,1398
- completed:
hackage: bson-generic-0.0.9@sha256:ea6685daa618b2bbe6e189c33e195e812501baf42f53183eedc16f011690895a,817
pantry-tree:
size: 220
sha256: 46d452c35c2c762af25bf4d85b5248a94cbbe5b282bc4b1217d0ab3451011ae9
original:
hackage: bson-generic-0.0.9@sha256:ea6685daa618b2bbe6e189c33e195e812501baf42f53183eedc16f011690895a,817
hackage: crypto-simple-0.1.0.0@sha256:5c0e1e04a814d903743d7543245951a91a46817230fdf478fadca57116805fc1,1502
snapshots:
- completed:
size: 618740