[github/fretlink/hmacaroons.git] / src / Crypto / Macaroon.hs

{-# LANGUAGE OverloadedStrings #-}
{-|
Module      : Crypto.Macaroon
Copyright   : (c) 2015 Julien Tanguy
License     : BSD3

Maintainer  : julien.tanguy@jhome.fr
Stability   : experimental
Portability : portable

Pure haskell implementations of macaroons.

Warning: this implementation has not been audited by security experts.
Do not use in production


References:

- Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud <http://research.google.com/pubs/pub41892.html>
- Time for better security in NoSQL <http://hackingdistributed.com/2014/11/23/macaroons-in-hyperdex>
-}
module Crypto.Macaroon (
    -- * Types
      Macaroon
    , Caveat
    , Key
    , Location
    , Sig
    -- * Accessing functions
    -- ** Macaroons
    , location
    , identifier
    , caveats
    , signature
    -- ** Caveats
    , caveatLoc
    , caveatId
    , caveatVId

    -- * Create Macaroons
    , create
    , inspect
    , addFirstPartyCaveat
    , addThirdPartyCaveat

    -- * Prepare Macaroons for transfer
    , serialize
    ) where

import           Crypto.Cipher.AES
import           Crypto.Hash
import           Data.Char
import           Data.Byteable
import qualified Data.ByteString            as BS
import qualified Data.ByteString.Base64.URL as B64
import qualified Data.ByteString.Char8      as B8
import           Data.Hex
import           Data.Word
import           Data.Serialize

import           Crypto.Macaroon.Internal

-- | Create a Macaroon from its key, identifier and location
create :: Key -> Key -> Location -> Macaroon
create secret ident loc = MkMacaroon loc ident [] (toBytes (hmac derivedKey ident :: HMAC SHA256))
  where
    derivedKey = toBytes (hmac "macaroons-key-generator" secret :: HMAC SHA256)

-- | Caveat target location
caveatLoc :: Caveat -> Location
caveatLoc = cl

-- | Caveat identifier
caveatId :: Caveat -> Key
caveatId = cid

-- | Caveat verification identifier
caveatVId :: Caveat -> Key
caveatVId = vid

-- | Inspect a macaroon's contents. For debugging purposes.
inspect :: Macaroon -> String
inspect = show

-- | Serialize a macaroon in an URL-safe Base64 encoding
serialize :: Macaroon -> BS.ByteString
serialize m = B8.filter (/= '=') . B64.encode $ packets
  where
    packets = BS.concat [ putPacket "location" (location m)
                        , putPacket "identifier" (identifier m)
                        , caveatPackets
                        , putPacket "signature" (signature m)
                        ]
    caveatPackets = BS.concat $ map (cavPacket (location m)) (caveats m)
    cavPacket loc c | cl c == loc && vid c == BS.empty = putPacket "cid" (cid c)
                    | otherwise = BS.concat [ putPacket "cid" (cid c)
                                            , putPacket "vid" (vid c)
                                            , putPacket "cl" (cl c)
                                            ]
    putPacket key dat = BS.concat [
        B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
        , key
        , " "
        , dat
        , "\n"
        ]
      where
        size = 4 + 2 + BS.length key + BS.length dat


-- | Add a first party Caveat to a Macaroon, with its identifier
addFirstPartyCaveat :: Key -> Macaroon -> Macaroon
addFirstPartyCaveat ident m = addCaveat (location m) ident BS.empty m

-- |Add a third party Caveat to a Macaroon, using its location, identifier and
-- verification key
addThirdPartyCaveat :: Key
                    -> Key
                    -> Location
                    -> Macaroon
                    -> Macaroon
addThirdPartyCaveat key cid loc m = addCaveat loc cid vid m
  where
    vid = encryptECB (initAES (signature m)) key
Commit	Line	Data
f6781456 JT	1	{-# LANGUAGE OverloadedStrings #-}
	2	{-\|
	3	Module : Crypto.Macaroon
	4	Copyright : (c) 2015 Julien Tanguy
	5	License : BSD3
	6
	7	Maintainer : julien.tanguy@jhome.fr
	8	Stability : experimental
	9	Portability : portable
	10
f6781456 JT	11	Pure haskell implementations of macaroons.
	12
	13	Warning: this implementation has not been audited by security experts.
2aede11a	14	Do not use in production
f6781456 JT	15
	16
	17	References:
	18
	19	- Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud <http://research.google.com/pubs/pub41892.html>
	20	- Time for better security in NoSQL <http://hackingdistributed.com/2014/11/23/macaroons-in-hyperdex>
f6781456 JT	21	-}
	22	module Crypto.Macaroon (
	23	-- * Types
	24	Macaroon
	25	, Caveat
	26	, Key
	27	, Location
1971e224	28	, Sig
f6781456 JT	29	-- * Accessing functions
	30	-- ** Macaroons
	31	, location
	32	, identifier
	33	, caveats
	34	, signature
	35	-- ** Caveats
	36	, caveatLoc
	37	, caveatId
	38	, caveatVId
	39
	40	-- * Create Macaroons
	41	, create
	42	, inspect
	43	, addFirstPartyCaveat
	44	, addThirdPartyCaveat
	45
	46	-- * Prepare Macaroons for transfer
	47	, serialize
	48	) where
	49
	50	import Crypto.Cipher.AES
	51	import Crypto.Hash
2aede11a	52	import Data.Char
f6781456 JT	53	import Data.Byteable
	54	import qualified Data.ByteString as BS
	55	import qualified Data.ByteString.Base64.URL as B64
	56	import qualified Data.ByteString.Char8 as B8
	57	import Data.Hex
2aede11a JT	58	import Data.Word
2aede11a JT	59	import Data.Serialize
f6781456 JT	60
	61	import Crypto.Macaroon.Internal
	62
	63	-- \| Create a Macaroon from its key, identifier and location
	64	create :: Key -> Key -> Location -> Macaroon
	65	create secret ident loc = MkMacaroon loc ident [] (toBytes (hmac derivedKey ident :: HMAC SHA256))
	66	where
2aede11a	67	derivedKey = toBytes (hmac "macaroons-key-generator" secret :: HMAC SHA256)
f6781456	68
1971e224	69	-- \| Caveat target location
f6781456 JT	70	caveatLoc :: Caveat -> Location
	71	caveatLoc = cl
	72
1971e224	73	-- \| Caveat identifier
f6781456 JT	74	caveatId :: Caveat -> Key
	75	caveatId = cid
	76
1971e224	77	-- \| Caveat verification identifier
f6781456 JT	78	caveatVId :: Caveat -> Key
	79	caveatVId = vid
	80
1971e224	81	-- \| Inspect a macaroon's contents. For debugging purposes.
f6781456	82	inspect :: Macaroon -> String
2aede11a	83	inspect = show
f6781456	84
1971e224	85	-- \| Serialize a macaroon in an URL-safe Base64 encoding
f6781456 JT	86	serialize :: Macaroon -> BS.ByteString
	87	serialize m = B8.filter (/= '=') . B64.encode $ packets
	88	where
	89	packets = BS.concat [ putPacket "location" (location m)
	90	, putPacket "identifier" (identifier m)
	91	, caveatPackets
	92	, putPacket "signature" (signature m)
	93	]
	94	caveatPackets = BS.concat $ map (cavPacket (location m)) (caveats m)
	95	cavPacket loc c \| cl c == loc && vid c == BS.empty = putPacket "cid" (cid c)
	96	\| otherwise = BS.concat [ putPacket "cid" (cid c)
	97	, putPacket "vid" (vid c)
	98	, putPacket "cl" (cl c)
	99	]
2aede11a JT	100	putPacket key dat = BS.concat [
	101	B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
	102	, key
	103	, " "
	104	, dat
	105	, "\n"
	106	]
	107	where
	108	size = 4 + 2 + BS.length key + BS.length dat
	109
f6781456 JT	110
	111
	112
	113	-- \| Add a first party Caveat to a Macaroon, with its identifier
	114	addFirstPartyCaveat :: Key -> Macaroon -> Macaroon
	115	addFirstPartyCaveat ident m = addCaveat (location m) ident BS.empty m
	116
	117	-- \|Add a third party Caveat to a Macaroon, using its location, identifier and
	118	-- verification key
	119	addThirdPartyCaveat :: Key
	120	-> Key
	121	-> Location
	122	-> Macaroon
	123	-> Macaroon
	124	addThirdPartyCaveat key cid loc m = addCaveat loc cid vid m
	125	where
	126	vid = encryptECB (initAES (signature m)) key
	127
	128