]>
Commit | Line | Data |
---|---|---|
f6781456 JT |
1 | {-#LANGUAGE OverloadedStrings#-} |
2 | ||
3 | import Crypto.Hash | |
4 | import Data.ByteString (ByteString) | |
5 | import qualified Data.ByteString as B | |
6 | import Data.Hex | |
7 | import Data.Byteable | |
8 | ||
9 | import Test.Tasty | |
10 | import Test.Tasty.HUnit | |
11 | ||
12 | import qualified Crypto.Macaroon.Tests | |
13 | ||
14 | main = defaultMain tests | |
15 | ||
16 | tests :: TestTree | |
17 | tests = testGroup "Tests" [ sanityCheck | |
18 | , Crypto.Macaroon.Tests.tests | |
19 | ] | |
20 | ||
21 | sanityCheck :: TestTree | |
22 | sanityCheck = testGroup "Python HMAC Sanity check" [ checkKey | |
23 | , checkMac1 | |
24 | , checkMac2 | |
25 | , checkMac3 | |
26 | , checkMac4 | |
27 | ] | |
28 | ||
29 | ||
30 | secret :: ByteString | |
31 | secret = "this is our super secret key; only we should know it" | |
32 | ||
33 | public :: ByteString | |
34 | public = "we used our secret key" | |
35 | ||
36 | key :: ByteString | |
37 | key = B.take 32 secret | |
38 | ||
39 | mac1 :: ByteString | |
40 | mac1 = toBytes $ (hmac key public :: HMAC SHA256) | |
41 | ||
42 | mac2 :: ByteString | |
43 | mac2 = toBytes $ (hmac mac1 "account = 3735928559" :: HMAC SHA256) | |
44 | ||
45 | mac3 :: ByteString | |
46 | mac3 = toBytes $ (hmac mac2 "time < 2015-01-01T00:00" :: HMAC SHA256) | |
47 | ||
48 | mac4 :: ByteString | |
49 | mac4 = toBytes $ (hmac mac3 "email = alice@example.org" :: HMAC SHA256) | |
50 | ||
51 | ||
52 | checkKey = testCase "Truncated key" $ | |
53 | key @?= "this is our super secret key; on" | |
54 | ||
55 | checkMac1 = testCase "HMAC key" $ | |
56 | "C60B4B3540BB1B2F2EF28D1C895691CC4A5E07A38A9D3B1C3379FB485293372F" @=? hex mac1 | |
57 | ||
58 | checkMac2 = testCase "HMAC key account" $ | |
59 | "5C933DC9A7D036DFCD1740B4F26D737397A1FF635EAC900F3226973503CAAAA5" @=? hex mac2 | |
60 | ||
61 | checkMac3 = testCase "HMAC key account time" $ | |
62 | "7A559B20C8B607009EBCE138C200585E9D0DECA6D23B3EAD6C5E0BA6861D3858" @=? hex mac3 | |
63 | ||
64 | checkMac4 = testCase "HMAC key account time email" $ | |
65 | "E42BBB02A9A5A303483CB6295C497AE51AD1D5CB10003CBE548D907E7E62F5E4" @=? hex mac4 | |
66 |