1 {-# LANGUAGE OverloadedStrings #-}
3 Module : Crypto.Macaroon.Verifier
4 Copyright : (c) 2015 Julien Tanguy
7 Maintainer : julien.tanguy@jhome.fr
8 Stability : experimental
14 module Crypto.Macaroon.Verifier where
19 import qualified Data.ByteString as BS
23 import Crypto.Macaroon.Internal
26 -- | Opaque datatype for now. Might need more explicit errors
27 data Result = Success | Failure deriving (Show,Eq)
29 verifySig :: Key -> Macaroon -> Result
30 verifySig k m = bool Failure Success $
31 signature m == foldl' hash (toBytes (hmac derivedKey (identifier m) :: HMAC SHA256)) (caveats m)
33 hash s c = toBytes (hmac s (vid c `BS.append` cid c) :: HMAC SHA256)
34 derivedKey = toBytes (hmac "macaroons-key-generator" k :: HMAC SHA256)