Basic verification of macaroons

[github/fretlink/hmacaroons.git] / src / Crypto / Macaroon.hs

diff --git a/src/Crypto/Macaroon.hs b/src/Crypto/Macaroon.hs
index 42e4a0784d946e12e22c881455d4e073f859f348..bfcf8dfa218447008840892ce43558e4f7a2f149 100644 (file)
--- a/src/Crypto/Macaroon.hs
+++ b/src/Crypto/Macaroon.hs
@@ -25,6 +25,7 @@ module Crypto.Macaroon (
     , Caveat
     , Key
     , Location
+    , Sig
     -- * Accessing functions
     -- ** Macaroons
     , location
@@ -40,22 +41,15 @@ module Crypto.Macaroon (
     , create
     , inspect
     , addFirstPartyCaveat
-    , addThirdPartyCaveat
-
-    -- * Prepare Macaroons for transfer
-    , serialize
+    -- , addThirdPartyCaveat
     ) where
 
-import           Crypto.Cipher.AES
+-- import           Crypto.Cipher.AES
 import           Crypto.Hash
-import           Data.Char
 import           Data.Byteable
 import qualified Data.ByteString            as BS
 import qualified Data.ByteString.Base64.URL as B64
 import qualified Data.ByteString.Char8      as B8
-import           Data.Hex
-import           Data.Word
-import           Data.Serialize
 
 import           Crypto.Macaroon.Internal
 
@@ -65,58 +59,35 @@ create secret ident loc = MkMacaroon loc ident [] (toBytes (hmac derivedKey iden
   where
     derivedKey = toBytes (hmac "macaroons-key-generator" secret :: HMAC SHA256)
 
+-- | Caveat target location
 caveatLoc :: Caveat -> Location
 caveatLoc = cl
 
+-- | Caveat identifier
 caveatId :: Caveat -> Key
 caveatId = cid
 
+-- | Caveat verification identifier
 caveatVId :: Caveat -> Key
 caveatVId = vid
 
+-- | Inspect a macaroon's contents. For debugging purposes.
 inspect :: Macaroon -> String
 inspect = show
 
-serialize :: Macaroon -> BS.ByteString
-serialize m = B8.filter (/= '=') . B64.encode $ packets
-  where
-    packets = BS.concat [ putPacket "location" (location m)
-                        , putPacket "identifier" (identifier m)
-                        , caveatPackets
-                        , putPacket "signature" (signature m)
-                        ]
-    caveatPackets = BS.concat $ map (cavPacket (location m)) (caveats m)
-    cavPacket loc c | cl c == loc && vid c == BS.empty = putPacket "cid" (cid c)
-                    | otherwise = BS.concat [ putPacket "cid" (cid c)
-                                            , putPacket "vid" (vid c)
-                                            , putPacket "cl" (cl c)
-                                            ]
-    putPacket key dat = BS.concat [
-        B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
-        , key
-        , " "
-        , dat
-        , "\n"
-        ]
-      where
-        size = 4 + 2 + BS.length key + BS.length dat
-
-
-
-
 -- | Add a first party Caveat to a Macaroon, with its identifier
 addFirstPartyCaveat :: Key -> Macaroon -> Macaroon
 addFirstPartyCaveat ident m = addCaveat (location m) ident BS.empty m
 
 -- |Add a third party Caveat to a Macaroon, using its location, identifier and
 -- verification key
-addThirdPartyCaveat :: Key
-                    -> Key
-                    -> Location
-                    -> Macaroon
-                    -> Macaroon
-addThirdPartyCaveat key cid loc m = addCaveat loc cid vid m
-  where
-    vid = encryptECB (initAES (signature m)) key
+-- addThirdPartyCaveat :: Key
+--                     -> Key
+--                     -> Location
+--                     -> Macaroon
+--                     -> Macaroon
+-- addThirdPartyCaveat key cid loc m = addCaveat loc cid vid m
+--   where
+--     vid = encryptECB (initAES (signature m)) key