Initial commit

author: Julien Tanguy <julien.tanguy@jhome.fr> 2015-04-09 01:12:36 +0200
committer: Julien Tanguy <julien.tanguy@jhome.fr> 2015-04-09 01:12:36 +0200
commit: f678145637ba6f42c36d07c19f8c764e5d537f72 (patch)
tree: 3e8578900501968de7404131a89e8e063dd0f12e /src/Crypto
download: hmacaroons-f678145637ba6f42c36d07c19f8c764e5d537f72.tar.gz
hmacaroons-f678145637ba6f42c36d07c19f8c764e5d537f72.tar.zst
hmacaroons-f678145637ba6f42c36d07c19f8c764e5d537f72.zip
3 files changed, 237 insertions, 0 deletions
diff --git a/src/Crypto/Macaroon.hs b/src/Crypto/Macaroon.hs
new file mode 100644
index 0000000..819a9eb
--- /dev/null
+++ b/src/Crypto/Macaroon.hs
@@ -0,0 +1,121 @@
+{-# LANGUAGE OverloadedStrings #-}
+{-|
+Module      : Crypto.Macaroon
+Copyright   : (c) 2015 Julien Tanguy
+License     : BSD3
+Maintainer  : julien.tanguy@jhome.fr
+Stability   : experimental
+Portability : portable
+Pure haskell implementations of macaroons.
+Warning: this implementation has not been audited by security experts.
+Use it with caution.
+References:
+- Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud <http://research.google.com/pubs/pub41892.html>
+- Time for better security in NoSQL <http://hackingdistributed.com/2014/11/23/macaroons-in-hyperdex>
+-}
+module Crypto.Macaroon (
+    -- * Types
+      Macaroon
+    , Caveat
+    , Key
+    , Location
+    -- * Accessing functions
+    -- ** Macaroons
+    , location
+    , identifier
+    , caveats
+    , signature
+    -- ** Caveats
+    , caveatLoc
+    , caveatId
+    , caveatVId
+    -- * Create Macaroons
+    , create
+    , inspect
+    , addFirstPartyCaveat
+    , addThirdPartyCaveat
+    -- * Prepare Macaroons for transfer
+    , serialize
+    ) where
+import           Crypto.Cipher.AES
+import           Crypto.Hash
+import           Data.Byteable
+import qualified Data.ByteString            as BS
+import qualified Data.ByteString.Base64.URL as B64
+import qualified Data.ByteString.Char8      as B8
+import           Data.Hex
+import           Crypto.Macaroon.Internal
+-- | Create a Macaroon from its key, identifier and location
+create :: Key -> Key -> Location -> Macaroon
+create secret ident loc = MkMacaroon loc ident [] (toBytes (hmac derivedKey ident :: HMAC SHA256))
+  where
+    derivedKey = toBytes $ (hmac "macaroons-key-generator" secret :: HMAC SHA256)
+caveatLoc :: Caveat -> Location
+caveatLoc = cl
+caveatId :: Caveat -> Key
+caveatId = cid
+caveatVId :: Caveat -> Key
+caveatVId = vid
+inspect :: Macaroon -> String
+inspect m = unlines [ "location " ++ show (location m)
+                    , "identifier " ++ show (identifier m)
+                    , (concatMap (showCav (location m)) (caveats m))
+                    , "signature " ++ show (hex $ signature m)
+                    ]
+  where
+    showCav loc c | cl c == loc && vid c == BS.empty = "cid " ++ show (cid c)
+                  | otherwise = unlines [ "cid " ++ show (cid c)
+                                        , "vid " ++ show (vid c)
+                                        , "cl " ++ show (cl c)
+                                        ]
+serialize :: Macaroon -> BS.ByteString
+serialize m = B8.filter (/= '=') . B64.encode $ packets
+  where
+    packets = BS.concat [ putPacket "location" (location m)
+                        , putPacket "identifier" (identifier m)
+                        , caveatPackets
+                        , putPacket "signature" (signature m)
+                        ]
+    caveatPackets = BS.concat $ map (cavPacket (location m)) (caveats m)
+    cavPacket loc c | cl c == loc && vid c == BS.empty = putPacket "cid" (cid c)
+                    | otherwise = BS.concat [ putPacket "cid" (cid c)
+                                            , putPacket "vid" (vid c)
+                                            , putPacket "cl" (cl c)
+                                            ]
+-- | Add a first party Caveat to a Macaroon, with its identifier
+addFirstPartyCaveat :: Key -> Macaroon -> Macaroon
+addFirstPartyCaveat ident m = addCaveat (location m) ident BS.empty m
+-- |Add a third party Caveat to a Macaroon, using its location, identifier and
+-- verification key
+addThirdPartyCaveat :: Key
+                    -> Key
+                    -> Location
+                    -> Macaroon
+                    -> Macaroon
+addThirdPartyCaveat key cid loc m = addCaveat loc cid vid m
+  where
+    vid = encryptECB (initAES (signature m)) key
diff --git a/src/Crypto/Macaroon/Binder.hs b/src/Crypto/Macaroon/Binder.hs
new file mode 100644
index 0000000..3ec3d67
--- /dev/null
+++ b/src/Crypto/Macaroon/Binder.hs
@@ -0,0 +1,28 @@
+{-|
+Module      : Crypto.Macaroon.Binder
+Copyright   : (c) 2015 Julien Tanguy
+License     : BSD3
+Maintainer  : julien.tanguy@jhome.fr
+Stability   : experimental
+Portability : portable
+-}
+module Crypto.Macaroon.Binder where
+import           Crypto.Hash
+import           Data.Byteable
+import qualified Data.ByteString          as BS
+import           Crypto.Macaroon.Internal
+-- | Datatype for binding discharging and authorizing macaroons together
+newtype Binder = Binder { bind :: Macaroon -> Macaroon -> BS.ByteString }
+-- | Binder which concatenates the two signatures and hashes them
+hashSigs :: Binder
+hashSigs = Binder $ \m m' -> toBytes $ (HMAC . hash $ BS.append (toBytes $ signature m') (toBytes $ signature m) :: HMAC SHA256)
diff --git a/src/Crypto/Macaroon/Internal.hs b/src/Crypto/Macaroon/Internal.hs
new file mode 100644
index 0000000..fc50486
--- /dev/null
+++ b/src/Crypto/Macaroon/Internal.hs
@@ -0,0 +1,88 @@
+{-# LANGUAGE OverloadedStrings #-}
+{-|
+Module      : Crypto.Macaroon.Internal
+Copyright   : (c) 2015 Julien Tanguy
+License     : BSD3
+Maintainer  : julien.tanguy@jhome.fr
+Stability   : experimental
+Portability : portable
+Internal representation of a macaroon
+-}
+module Crypto.Macaroon.Internal where
+import           Control.DeepSeq
+import           Crypto.Cipher.AES
+import           Crypto.Hash
+import           Data.Byteable
+import qualified Data.ByteString        as BS
+import qualified Data.ByteString.Base64 as B64
+import qualified Data.ByteString.Char8  as B8
+import           Data.Char
+import           Data.Hex
+import           Data.Serialize
+import           Data.Word
+-- |Type alias for Macaroons and Caveat keys and identifiers
+type Key = BS.ByteString
+-- |Type alias For Macaroons and Caveat locations
+type Location = BS.ByteString
+type Sig = BS.ByteString
+-- | Main structure of a macaroon
+data Macaroon = MkMacaroon { location   :: Location
+                           -- ^ Target location
+                           , identifier :: Key
+                           -- ^ Macaroon Identifier
+                           , caveats    :: [Caveat]
+                           -- ^ List of caveats
+                           , signature  :: Sig
+                           -- ^ Macaroon HMAC signature
+                           } deriving (Eq)
+instance NFData Macaroon where
+    rnf (MkMacaroon loc ident cavs sig) = rnf loc `seq` rnf ident `seq` rnf cavs `seq` rnf sig
+-- | Caveat structure
+data Caveat = MkCaveat { cid :: Key
+                       -- ^ Caveat identifier
+                       , vid :: Key
+                       -- ^ Caveat verification key identifier
+                       , cl  :: Location
+                       -- ^ Caveat target location
+                       } deriving (Eq)
+instance NFData Caveat where
+    rnf (MkCaveat cid vid cl) = rnf cid `seq` rnf vid `seq` rnf cl
+putPacket :: BS.ByteString -> BS.ByteString -> BS.ByteString
+putPacket key dat = BS.concat [
+    B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
+    , key
+    , " "
+    , dat
+    , "\n"
+    ]
+  where
+    size = 4 + 2 + BS.length key + BS.length dat
+addCaveat :: Location
+          -> Key
+          -> Key
+          -> Macaroon
+          -> Macaroon
+addCaveat loc cid vid m = m { caveats = cavs ++ [cav'], signature = sig}
+  where
+    cavs = caveats m
+    cav' = MkCaveat cid vid loc
+    sig = toBytes $ (hmac (signature m) (BS.append vid cid) :: HMAC SHA256)
author	Julien Tanguy <julien.tanguy@jhome.fr>	2015-04-09 01:12:36 +0200
committer	Julien Tanguy <julien.tanguy@jhome.fr>	2015-04-09 01:12:36 +0200
commit	f678145637ba6f42c36d07c19f8c764e5d537f72 (patch)
tree	3e8578900501968de7404131a89e8e063dd0f12e /src/Crypto
download	hmacaroons-f678145637ba6f42c36d07c19f8c764e5d537f72.tar.gz hmacaroons-f678145637ba6f42c36d07c19f8c764e5d537f72.tar.zst hmacaroons-f678145637ba6f42c36d07c19f8c764e5d537f72.zip

diff --git a/src/Crypto/Macaroon.hs b/src/Crypto/Macaroon.hs new file mode 100644 index 0000000..819a9eb --- /dev/null +++ b/src/Crypto/Macaroon.hs
@@ -0,0 +1,121 @@
	1	{-# LANGUAGE OverloadedStrings #-}
	2	{-\|
	3	Module : Crypto.Macaroon
	4	Copyright : (c) 2015 Julien Tanguy
	5	License : BSD3
	6
	7	Maintainer : julien.tanguy@jhome.fr
	8	Stability : experimental
	9	Portability : portable
	10
	11
	12	Pure haskell implementations of macaroons.
	13
	14	Warning: this implementation has not been audited by security experts.
	15	Use it with caution.
	16
	17
	18	References:
	19
	20	- Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud <http://research.google.com/pubs/pub41892.html>
	21	- Time for better security in NoSQL <http://hackingdistributed.com/2014/11/23/macaroons-in-hyperdex>
	22
	23	-}
	24	module Crypto.Macaroon (
	25	-- * Types
	26	Macaroon
	27	, Caveat
	28	, Key
	29	, Location
	30	-- * Accessing functions
	31	-- ** Macaroons
	32	, location
	33	, identifier
	34	, caveats
	35	, signature
	36	-- ** Caveats
	37	, caveatLoc
	38	, caveatId
	39	, caveatVId
	40
	41	-- * Create Macaroons
	42	, create
	43	, inspect
	44	, addFirstPartyCaveat
	45	, addThirdPartyCaveat
	46
	47	-- * Prepare Macaroons for transfer
	48	, serialize
	49	) where
	50
	51	import Crypto.Cipher.AES
	52	import Crypto.Hash
	53	import Data.Byteable
	54	import qualified Data.ByteString as BS
	55	import qualified Data.ByteString.Base64.URL as B64
	56	import qualified Data.ByteString.Char8 as B8
	57	import Data.Hex
	58
	59	import Crypto.Macaroon.Internal
	60
	61	-- \| Create a Macaroon from its key, identifier and location
	62	create :: Key -> Key -> Location -> Macaroon
	63	create secret ident loc = MkMacaroon loc ident [] (toBytes (hmac derivedKey ident :: HMAC SHA256))
	64	where
	65	derivedKey = toBytes $ (hmac "macaroons-key-generator" secret :: HMAC SHA256)
	66
	67	caveatLoc :: Caveat -> Location
	68	caveatLoc = cl
	69
	70	caveatId :: Caveat -> Key
	71	caveatId = cid
	72
	73	caveatVId :: Caveat -> Key
	74	caveatVId = vid
	75
	76	inspect :: Macaroon -> String
	77	inspect m = unlines [ "location " ++ show (location m)
	78	, "identifier " ++ show (identifier m)
	79	, (concatMap (showCav (location m)) (caveats m))
	80	, "signature " ++ show (hex $ signature m)
	81	]
	82	where
	83	showCav loc c \| cl c == loc && vid c == BS.empty = "cid " ++ show (cid c)
	84	\| otherwise = unlines [ "cid " ++ show (cid c)
	85	, "vid " ++ show (vid c)
	86	, "cl " ++ show (cl c)
	87	]
	88
	89	serialize :: Macaroon -> BS.ByteString
	90	serialize m = B8.filter (/= '=') . B64.encode $ packets
	91	where
	92	packets = BS.concat [ putPacket "location" (location m)
	93	, putPacket "identifier" (identifier m)
	94	, caveatPackets
	95	, putPacket "signature" (signature m)
	96	]
	97	caveatPackets = BS.concat $ map (cavPacket (location m)) (caveats m)
	98	cavPacket loc c \| cl c == loc && vid c == BS.empty = putPacket "cid" (cid c)
	99	\| otherwise = BS.concat [ putPacket "cid" (cid c)
	100	, putPacket "vid" (vid c)
	101	, putPacket "cl" (cl c)
	102	]
	103
	104
	105
	106	-- \| Add a first party Caveat to a Macaroon, with its identifier
	107	addFirstPartyCaveat :: Key -> Macaroon -> Macaroon
	108	addFirstPartyCaveat ident m = addCaveat (location m) ident BS.empty m
	109
	110	-- \|Add a third party Caveat to a Macaroon, using its location, identifier and
	111	-- verification key
	112	addThirdPartyCaveat :: Key
	113	-> Key
	114	-> Location
	115	-> Macaroon
	116	-> Macaroon
	117	addThirdPartyCaveat key cid loc m = addCaveat loc cid vid m
	118	where
	119	vid = encryptECB (initAES (signature m)) key
	120
	121


diff --git a/src/Crypto/Macaroon/Binder.hs b/src/Crypto/Macaroon/Binder.hs new file mode 100644 index 0000000..3ec3d67 --- /dev/null +++ b/src/Crypto/Macaroon/Binder.hs
@@ -0,0 +1,28 @@
	1	{-\|
	2	Module : Crypto.Macaroon.Binder
	3	Copyright : (c) 2015 Julien Tanguy
	4	License : BSD3
	5
	6	Maintainer : julien.tanguy@jhome.fr
	7	Stability : experimental
	8	Portability : portable
	9
	10
	11
	12	-}
	13	module Crypto.Macaroon.Binder where
	14
	15	import Crypto.Hash
	16	import Data.Byteable
	17	import qualified Data.ByteString as BS
	18
	19	import Crypto.Macaroon.Internal
	20
	21	-- \| Datatype for binding discharging and authorizing macaroons together
	22	newtype Binder = Binder { bind :: Macaroon -> Macaroon -> BS.ByteString }
	23
	24
	25	-- \| Binder which concatenates the two signatures and hashes them
	26	hashSigs :: Binder
	27	hashSigs = Binder $ \m m' -> toBytes $ (HMAC . hash $ BS.append (toBytes $ signature m') (toBytes $ signature m) :: HMAC SHA256)
	28


diff --git a/src/Crypto/Macaroon/Internal.hs b/src/Crypto/Macaroon/Internal.hs new file mode 100644 index 0000000..fc50486 --- /dev/null +++ b/src/Crypto/Macaroon/Internal.hs
@@ -0,0 +1,88 @@
	1	{-# LANGUAGE OverloadedStrings #-}
	2	{-\|
	3	Module : Crypto.Macaroon.Internal
	4	Copyright : (c) 2015 Julien Tanguy
	5	License : BSD3
	6
	7	Maintainer : julien.tanguy@jhome.fr
	8	Stability : experimental
	9	Portability : portable
	10
	11
	12	Internal representation of a macaroon
	13	-}
	14	module Crypto.Macaroon.Internal where
	15
	16
	17	import Control.DeepSeq
	18	import Crypto.Cipher.AES
	19	import Crypto.Hash
	20	import Data.Byteable
	21	import qualified Data.ByteString as BS
	22	import qualified Data.ByteString.Base64 as B64
	23	import qualified Data.ByteString.Char8 as B8
	24	import Data.Char
	25	import Data.Hex
	26	import Data.Serialize
	27	import Data.Word
	28
	29	-- \|Type alias for Macaroons and Caveat keys and identifiers
	30	type Key = BS.ByteString
	31
	32	-- \|Type alias For Macaroons and Caveat locations
	33	type Location = BS.ByteString
	34
	35	type Sig = BS.ByteString
	36
	37	-- \| Main structure of a macaroon
	38	data Macaroon = MkMacaroon { location :: Location
	39	-- ^ Target location
	40	, identifier :: Key
	41	-- ^ Macaroon Identifier
	42	, caveats :: [Caveat]
	43	-- ^ List of caveats
	44	, signature :: Sig
	45	-- ^ Macaroon HMAC signature
	46	} deriving (Eq)
	47
	48
	49	instance NFData Macaroon where
	50	rnf (MkMacaroon loc ident cavs sig) = rnf loc `seq` rnf ident `seq` rnf cavs `seq` rnf sig
	51
	52
	53	-- \| Caveat structure
	54	data Caveat = MkCaveat { cid :: Key
	55	-- ^ Caveat identifier
	56	, vid :: Key
	57	-- ^ Caveat verification key identifier
	58	, cl :: Location
	59	-- ^ Caveat target location
	60
	61	} deriving (Eq)
	62
	63	instance NFData Caveat where
	64	rnf (MkCaveat cid vid cl) = rnf cid `seq` rnf vid `seq` rnf cl
	65
	66
	67	putPacket :: BS.ByteString -> BS.ByteString -> BS.ByteString
	68	putPacket key dat = BS.concat [
	69	B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
	70	, key
	71	, " "
	72	, dat
	73	, "\n"
	74	]
	75	where
	76	size = 4 + 2 + BS.length key + BS.length dat
	77
	78	addCaveat :: Location
	79	-> Key
	80	-> Key
	81	-> Macaroon
	82	-> Macaroon
	83	addCaveat loc cid vid m = m { caveats = cavs ++ [cav'], signature = sig}
	84	where
	85	cavs = caveats m
	86	cav' = MkCaveat cid vid loc
	87	sig = toBytes $ (hmac (signature m) (BS.append vid cid) :: HMAC SHA256)
	88