aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--hmacaroons.cabal7
-rw-r--r--src/Crypto/Macaroon/Verifier/Internal.hs2
-rw-r--r--test/Crypto/Macaroon/Instances.hs4
-rw-r--r--test/Crypto/Macaroon/Tests.hs2
-rw-r--r--test/Sanity.hs26
5 files changed, 19 insertions, 22 deletions
diff --git a/hmacaroons.cabal b/hmacaroons.cabal
index 7b5a0dd..9424f22 100644
--- a/hmacaroons.cabal
+++ b/hmacaroons.cabal
@@ -2,16 +2,13 @@ name: hmacaroons
2version: 0.2.0.0 2version: 0.2.0.0
3synopsis: Haskell implementation of macaroons 3synopsis: Haskell implementation of macaroons
4description: 4description:
5 = Macaroons: Pure haskell implementation of macaroons 5 Hmacaroons is a pure haskell implementation of macaroons. It aims to
6 #macaroons-pure-haskell-implementation-of-macaroons#
7 .
8 Macaroons is a pure haskell implementation of macaroons. It aims to
9 provide compatibility at a serialized level with the 6 provide compatibility at a serialized level with the
10 <https://github.com/rescrv/libmacaroons reference implementation> and 7 <https://github.com/rescrv/libmacaroons reference implementation> and
11 the <https://github.com/ecordell/pymacaroons python implementation> 8 the <https://github.com/ecordell/pymacaroons python implementation>
12 . 9 .
13 __WARNING: This library has not been audited by security experts.__ 10 __WARNING: This library has not been audited by security experts.__
14 __There is no error handling at the moment, everyhting is silently accepted__ 11 __There is no error handling at the moment, everything is silently accepted__
15 . 12 .
16 It is developed in the purpose of exploration purposes, and would need 13 It is developed in the purpose of exploration purposes, and would need
17 much more attention if it were to be used in production. 14 much more attention if it were to be used in production.
diff --git a/src/Crypto/Macaroon/Verifier/Internal.hs b/src/Crypto/Macaroon/Verifier/Internal.hs
index 63d826d..b65b62d 100644
--- a/src/Crypto/Macaroon/Verifier/Internal.hs
+++ b/src/Crypto/Macaroon/Verifier/Internal.hs
@@ -44,7 +44,7 @@ instance Monoid ValidationError where
44 (ValidatorError e) `mappend` (ParseError _) = ValidatorError e 44 (ValidatorError e) `mappend` (ParseError _) = ValidatorError e
45 (ParseError _) `mappend` (ValidatorError e) = ValidatorError e 45 (ParseError _) `mappend` (ValidatorError e) = ValidatorError e
46 46
47 47-- | Check that the given macaroon has a correct signature
48verifySig :: Key -> Macaroon -> Either ValidationError Macaroon 48verifySig :: Key -> Macaroon -> Either ValidationError Macaroon
49verifySig k m = bool (Left SigMismatch) (Right m) $ 49verifySig k m = bool (Left SigMismatch) (Right m) $
50 signature m == foldl' hash (toBytes (hmac derivedKey (identifier m) :: HMAC SHA256)) (caveats m) 50 signature m == foldl' hash (toBytes (hmac derivedKey (identifier m) :: HMAC SHA256)) (caveats m)
diff --git a/test/Crypto/Macaroon/Instances.hs b/test/Crypto/Macaroon/Instances.hs
index 6955637..9c89857 100644
--- a/test/Crypto/Macaroon/Instances.hs
+++ b/test/Crypto/Macaroon/Instances.hs
@@ -11,9 +11,9 @@ This test suite is based on the pymacaroons test suite:
11-} 11-}
12module Crypto.Macaroon.Instances where 12module Crypto.Macaroon.Instances where
13 13
14import Control.Monad 14import Control.Monad
15import Data.Byteable 15import Data.Byteable
16import qualified Data.ByteString as BS 16import qualified Data.ByteString as BS
17import qualified Data.ByteString.Char8 as B8 17import qualified Data.ByteString.Char8 as B8
18import Data.Hex 18import Data.Hex
19import Data.List 19import Data.List
diff --git a/test/Crypto/Macaroon/Tests.hs b/test/Crypto/Macaroon/Tests.hs
index 25d77c8..c934cc1 100644
--- a/test/Crypto/Macaroon/Tests.hs
+++ b/test/Crypto/Macaroon/Tests.hs
@@ -12,7 +12,7 @@ This test suite is based on the pymacaroons test suite:
12module Crypto.Macaroon.Tests where 12module Crypto.Macaroon.Tests where
13 13
14import Data.Byteable 14import Data.Byteable
15import qualified Data.ByteString.Char8 as B8 15import qualified Data.ByteString.Char8 as B8
16import Data.Hex 16import Data.Hex
17import Test.Tasty 17import Test.Tasty
18import Test.Tasty.HUnit 18import Test.Tasty.HUnit
diff --git a/test/Sanity.hs b/test/Sanity.hs
index 8def3ca..635e627 100644
--- a/test/Sanity.hs
+++ b/test/Sanity.hs
@@ -1,17 +1,17 @@
1{-#LANGUAGE OverloadedStrings#-} 1{-# LANGUAGE OverloadedStrings #-}
2module Sanity where 2module Sanity where
3 3
4import Crypto.Hash 4import Crypto.Hash
5import Data.ByteString (ByteString) 5import Data.Byteable
6import qualified Data.ByteString as B 6import Data.ByteString (ByteString)
7import Data.Hex 7import qualified Data.ByteString as B
8import Data.Byteable 8import Data.Hex
9 9
10import Test.Tasty 10import Test.Tasty
11import Test.Tasty.HUnit 11import Test.Tasty.HUnit
12 12
13import qualified Crypto.Macaroon.Tests
14import qualified Crypto.Macaroon.Serializer.Base64.Tests 13import qualified Crypto.Macaroon.Serializer.Base64.Tests
14import qualified Crypto.Macaroon.Tests
15 15
16tests :: TestTree 16tests :: TestTree
17tests = testGroup "Python HMAC Sanity check" [ checkKey 17tests = testGroup "Python HMAC Sanity check" [ checkKey
@@ -44,18 +44,18 @@ mac4 :: ByteString
44mac4 = toBytes (hmac mac3 "email = alice@example.org" :: HMAC SHA256) 44mac4 = toBytes (hmac mac3 "email = alice@example.org" :: HMAC SHA256)
45 45
46 46
47checkKey = testCase "Truncated key" $ 47checkKey = testCase "Truncated key" $
48 key @?= "this is our super secret key; on" 48 key @?= "this is our super secret key; on"
49 49
50checkMac1 = testCase "HMAC key" $ 50checkMac1 = testCase "HMAC key" $
51 "C60B4B3540BB1B2F2EF28D1C895691CC4A5E07A38A9D3B1C3379FB485293372F" @=? hex mac1 51 "C60B4B3540BB1B2F2EF28D1C895691CC4A5E07A38A9D3B1C3379FB485293372F" @=? hex mac1
52 52
53checkMac2 = testCase "HMAC key account" $ 53checkMac2 = testCase "HMAC key account" $
54 "5C933DC9A7D036DFCD1740B4F26D737397A1FF635EAC900F3226973503CAAAA5" @=? hex mac2 54 "5C933DC9A7D036DFCD1740B4F26D737397A1FF635EAC900F3226973503CAAAA5" @=? hex mac2
55 55
56checkMac3 = testCase "HMAC key account time" $ 56checkMac3 = testCase "HMAC key account time" $
57 "7A559B20C8B607009EBCE138C200585E9D0DECA6D23B3EAD6C5E0BA6861D3858" @=? hex mac3 57 "7A559B20C8B607009EBCE138C200585E9D0DECA6D23B3EAD6C5E0BA6861D3858" @=? hex mac3
58 58
59checkMac4 = testCase "HMAC key account time email" $ 59checkMac4 = testCase "HMAC key account time email" $
60 "E42BBB02A9A5A303483CB6295C497AE51AD1D5CB10003CBE548D907E7E62F5E4" @=? hex mac4 60 "E42BBB02A9A5A303483CB6295C497AE51AD1D5CB10003CBE548D907E7E62F5E4" @=? hex mac4
61 61