2 files changed, 116 insertions, 0 deletions
diff --git a/src/Crypto/Macaroon/Binder.hs b/src/Crypto/Macaroon/Binder.hs
new file mode 100644
index 0000000..3ec3d67
--- /dev/null
+++ b/src/Crypto/Macaroon/Binder.hs
@@ -0,0 +1,28 @@
+{-|
+Module      : Crypto.Macaroon.Binder
+Copyright   : (c) 2015 Julien Tanguy
+License     : BSD3
+Maintainer  : julien.tanguy@jhome.fr
+Stability   : experimental
+Portability : portable
+-}
+module Crypto.Macaroon.Binder where
+import           Crypto.Hash
+import           Data.Byteable
+import qualified Data.ByteString          as BS
+import           Crypto.Macaroon.Internal
+-- | Datatype for binding discharging and authorizing macaroons together
+newtype Binder = Binder { bind :: Macaroon -> Macaroon -> BS.ByteString }
+-- | Binder which concatenates the two signatures and hashes them
+hashSigs :: Binder
+hashSigs = Binder $ \m m' -> toBytes $ (HMAC . hash $ BS.append (toBytes $ signature m') (toBytes $ signature m) :: HMAC SHA256)
diff --git a/src/Crypto/Macaroon/Internal.hs b/src/Crypto/Macaroon/Internal.hs
new file mode 100644
index 0000000..fc50486
--- /dev/null
+++ b/src/Crypto/Macaroon/Internal.hs
@@ -0,0 +1,88 @@
+{-# LANGUAGE OverloadedStrings #-}
+{-|
+Module      : Crypto.Macaroon.Internal
+Copyright   : (c) 2015 Julien Tanguy
+License     : BSD3
+Maintainer  : julien.tanguy@jhome.fr
+Stability   : experimental
+Portability : portable
+Internal representation of a macaroon
+-}
+module Crypto.Macaroon.Internal where
+import           Control.DeepSeq
+import           Crypto.Cipher.AES
+import           Crypto.Hash
+import           Data.Byteable
+import qualified Data.ByteString        as BS
+import qualified Data.ByteString.Base64 as B64
+import qualified Data.ByteString.Char8  as B8
+import           Data.Char
+import           Data.Hex
+import           Data.Serialize
+import           Data.Word
+-- |Type alias for Macaroons and Caveat keys and identifiers
+type Key = BS.ByteString
+-- |Type alias For Macaroons and Caveat locations
+type Location = BS.ByteString
+type Sig = BS.ByteString
+-- | Main structure of a macaroon
+data Macaroon = MkMacaroon { location   :: Location
+                           -- ^ Target location
+                           , identifier :: Key
+                           -- ^ Macaroon Identifier
+                           , caveats    :: [Caveat]
+                           -- ^ List of caveats
+                           , signature  :: Sig
+                           -- ^ Macaroon HMAC signature
+                           } deriving (Eq)
+instance NFData Macaroon where
+    rnf (MkMacaroon loc ident cavs sig) = rnf loc `seq` rnf ident `seq` rnf cavs `seq` rnf sig
+-- | Caveat structure
+data Caveat = MkCaveat { cid :: Key
+                       -- ^ Caveat identifier
+                       , vid :: Key
+                       -- ^ Caveat verification key identifier
+                       , cl  :: Location
+                       -- ^ Caveat target location
+                       } deriving (Eq)
+instance NFData Caveat where
+    rnf (MkCaveat cid vid cl) = rnf cid `seq` rnf vid `seq` rnf cl
+putPacket :: BS.ByteString -> BS.ByteString -> BS.ByteString
+putPacket key dat = BS.concat [
+    B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
+    , key
+    , " "
+    , dat
+    , "\n"
+    ]
+  where
+    size = 4 + 2 + BS.length key + BS.length dat
+addCaveat :: Location
+          -> Key
+          -> Key
+          -> Macaroon
+          -> Macaroon
+addCaveat loc cid vid m = m { caveats = cavs ++ [cav'], signature = sig}
+  where
+    cavs = caveats m
+    cav' = MkCaveat cid vid loc
+    sig = toBytes $ (hmac (signature m) (BS.append vid cid) :: HMAC SHA256)

diff --git a/src/Crypto/Macaroon/Binder.hs b/src/Crypto/Macaroon/Binder.hs new file mode 100644 index 0000000..3ec3d67 --- /dev/null +++ b/src/Crypto/Macaroon/Binder.hs
@@ -0,0 +1,28 @@
	1	{-\|
	2	Module : Crypto.Macaroon.Binder
	3	Copyright : (c) 2015 Julien Tanguy
	4	License : BSD3
	5
	6	Maintainer : julien.tanguy@jhome.fr
	7	Stability : experimental
	8	Portability : portable
	9
	10
	11
	12	-}
	13	module Crypto.Macaroon.Binder where
	14
	15	import Crypto.Hash
	16	import Data.Byteable
	17	import qualified Data.ByteString as BS
	18
	19	import Crypto.Macaroon.Internal
	20
	21	-- \| Datatype for binding discharging and authorizing macaroons together
	22	newtype Binder = Binder { bind :: Macaroon -> Macaroon -> BS.ByteString }
	23
	24
	25	-- \| Binder which concatenates the two signatures and hashes them
	26	hashSigs :: Binder
	27	hashSigs = Binder $ \m m' -> toBytes $ (HMAC . hash $ BS.append (toBytes $ signature m') (toBytes $ signature m) :: HMAC SHA256)
	28


diff --git a/src/Crypto/Macaroon/Internal.hs b/src/Crypto/Macaroon/Internal.hs new file mode 100644 index 0000000..fc50486 --- /dev/null +++ b/src/Crypto/Macaroon/Internal.hs
@@ -0,0 +1,88 @@
	1	{-# LANGUAGE OverloadedStrings #-}
	2	{-\|
	3	Module : Crypto.Macaroon.Internal
	4	Copyright : (c) 2015 Julien Tanguy
	5	License : BSD3
	6
	7	Maintainer : julien.tanguy@jhome.fr
	8	Stability : experimental
	9	Portability : portable
	10
	11
	12	Internal representation of a macaroon
	13	-}
	14	module Crypto.Macaroon.Internal where
	15
	16
	17	import Control.DeepSeq
	18	import Crypto.Cipher.AES
	19	import Crypto.Hash
	20	import Data.Byteable
	21	import qualified Data.ByteString as BS
	22	import qualified Data.ByteString.Base64 as B64
	23	import qualified Data.ByteString.Char8 as B8
	24	import Data.Char
	25	import Data.Hex
	26	import Data.Serialize
	27	import Data.Word
	28
	29	-- \|Type alias for Macaroons and Caveat keys and identifiers
	30	type Key = BS.ByteString
	31
	32	-- \|Type alias For Macaroons and Caveat locations
	33	type Location = BS.ByteString
	34
	35	type Sig = BS.ByteString
	36
	37	-- \| Main structure of a macaroon
	38	data Macaroon = MkMacaroon { location :: Location
	39	-- ^ Target location
	40	, identifier :: Key
	41	-- ^ Macaroon Identifier
	42	, caveats :: [Caveat]
	43	-- ^ List of caveats
	44	, signature :: Sig
	45	-- ^ Macaroon HMAC signature
	46	} deriving (Eq)
	47
	48
	49	instance NFData Macaroon where
	50	rnf (MkMacaroon loc ident cavs sig) = rnf loc `seq` rnf ident `seq` rnf cavs `seq` rnf sig
	51
	52
	53	-- \| Caveat structure
	54	data Caveat = MkCaveat { cid :: Key
	55	-- ^ Caveat identifier
	56	, vid :: Key
	57	-- ^ Caveat verification key identifier
	58	, cl :: Location
	59	-- ^ Caveat target location
	60
	61	} deriving (Eq)
	62
	63	instance NFData Caveat where
	64	rnf (MkCaveat cid vid cl) = rnf cid `seq` rnf vid `seq` rnf cl
	65
	66
	67	putPacket :: BS.ByteString -> BS.ByteString -> BS.ByteString
	68	putPacket key dat = BS.concat [
	69	B8.map toLower . hex . encode $ (fromIntegral size :: Word16)
	70	, key
	71	, " "
	72	, dat
	73	, "\n"
	74	]
	75	where
	76	size = 4 + 2 + BS.length key + BS.length dat
	77
	78	addCaveat :: Location
	79	-> Key
	80	-> Key
	81	-> Macaroon
	82	-> Macaroon
	83	addCaveat loc cid vid m = m { caveats = cavs ++ [cav'], signature = sig}
	84	where
	85	cavs = caveats m
	86	cav' = MkCaveat cid vid loc
	87	sig = toBytes $ (hmac (signature m) (BS.append vid cid) :: HMAC SHA256)
	88