syndicate-nim/src/syndicate/capabilities.nim

# SPDX-FileCopyrightText: ☭ 2021 Emery Hemingway
# SPDX-License-Identifier: Unlicense

import preserves
import ./protocols/sturdy, ./private/hmacs

from ./actors import Ref

type SturdyRef* = sturdy.SturdyRef[Ref]

proc mint*(key: openarray[byte]; oid: Preserve[Ref]): SturdyRef =
  SturdyRef(oid: oid, sig: hmacSha256(key, encode(oid), key.len))

proc mint*[T](key: openarray[byte]; oid: T): SturdyRef =
  let oidPr = toPreserve(oid, Ref)
  SturdyRef(oid: oidPr, sig: hmacSha256(key, encode(oidPr), key.len))

proc attenuate*(r: SturdyRef; caveats: Attenuation): SturdyRef =
  result = SturdyRef(
    oid: r.oid,
    caveatChain: r.caveatChain,
    sig: hmacSha256(r.sig, caveats.encode))
  result.caveatChain.add caveats

proc validate*(key: openarray[byte]; r: SturdyRef): bool =
  var sig = hmacSha256(key, r.oid.encode, key.len)
  for a in r.caveatChain:
    sig = hmacSha256(sig, a.encode)
  r.sig == sig

when isMainModule:
  import unittest
  import preserves/parse
  test "sturdy":
    var
      key: array[16, byte]
      oid = "syndicate".toPreserve
      sRef = mint(key, oid)
      control = parsePreserves"""<ref "syndicate" [] #[pkgN9TBmEd3Q04grVG4Zdw]>"""
    check(sRef.toPreserve == control)
    let aRef = attenuate(sRef, newSeq[Caveat]())
    check validate(key, aRef)
Update Preserves submodule 2021-09-21 14:39:15 +00:00			`# SPDX-FileCopyrightText: ☭ 2021 Emery Hemingway`
			`# SPDX-License-Identifier: Unlicense`

			`import preserves`
Rename sturdy module to capabilities 2021-10-27 16:54:20 +00:00			`import ./protocols/sturdy, ./private/hmacs`
WiP! SturdyRef 2021-09-07 10:01:42 +00:00
Rename sturdy module to capabilities 2021-10-27 16:54:20 +00:00			`from ./actors import Ref`

			`type SturdyRef* = sturdy.SturdyRef[Ref]`

			`proc mint*(key: openarray[byte]; oid: Preserve[Ref]): SturdyRef =`
WiP! SturdyRef 2021-09-07 10:01:42 +00:00			`SturdyRef(oid: oid, sig: hmacSha256(key, encode(oid), key.len))`

Rename sturdy module to capabilities 2021-10-27 16:54:20 +00:00			`proc mint*[T](key: openarray[byte]; oid: T): SturdyRef =`
			`let oidPr = toPreserve(oid, Ref)`
			`SturdyRef(oid: oidPr, sig: hmacSha256(key, encode(oidPr), key.len))`

WiP! SturdyRef 2021-09-07 10:01:42 +00:00			`proc attenuate*(r: SturdyRef; caveats: Attenuation): SturdyRef =`
			`result = SturdyRef(`
			`oid: r.oid,`
			`caveatChain: r.caveatChain,`
			`sig: hmacSha256(r.sig, caveats.encode))`
			`result.caveatChain.add caveats`

			`proc validate*(key: openarray[byte]; r: SturdyRef): bool =`
			`var sig = hmacSha256(key, r.oid.encode, key.len)`
			`for a in r.caveatChain:`
			`sig = hmacSha256(sig, a.encode)`
			`r.sig == sig`

			`when isMainModule:`
			`import unittest`
Update Preserves submodule 2021-09-21 14:39:15 +00:00			`import preserves/parse`
			`test "sturdy":`
WiP! SturdyRef 2021-09-07 10:01:42 +00:00			`var`
			`key: array[16, byte]`
Update Preserves submodule 2021-09-21 14:39:15 +00:00			`oid = "syndicate".toPreserve`
WiP! SturdyRef 2021-09-07 10:01:42 +00:00			`sRef = mint(key, oid)`
			`control = parsePreserves"""<ref "syndicate" [] #[pkgN9TBmEd3Q04grVG4Zdw]>"""`
			`check(sRef.toPreserve == control)`
			`let aRef = attenuate(sRef, newSeq[Caveat]())`
			`check validate(key, aRef)`