48 lines
1.4 KiB
Nim
48 lines
1.4 KiB
Nim
# SPDX-FileCopyrightText: ☭ 2021 Emery Hemingway
|
|
# SPDX-License-Identifier: Unlicense
|
|
|
|
import preserves
|
|
import ./protocols/sturdy, ./private/hmacs
|
|
|
|
from ./actors import Ref
|
|
|
|
type SturdyRef* = sturdy.SturdyRef[Ref]
|
|
|
|
proc mint*(key: openarray[byte]; oid: Preserve[Ref]): SturdyRef =
|
|
SturdyRef(oid: oid, sig: hmacSha256(key, encode(oid), key.len))
|
|
|
|
proc mint*[T](key: openarray[byte]; oid: T): SturdyRef =
|
|
let oidPr = toPreserve(oid, Ref)
|
|
SturdyRef(oid: oidPr, sig: hmacSha256(key, encode(oidPr), key.len))
|
|
|
|
proc mint*(): SturdyRef {.deprecated.} =
|
|
## Mint a test capability for the use with the Syndicate server.
|
|
var key: array[16, byte]
|
|
mint(key, "syndicate")
|
|
|
|
proc attenuate*(r: SturdyRef; caveats: Attenuation): SturdyRef =
|
|
result = SturdyRef(
|
|
oid: r.oid,
|
|
caveatChain: r.caveatChain,
|
|
sig: hmacSha256(r.sig, caveats.encode))
|
|
result.caveatChain.add caveats
|
|
|
|
proc validate*(key: openarray[byte]; r: SturdyRef): bool =
|
|
var sig = hmacSha256(key, r.oid.encode, key.len)
|
|
for a in r.caveatChain:
|
|
sig = hmacSha256(sig, a.encode)
|
|
r.sig == sig
|
|
|
|
when isMainModule:
|
|
import unittest
|
|
import preserves/parse
|
|
test "sturdy":
|
|
var
|
|
key: array[16, byte]
|
|
oid = "syndicate".toPreserve
|
|
sRef = mint(key, oid)
|
|
control = parsePreserves"""<ref "syndicate" [] #[pkgN9TBmEd3Q04grVG4Zdw]>"""
|
|
check(sRef.toPreserve == control)
|
|
let aRef = attenuate(sRef, newSeq[Caveat]())
|
|
check validate(key, aRef)
|