Truncate output of hmac-sha256 correctly
This commit is contained in:
parent
c18a2b2652
commit
e7153b9c6a
|
@ -44,21 +44,24 @@
|
|||
#:read-syntax? #f
|
||||
#:decode-embedded embedded-not-allowed))
|
||||
|
||||
(define (signature key data)
|
||||
(subbytes (hmac-sha256 key data) 0 KEY_LENGTH))
|
||||
|
||||
(define (mint oid key)
|
||||
(SturdyRef oid '() (hmac-sha256 key (sturdy-encode oid))))
|
||||
(SturdyRef oid '() (signature key (sturdy-encode oid))))
|
||||
|
||||
(define (attenuate-sturdy r . attenuation)
|
||||
(match-define (SturdyRef oid caveatChain sig) r)
|
||||
(SturdyRef oid
|
||||
(append caveatChain (list attenuation))
|
||||
(hmac-sha256 sig (sturdy-encode (Attenuation->preserves attenuation)))))
|
||||
(signature sig (sturdy-encode (Attenuation->preserves attenuation)))))
|
||||
|
||||
(define (SturdyRef-valid? r key)
|
||||
(match-define (SturdyRef oid caveatChain actual-sig) r)
|
||||
(define expected-sig
|
||||
(for/fold [(sig (hmac-sha256 key (sturdy-encode oid)))]
|
||||
(for/fold [(sig (signature key (sturdy-encode oid)))]
|
||||
[(attenuation (in-list caveatChain))]
|
||||
(hmac-sha256 sig (sturdy-encode (Attenuation->preserves attenuation)))))
|
||||
(signature sig (sturdy-encode (Attenuation->preserves attenuation)))))
|
||||
(equal? expected-sig actual-sig))
|
||||
|
||||
(define (validate r key)
|
||||
|
|
Loading…
Reference in New Issue