broke out Verifiable to a utility library, and added a quickcheck test
This commit is contained in:
Joey Hess
parent
c12caf0a4e
commit
92df8250fa
3 changed files with 58 additions and 36 deletions
|
|
@ -8,13 +8,26 @@
|
|||
module Assistant.Pairing where
|
||||
|
||||
import Assistant.Common
|
||||
import Utility.Verifiable
|
||||
|
||||
import Network.Socket (HostName)
|
||||
|
||||
type SshPubKey = String
|
||||
type HMACDigest = String
|
||||
type UserName = String
|
||||
type Secret = String
|
||||
{- Messages sent in pairing are all verifiable using a secret that
|
||||
- should be shared between the systems being paired. -}
|
||||
type PairMsg = Verifiable (PairStage, HostInfo, SshPubKey)
|
||||
|
||||
mkPairMsg :: Secret -> PairStage -> HostInfo -> SshPubKey -> PairMsg
|
||||
mkPairMsg secret pairstage hostinfo sshkey = mkVerifiable
|
||||
(pairstage, hostinfo, sshkey) secret
|
||||
|
||||
data PairStage
|
||||
{- "I'd like to pair with somebody who knows a secret.
|
||||
- Here's my ssh key, and hostinfo." -}
|
||||
= PairRequest
|
||||
{- "I've checked your PairRequest, and like it; I set up
|
||||
- your ssh key already. Here's mine." -}
|
||||
| PairAck
|
||||
deriving (Eq, Read, Show)
|
||||
|
||||
data HostInfo = HostInfo
|
||||
{ hostName :: HostName
|
||||
|
|
@ -22,35 +35,5 @@ data HostInfo = HostInfo
|
|||
}
|
||||
deriving (Eq, Read, Show)
|
||||
|
||||
data PairStage
|
||||
{- "I'd like to pair with somebody who knows a secret.
|
||||
- Here's my ssh key, and hostinfo, both verifiable with
|
||||
- our shared secret." -}
|
||||
= PairRequest
|
||||
{- "I've checked your PairRequest, and like it; I set up
|
||||
- your ssh key already. Here's mine, also verified, please set it
|
||||
- up too, and start syncing!" -}
|
||||
| PairAck
|
||||
deriving (Eq, Read, Show)
|
||||
|
||||
type PairMsg = Verifiable (PairStage, HostInfo, SshPubKey)
|
||||
|
||||
mkPairMsg :: Secret -> PairStage -> HostInfo -> SshPubKey -> PairMsg
|
||||
mkPairMsg secret pairstage hostinfo sshkey = mkVerifiable
|
||||
(pairstage, hostinfo, sshkey) secret
|
||||
|
||||
{- A value, verifiable using a HMAC digest to encrypt using a shared secret. -}
|
||||
data Verifiable a = Verifiable
|
||||
{ val :: a
|
||||
, digest :: HMACDigest
|
||||
}
|
||||
deriving (Eq, Read, Show)
|
||||
|
||||
mkVerifiable :: Show a => a -> Secret -> Verifiable a
|
||||
mkVerifiable a secret = Verifiable a (calcDigest (show a) secret)
|
||||
|
||||
verified :: (Eq a, Show a) => Verifiable a -> Secret -> Bool
|
||||
verified v secret = v == mkVerifiable (val v) secret
|
||||
|
||||
calcDigest :: String -> Secret -> HMACDigest
|
||||
calcDigest = undefined -- TODO
|
||||
type SshPubKey = String
|
||||
type UserName = String
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue