Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signature when Adding Third Party Caveats #57

Open
BigSamu opened this issue Dec 12, 2021 · 0 comments
Open

Signature when Adding Third Party Caveats #57

BigSamu opened this issue Dec 12, 2021 · 0 comments

Comments

@BigSamu
Copy link

BigSamu commented Dec 12, 2021
edited
Loading

Hi all,

Quick question. For this library, when adding third-party caveats, is it expected that the signatures obtained for two different macaroons with the same set of parameters be different? Playing with other libraries (such as macaroon.js) this behaviour does not happen. Is this OK? What is happening behind scenes?

Below, some code and outputs to clarify my question:

I) USING PYMACROONS LIBRARY

CODE:

from pymacaroons import Macaroon, Verifier

m_1 = Macaroon(
        location='www.sp1.com',
        key='a-very-secret-key-for-pictures',
        identifier='key-for-pictures' ) \
    .add_first_party_caveat('picture_id = bobs_cool_cat.jpg') \
    .add_third_party_caveat(
        location='www.isp.com',
        key_id='key-for-bob',
        key='a-very-secret-key-for-bob-from-third-party'
    )

m_2 = Macaroon(
        location='www.sp1.com',
        identifier='key-for-pictures',
        key='a-very-secret-key-for-pictures') \
    .add_first_party_caveat('picture_id = bobs_cool_cat.jpg') \
    .add_third_party_caveat(
        location='www.isp.com',
        key_id='key-for-bob',
        key='a-very-secret-key-for-bob-from-third-party'
    )

print("")
print("-"*50)
print("INSPECTING MACAROON #1")
print("-"*50)
print(m_1.inspect())

print("")

print("-"*50)
print("INSPECTING MACAROON #2")
print("-"*50)
print(m_2.inspect())
print("")

OUTPUT:

INSPECTING MACAROON #1

location www.sp1.com
identifier key-for-pictures
cid picture_id = bobs_cool_cat.jpg
cid key-for-bob
vid SmsvdG/Unb7GH8C1L1pnLV+oc9jFtHaMwvRL0QKVS/YsCN5qGz3ScxXYn+DIsuAgUobjoDjApsVq2n/QbWn6vjrn62LlACUq
cl www.isp.com
signature 40f9bc2ee47df38326dbebebe3bf5b53158aba16bb6d76bb71db66d6ec6ad26e

INSPECTING MACAROON #2

location www.sp1.com
identifier key-for-pictures
cid picture_id = bobs_cool_cat.jpg
cid key-for-bob
vid 7hrq9P8Z23m/BzSjSl+lb5UJ4aTvQ3PgxnZLnr5ni8xOpfBAeyphLp6LCh9Y1k+1xvplgHBpanO2jLbvPVoF8PmdrcYlgd89
cl www.isp.com
signature 121e619d379dd44363c2cc433a1c66b7192f20446e333b9d8c0db6af4f831c78

I) USING MACAROONS>JS LIBRARY

CODE:

var MacaroonsBuilder = require('macaroons.js').MacaroonsBuilder;
var MacaroonsVerifier = require('macaroons.js').MacaroonsVerifier;
var TimestampCaveatVerifier = require('macaroons.js').verifier.TimestampCaveatVerifier;

var SectionDelimiter = "-"
var SectionDelimiterTimes = 50

var m_1 = new MacaroonsBuilder(
   location='www.sp1.com',
   secretKey='a-very-secret-key-for-pictures',
   identifier='key-for-pictures')
 .add_first_party_caveat('picture_id = bobs_cool_cat.jpg')
 .add_third_party_caveat(
    location = 'www.isp.com',
    secretKey = 'a-very-secret-key-for-bob-from-third-party',
    identifier = 'key-for-bob')
 .getMacaroon();

 var m_2 = new MacaroonsBuilder(
   location='www.sp1.com',
   secretKey='a-very-secret-key-for-pictures',
   identifier='key-for-pictures',
)
 .add_first_party_caveat('picture_id = bobs_cool_cat.jpg')
 .add_third_party_caveat(
    'www.isp.com',
    'key-for-bob', 
    'a-very-secret-key-for-bob-from-third-party')
 .getMacaroon();

console.log("")
console.log(SectionDelimiter.repeat(SectionDelimiterTimes))
console.log("INSPECTING MACAROON #1")
console.log(SectionDelimiter.repeat(SectionDelimiterTimes))
console.log(m_1.inspect());

console.log(SectionDelimiter.repeat(SectionDelimiterTimes))
console.log("INSPECTING MACAROON #1")
console.log(SectionDelimiter.repeat(SectionDelimiterTimes))
console.log(m_2.inspect());
console.log("")

OUTPUT:

INSPECTING MACAROON #1

location www.sp1.com
identifier key-for-pictures
cid picture_id = bobs_cool_cat.jpg
cid key-for-bob
vid AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwV0PBpdryuvEamzlkov4xnYHwn_D5Kytrhvf2nyMwK1GCE3H2B8dbmpu0fdWWGB
cl www.isp.com
signature b6f4f6dd2b4892265df1eeddd5b68b0c7c2ac9a2f170a3a162e219df38dd21e9

INSPECTING MACAROON #1

location www.sp1.com
identifier key-for-pictures
cid picture_id = bobs_cool_cat.jpg
cid a-very-secret-key-for-bob-from-third-party
vid AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFsqO8vpN5A3k3mGMuKwKEGaoyf_Q2ejKWntTJJjc6wfUO8A5ta4hq5gnOaS0Avo
cl www.isp.com
signature 2cd276da544fdceef48723a9fabfe2d55dd824186aec43664d61c8c97ea971ba
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BigSamu