servant-hmac-auth alternatives and similar packages
Based on the "Cryptography" category.
Alternatively, view servant-hmac-auth alternatives based on common mentions on social networks and blogs.
-
cryptonite
lowlevel set of cryptographic primitives for haskell -
merkle-tree
An implementation of a Merkle Tree and merkle tree proofs -
saltine
Cryptography that's easy to digest (NaCl/libsodium bindings) -
pedersen-commitment
An implementation of Pedersen commitment schemes -
arithmetic-circuits
Arithmetic circuits for zero knowledge proof systems -
galois-field
Finite field and algebraic extension field arithmetic -
oblivious-transfer
Oblivious transfer for multiparty computation -
cryptohash
efficient and practical cryptohashing in haskell. DEPRECATED in favor of cryptonite -
elliptic-curve
A polymorphic interface for elliptic curve operations -
crypto-api
Haskell generic interface (type classes) for cryptographic algorithms -
cipher-blowfish
DEPRECATED by cryptonite; A collection of cryptographic block and stream ciphers in haskell -
ed25519
Minimal ed25519 Haskell package, binding to the ref10 SUPERCOP implementation. -
cipher-aes
DEPRECATED - use cryptonite - a comprehensive fast AES implementation for haskell that supports aesni and advanced cryptographic modes. -
signable
Deterministic serialisation and signatures with proto-lens and protobuf-elixir support -
skein
Skein, a family of cryptographic hash functions. Includes Skein-MAC as well. -
qnap-decrypt
Decrypt files encrypted by the QNAP's Hybrid Backup Sync -
galois-fft
Finite field polynomial arithmetic based on fast Fourier transforms -
cryptohash-sha256
Fast, pure and practical SHA-256 implementation -
cryptohash-md5
Fast, pure and practical MD5 implementation -
crypto-pubkey-types
Crypto Public Key algorithm generic types. -
crypto-pubkey-openssh
OpenSSH keys decoder/encoder -
crypto-pubkey
DEPRECATED - use cryptonite - Cryptographic public key related algorithms in haskell (RSA,DSA,DH,ElGamal) -
cipher-aes128
Based on cipher-aes, but using a crypto-api interface and providing resulting IVs for each mode -
scrypt
Haskell bindings to Colin Percival's scrypt implementation. -
cprng-aes
Crypto Pseudo Random Number Generator using AES in counter mode -
pureMD5
A reasonably performing MD5 implementation in pure Haskell -
crypto-enigma
A Haskell Enigma machine simulator with rich display and machine state details. -
crypto-numbers
DEPRECATED - use cryptonite - Cryptographic number related function and algorithms
Static code analysis for 29 languages.
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of servant-hmac-auth or a related project?
README
servant-hmac-auth
Servant authentication with HMAC
Example
In this section, we will introduce the client-server example. To run it locally you can:
$ cabal new-build
$ cabal new-exec readme
So,it will run this on your machine.
Setting up
Since this tutorial is written using Literate Haskell, first, let's write all necessary pragmas and imports.
{-# LANGUAGE DataKinds #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE TypeApplications #-}
{-# LANGUAGE TypeOperators #-}
import Control.Concurrent (forkIO, threadDelay)
import Data.Aeson (FromJSON, ToJSON)
import Data.Proxy (Proxy (..))
import GHC.Generics (Generic)
import Network.HTTP.Client (defaultManagerSettings, newManager)
import Network.Wai.Handler.Warp (run)
import Servant.API ((:>), Get, JSON)
import Servant.Client (BaseUrl (..), Scheme (..), ClientError, mkClientEnv)
import Servant.Server (Application, Server, serveWithContext)
import Servant.Auth.Hmac (HmacAuth, HmacClientM, SecretKey (..), defaultHmacSettings,
hmacAuthServerContext, hmacClient, runHmacClient, signSHA256)
Server
Let's define our TheAnswer
data type with the necessary instances for it.
newtype TheAnswer = TheAnswer Int
deriving (Show, Generic, FromJSON, ToJSON)
getTheAnswer :: TheAnswer
getTheAnswer = TheAnswer 42
Now, let's introduce a very simple protected endpoint. The value of TheAnswer
data type will be the value that our API endpoint returns. It our case we want
it to return the number 42
for all signed requests.
type TheAnswerToEverythingUnprotectedAPI = "answer" :> Get '[JSON] TheAnswer
type TheAnswerToEverythingAPI = HmacAuth :> TheAnswerToEverythingUnprotectedAPI
As you can see this endpoint is protected by HmacAuth
.
And now our server:
server42 :: Server TheAnswerToEverythingAPI
server42 = \_ -> pure getTheAnswer
Now we can turn server
into an actual webserver:
topSecret :: SecretKey
topSecret = SecretKey "top-secret"
app42 :: Application
app42 = serveWithContext
(Proxy @TheAnswerToEverythingAPI)
(hmacAuthServerContext signSHA256 topSecret)
server42
Client
Now let's implement client that queries our server and signs every request automatically.
client42 :: HmacClientM TheAnswer
client42 = hmacClient @TheAnswerToEverythingUnprotectedAPI
Now we need to write function that runs our client:
runClient :: SecretKey -> HmacClientM a -> IO (Either ClientError a)
runClient sk client = do
manager <- newManager defaultManagerSettings
let env = mkClientEnv manager $ BaseUrl Http "localhost" 8080 ""
runHmacClient (defaultHmacSettings sk) env client
Main
And we're able to run our server in separate thread and perform two quiries:
- Properly signed
- Signed with different key
main :: IO ()
main = do
_ <- forkIO $ run 8080 app42
print =<< runClient topSecret client42
print =<< runClient (SecretKey "wrong!") client42
threadDelay $ 10 ^ (6 :: Int)
*Note that all licence references and agreements mentioned in the servant-hmac-auth README section above
are relevant to that project's source code only.