{-# Language OverloadedStrings #-}
module Client.Authentication.Ecdsa
( authenticationMode
, encodeUsername
, computeResponse
) where
import Client.Configuration (resolveConfigurationPath)
import Control.Exception (displayException, try)
import Data.ByteString.Base64 as Enc
import Data.Text (Text)
import qualified Data.Text as Text
import qualified Data.Text.Encoding as Text
import System.IO.Error (IOError)
import System.Process (readProcess)
authenticationMode :: Text
authenticationMode = "ECDSA-NIST256P-CHALLENGE"
encodeUsername ::
Text ->
Text
encodeUsername = Text.decodeUtf8 . Enc.encode . Text.encodeUtf8
computeResponse ::
FilePath ->
Text ->
IO (Either String Text)
computeResponse privateKeyFile challenge =
do path <- resolveConfigurationPath privateKeyFile
res <- try $ readProcess
"ecdsatool"
["sign", path, Text.unpack challenge]
""
return $! case words <$> res of
Right [resp] -> Right $! Text.pack resp
Right _ -> Left "bad sasl ecdsa response message"
Left e -> Left (displayException (e :: IOError))