fernet: Generates and verifies HMAC-based authentication tokens.
This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.
Warnings:
- No 'description' field.
Properties
| Versions | 0.1.0.0, 0.1.0.0 |
|---|---|
| Change log | ChangeLog.md |
| Dependencies | base (>=4.9 && <4.10), binary (>=0.8.3.0 && <0.10), byteable (>=0.1.1 && <0.2), bytestring (>=0.10.8 && <0.11), cryptonite (>=0.21 && <0.23), fernet, memory (>=0.14.1 && <0.15), optparse-applicative (>=0.12 && <0.15), time (>=1.6.0 && <1.7), unix (>=2.7.2.1 && <2.8) [details] |
| License | LGPL-3.0-only |
| Copyright | 2017 Rodney Lorrimar |
| Author | Rodney Lorrimar |
| Maintainer | dev@rodney.id.au |
| Category | Network |
| Home page | https://github.com/rvl/fernet-hs |
| Bug tracker | https://github.com/rvl/fernet/issues |
| Source repo | head: git clone https://github.com/rvl/fernet-hs |
| Uploaded | by rvl at 2017-03-21T01:57:17Z |
Modules
[Index]
- Network
Flags
Automatic Flags
| Name | Description | Default |
|---|---|---|
| cli | Build the example application | Enabled |
Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info
Downloads
- fernet-0.1.0.0.tar.gz [browse] (Cabal source package)
- Package description (as included in the package)
Maintainer's Corner
Package maintainers
For package maintainers and hackage trustees
Readme for fernet-0.1.0.0
[back to package description]Fernet Haskell Implementation
Fernet generates and verifies HMAC-based authentication tokens.
Originally designed for use within OpenStack clusters, it was intended to be fast and light-weight, with non-persistent tokens. Integrity and confidentiality of the token contents are implemented with HMAC SHA256 and AES128 CBC.
See the Fernet Spec for a little more information.
Usage
To encrypt a token:
>>> import Network.Fernet
>>> k <- generateKey
>>> keyToBase64 k
"JQAeL3iFN9wIW_hMKiIzA1EiG_EZNivnMPBOOJn2wZc="
>>> token <- encrypt k "secret text"
>>> print token
"gAAAAABY0H9kx7ihkcj6ZF_bQ73Lvc7aG-ZlEtjx24io-DQy5tCjLbq1JvVY27uAe6BuwG8css-4LDIywOJRyY_zetq7aLPPag=="
The resulting token can be distributed to clients. To check and decrypt the token, use the same key:
>>> decrypt k 60 token
Right "secret text"
Do read the Network.Fernet module documentation for further information.
Command-line tool
This package also includes a command-line tool for encrypting and decrypting tokens.
Fernet Utility
Usage: fernet (((-k|--key STRING) | --key-file FILENAME) ([-e|--encrypt] |
[-d|--decrypt]) [--ttl SECONDS] | (-g|--gen-key))
Encrypts/decrypts Fernet tokens. One token written to stdout for each line
read from stdin. Use --gen-key to make a key.
Available options:
-h,--help Show this help text
-k,--key STRING Base64-urlsafe-encoded 32 byte encryption key
--key-file FILENAME File containing the encryption key
-e,--encrypt Encryption mode (default: autodetect)
-d,--decrypt Decryption mode (default: autodetect)
--ttl SECONDS Token lifetime in seconds (default: 1 minute)
-g,--gen-key Generate a key from the password on standard input
Development
Building with Stack
stack build
Building with Nix
nix-shell -p cabal2nix --command "cabal2nix --shell . > default.nix"
nix-shell --command "cabal configure"
cabal build
Better & Cooler Stuff
You might also be interested in hsoz.