Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release 0.4.0.0 #93

Merged
merged 3 commits into from
Jul 31, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions biscuit-servant/ChangeLog.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# Changelog for biscuit-servant

## 0.4.0.0

- use biscuit-haskell 0.4.0.0

## 0.3.0.1

- use biscuit-haskell 0.3.0.1
Expand Down
4 changes: 2 additions & 2 deletions biscuit-servant/biscuit-servant.cabal
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
cabal-version: 2.0

name: biscuit-servant
version: 0.3.0.1
version: 0.4.0.0
category: Security
synopsis: Servant support for the Biscuit security token
description: Please see the README on GitHub at <https://github.com/biscuit-auth/biscuit-haskell#readme>
Expand Down Expand Up @@ -34,7 +34,7 @@ library
ghc-options: -Wall
build-depends:
base >= 4.7 && <5,
biscuit-haskell >= 0.3 && < 0.4,
biscuit-haskell >= 0.4 && < 0.5,
bytestring >= 0.10 && <0.12,
mtl >= 2.2 && < 2.4,
text >= 1.2 && <3,
Expand Down
6 changes: 6 additions & 0 deletions biscuit/ChangeLog.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Changelog for biscuit-haskell

## 0.4.0.0

- abort authorization on evaluation error as mandated by the spec
- use utf8 byte count in `{string}.length()` as mandated by the spec
- fix security issue with third-party blocks public key interning, see [advisory](https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-rgqv-mwc3-c78m)

## 0.3.0.1

- GHC 9.6 and 9.8 support
Expand Down
2 changes: 1 addition & 1 deletion biscuit/biscuit-haskell.cabal
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
cabal-version: 2.0

name: biscuit-haskell
version: 0.3.0.1
version: 0.4.0.0
category: Security
synopsis: Library support for the Biscuit security token
description: Please see the README on GitHub at <https://github.com/biscuit-auth/biscuit-haskell#readme>
Expand Down
84 changes: 46 additions & 38 deletions biscuit/src/Auth/Biscuit/ProtoBufAdapter.hs
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{-# LANGUAGE DataKinds #-}
{-# LANGUAGE LambdaCase #-}
{-# LANGUAGE MultiWayIf #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
Expand All @@ -25,13 +26,12 @@ module Auth.Biscuit.ProtoBufAdapter
, thirdPartyBlockContentsToPb
) where

import Control.Monad (when)
import Control.Monad (unless, when)
import Control.Monad.State (StateT, get, lift, modify)
import Data.Bitraversable (bisequence)
import Data.ByteString (ByteString)
import Data.Int (Int64)
import qualified Data.List.NonEmpty as NE
import Data.Maybe (isNothing)
import Data.Maybe (isJust, isNothing)
import qualified Data.Set as Set
import qualified Data.Text as T
import Data.Time (UTCTime)
Expand Down Expand Up @@ -110,17 +110,17 @@ pbToBlock ePk PB.Block{..} = do
-- but use the global public keys table:
-- symbols defined in 3rd party blocks are not visible
-- to following blocks, but public keys are
when (isNothing ePk) $ modify (registerNewSymbols blockSymbols)
modify (registerNewPublicKeys $ foldMap pure ePk <> blockPks)
when (isNothing ePk) $ do
modify (registerNewSymbols blockSymbols)
modify (registerNewPublicKeys blockPks)
currentSymbols <- get

let symbolsForCurrentBlock =
-- third party blocks use an isolated symbol table,
-- but use the global public keys table.
-- third party blocks use an isolated symbol and public keys table,
-- 3rd party blocks don't see previously defined
-- symbols, but see previously defined public keys
-- symbols or public keys
if isNothing ePk then currentSymbols
else registerNewSymbols blockSymbols $ forgetSymbols currentSymbols
else registerNewPublicKeys blockPks $ registerNewSymbols blockSymbols newSymbolTable
let bContext = PB.getField context
bVersion = PB.getField version
lift $ do
Expand All @@ -129,32 +129,41 @@ pbToBlock ePk PB.Block{..} = do
bRules <- traverse (pbToRule s) $ PB.getField rules_v2
bChecks <- traverse (pbToCheck s) $ PB.getField checks_v2
bScope <- Set.fromList <$> traverse (pbToScope s) (PB.getField scope)
let isV3 = isNothing ePk
&& Set.null bScope
&& all ruleHasNoScope bRules
&& all (queryHasNoScope . cQueries) bChecks
&& all isCheckOne bChecks
&& all ruleHasNoV4Operators bRules
&& all (queryHasNoV4Operators . cQueries) bChecks
case (bVersion, isV3) of
(Just 4, _) -> pure Block {..}
(Just 3, True) -> pure Block {..}
(Just 3, False) ->
Left "Biscuit v4 fields are present, but the block version is 3."
let v5Plus = isJust ePk
v4Plus = not $ and
[ Set.null bScope
, all ruleHasNoScope bRules
, all (queryHasNoScope . cQueries) bChecks
, all isCheckOne bChecks
, all ruleHasNoV4Operators bRules
, all (queryHasNoV4Operators . cQueries) bChecks
]
case (bVersion, v4Plus, v5Plus) of
(Just 5, _, _) -> pure Block {..}
(Just 4, _, False) -> pure Block {..}
(Just 4, _, True) ->
Left "Biscuit v5 features are present, but the block version is 4."
(Just 3, False, False) -> pure Block {..}
(Just 3, True, False) ->
Left "Biscuit v4 features are present, but the block version is 3."
(Just 3, _, True) ->
Left "Biscuit v5 features are present, but the block version is 3."
_ ->
Left $ "Unsupported biscuit version: " <> maybe "0" show bVersion <> ". Only versions 3 and 4 are supported"

-- | Turn a biscuit block into a protobuf block, for serialization,
-- along with the newly defined symbols
blockToPb :: Bool -> Symbols -> Block -> (BlockSymbols, PB.Block)
blockToPb hasExternalPk existingSymbols b@Block{..} =
let isV3 = not hasExternalPk
&& Set.null bScope
&& all ruleHasNoScope bRules
&& all (queryHasNoScope . cQueries) bChecks
&& all isCheckOne bChecks
&& all ruleHasNoV4Operators bRules
&& all (queryHasNoV4Operators . cQueries) bChecks
let v4Plus = not $ and
[Set.null bScope
, all ruleHasNoScope bRules
, all (queryHasNoScope . cQueries) bChecks
, all isCheckOne bChecks
, all ruleHasNoV4Operators bRules
, all (queryHasNoV4Operators . cQueries) bChecks
]
v5Plus = hasExternalPk
bSymbols = buildSymbolTable existingSymbols b
s = reverseSymbols $ addFromBlock existingSymbols bSymbols
symbols = PB.putField $ getSymbolList bSymbols
Expand All @@ -164,8 +173,9 @@ blockToPb hasExternalPk existingSymbols b@Block{..} =
checks_v2 = PB.putField $ checkToPb s <$> bChecks
scope = PB.putField $ scopeToPb s <$> Set.toList bScope
pksTable = PB.putField $ publicKeyToPb <$> getPkList bSymbols
version = PB.putField $ if isV3 then Just 3
else Just 4
version = PB.putField $ if | v5Plus -> Just 5
| v4Plus -> Just 4
| otherwise -> Just 3
in (bSymbols, PB.Block {..})

pbToFact :: Symbols -> PB.FactV2 -> Either String Fact
Expand Down Expand Up @@ -415,17 +425,15 @@ binaryToPb = PB.OpBinary . PB.putField . \case
BitwiseXor -> PB.BitwiseXor
NotEqual -> PB.NotEqual

pbToThirdPartyBlockRequest :: PB.ThirdPartyBlockRequest -> Either String (Crypto.PublicKey, [Crypto.PublicKey])
pbToThirdPartyBlockRequest :: PB.ThirdPartyBlockRequest -> Either String Crypto.PublicKey
pbToThirdPartyBlockRequest PB.ThirdPartyBlockRequest{previousPk, pkTable} = do
bisequence
( pbToPublicKey $ PB.getField previousPk
, traverse pbToPublicKey $ PB.getField pkTable
)
unless (null $ PB.getField pkTable) $ Left "Public key table provided in third-party block request"
pbToPublicKey $ PB.getField previousPk

thirdPartyBlockRequestToPb :: (Crypto.PublicKey, [Crypto.PublicKey]) -> PB.ThirdPartyBlockRequest
thirdPartyBlockRequestToPb (previousPk, pkTable) = PB.ThirdPartyBlockRequest
thirdPartyBlockRequestToPb :: Crypto.PublicKey -> PB.ThirdPartyBlockRequest
thirdPartyBlockRequestToPb previousPk = PB.ThirdPartyBlockRequest
{ previousPk = PB.putField $ publicKeyToPb previousPk
, pkTable = PB.putField $ publicKeyToPb <$> pkTable
, pkTable = PB.putField []
}

pbToThirdPartyBlockContents :: PB.ThirdPartyBlockContents -> Either String (ByteString, Crypto.Signature, Crypto.PublicKey)
Expand Down
4 changes: 0 additions & 4 deletions biscuit/src/Auth/Biscuit/Symbols.hs
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ module Auth.Biscuit.Symbols
, addFromBlock
, registerNewSymbols
, registerNewPublicKeys
, forgetSymbols
, reverseSymbols
, getSymbolList
, getPkList
Expand Down Expand Up @@ -139,9 +138,6 @@ registerNewPublicKeys newPks s@Symbols{publicKeys} =
let newPkMap = Map.fromList $ zip [getNextPublicKeyOffset s..] (newPks \\ elems publicKeys)
in s { publicKeys = publicKeys <> newPkMap }

forgetSymbols :: Symbols -> Symbols
forgetSymbols s = s { symbols = commonSymbols }

-- | Reverse a symbol table
reverseSymbols :: Symbols -> ReverseSymbols
reverseSymbols (Symbols sm pkm) =
Expand Down
19 changes: 7 additions & 12 deletions biscuit/src/Auth/Biscuit/Token.hs
Original file line number Diff line number Diff line change
Expand Up @@ -306,26 +306,21 @@ addSignedBlock :: SecretKey
-> Biscuit Open check
-> IO (Biscuit Open check)
addSignedBlock eSk block b@Biscuit{..} = do
let symbolsForCurrentBlock = forgetSymbols $ registerNewPublicKeys [toPublic eSk] symbols
(newSymbols, blockSerialized) = PB.encodeBlock <$> blockToPb True symbolsForCurrentBlock block
let (_, blockSerialized) = PB.encodeBlock <$> blockToPb True newSymbolTable block
lastBlock = NE.last (authority :| blocks)
(_, _, lastPublicKey, _) = lastBlock
Open p = proof
(signedBlock, nextSk) <- signExternalBlock p eSk lastPublicKey blockSerialized
pure $ b { blocks = blocks <> [toParsedSignedBlock block signedBlock]
, symbols = registerNewPublicKeys (getPkList newSymbols) symbols
, proof = Open nextSk
}

mkThirdPartyBlock' :: SecretKey
-> [PublicKey]
-> PublicKey
-> Block
-> (ByteString, Signature, PublicKey)
mkThirdPartyBlock' eSk pkTable lastPublicKey block =
let symbolsForCurrentBlock = registerNewPublicKeys [toPublic eSk] $
registerNewPublicKeys pkTable newSymbolTable
(_, payload) = PB.encodeBlock <$> blockToPb True symbolsForCurrentBlock block
mkThirdPartyBlock' eSk lastPublicKey block =
let (_, payload) = PB.encodeBlock <$> blockToPb True newSymbolTable block
(eSig, ePk) = sign3rdPartyBlock eSk lastPublicKey payload
in (payload, eSig, ePk)

Expand All @@ -336,17 +331,17 @@ mkThirdPartyBlock :: SecretKey
-> Block
-> Either String ByteString
mkThirdPartyBlock eSk req block = do
(previousPk, pkTable) <- pbToThirdPartyBlockRequest =<< PB.decodeThirdPartyBlockRequest req
pure $ PB.encodeThirdPartyBlockContents . thirdPartyBlockContentsToPb $ mkThirdPartyBlock' eSk pkTable previousPk block
previousPk<- pbToThirdPartyBlockRequest =<< PB.decodeThirdPartyBlockRequest req
pure $ PB.encodeThirdPartyBlockContents . thirdPartyBlockContentsToPb $ mkThirdPartyBlock' eSk previousPk block

-- | Generate a third-party block request. It can be used in
-- conjunction with 'mkThirdPartyBlock' to generate a
-- third-party block, which can be then appended to a token with
-- 'applyThirdPartyBlock'.
mkThirdPartyBlockReq :: Biscuit proof check -> ByteString
mkThirdPartyBlockReq Biscuit{authority,blocks,symbols} =
mkThirdPartyBlockReq Biscuit{authority,blocks} =
let (_, _ , lastPk, _) = NE.last $ authority :| blocks
in PB.encodeThirdPartyBlockRequest $ thirdPartyBlockRequestToPb (lastPk, getPkTable symbols)
in PB.encodeThirdPartyBlockRequest $ thirdPartyBlockRequestToPb lastPk

-- | Given a base64-encoded third-party block, append it to a token.
applyThirdPartyBlock :: Biscuit Open check -> ByteString -> Either String (IO (Biscuit Open check))
Expand Down
18 changes: 9 additions & 9 deletions biscuit/test/samples/current/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -1841,7 +1841,7 @@ allow if true;

revocation ids:
- `470e4bf7aa2a01ab39c98150bd06aa15b4aa5d86509044a8809a8634cd8cf2b42269a51a774b65d10bac9369d013070b00187925196a8e680108473f11cf8f03`
- `93a7315ab1272da9eeef015f6fecbc9ac96fe4660e6204bf64ea2105ebe309e9c9cadc0a26c5604f13910fae3f2cd0800756afb6b6b208bf77adeb1ab2f42405`
- `342167bc54bc642b6718a276875e55b6d39e9b21e4ce13b926a3d398b6c057fc436385bf4c817a16f9ecdf0b0d950e8b8258a20aeb3fd8896c5e9c1f0a53da03`

authorizer world:
```
Expand Down Expand Up @@ -2041,7 +2041,7 @@ check if true trusting previous, ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755
1:
symbols: []

public keys: ["ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463"]
public keys: ["ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463", "ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"]

external signature by: "ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"

Expand All @@ -2055,7 +2055,7 @@ check if query(1) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5
2:
symbols: []

public keys: []
public keys: ["ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463", "ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"]

external signature by: "ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463"

Expand All @@ -2068,7 +2068,7 @@ check if query(1) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5
3:
symbols: []

public keys: []
public keys: ["ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463", "ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"]

external signature by: "ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463"

Expand All @@ -2081,7 +2081,7 @@ check if query(1) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5
4:
symbols: []

public keys: ["ed25519/f98da8c1cf907856431bfc3dc87531e0eaadba90f919edc232405b85877ef136"]
public keys: ["ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463", "ed25519/f98da8c1cf907856431bfc3dc87531e0eaadba90f919edc232405b85877ef136"]

```
query(4);
Expand All @@ -2103,10 +2103,10 @@ allow if true;

revocation ids:
- `3771cefe71beb21ead35a59c8116ee82627a5717c0295f35980662abccb159fe1b37848cb1818e548656bd4fd882d0094a2daab631c76b2b72e3a093914bfe04`
- `45133b90f228a81fe4d3042a79f6c6b7608e656e903d6b1f4db32cd774b09b8315af360879a5f210ad7be37ff55e3eb34f237bcc9711407b6329ac6018bfb400`
- `179f054f3c572646aba5013159ae192ac42f5666dbdd984129955f4652b6829e59f54aa251e451f96329d42a2524ce569c3e1ec52e708b642dd8994af51dd703`
- `edab54789d6656936fcd28200b9c61643434842d531f09f209fad555e11ff53174db174dafba126e6de448983a56f78d2042bc5782d71a45799c022fe69fb30d`
- `6a62306831e9dbe83e7b33db96b758c77dd690930f2d2d87e239b210b1944c5582bf6d7e1bfea8e7f928c27f2fff0e2ee2e0adc41e11e0c3abe8d7b96b9ede07`
- `6528db2c9a561ada9086268549a600a8a52ff434ea8183812623eec0e9b6c5d3c41ab7868808623021d92294d583afdf92f4354bcdaa1bc50453e1b89afd630d`
- `5d5679fe69bfe74b7919323515e9ecba9d01422b16be9341b57f88e695b2bb0bd7966b781001d2b9e00ee618fdc239c96e17e32cb379f13f12d6bd7b1b47ad04`
- `c37bf24c063f0310eccab8864e48dbeffcdd7240b4f8d1e01eba4fc703e6c9082b845bb55543b10f008dc7f4e78540411912ac1f36fa2aa90011dca40f323b09`
- `3f675d6c364e06405d4868c904e40f3d81c32b083d91586db814d4cb4bf536b4ba209d82f11b4cb6da293b60b20d6122fc3e0e08e80c381dee83edd848211900`

authorizer world:
```
Expand Down
24 changes: 16 additions & 8 deletions biscuit/test/samples/current/samples.json
Original file line number Diff line number Diff line change
Expand Up @@ -1798,7 +1798,7 @@
"authorizer_code": "allow if true;\n",
"revocation_ids": [
"470e4bf7aa2a01ab39c98150bd06aa15b4aa5d86509044a8809a8634cd8cf2b42269a51a774b65d10bac9369d013070b00187925196a8e680108473f11cf8f03",
"93a7315ab1272da9eeef015f6fecbc9ac96fe4660e6204bf64ea2105ebe309e9c9cadc0a26c5604f13910fae3f2cd0800756afb6b6b208bf77adeb1ab2f42405"
"342167bc54bc642b6718a276875e55b6d39e9b21e4ce13b926a3d398b6c057fc436385bf4c817a16f9ecdf0b0d950e8b8258a20aeb3fd8896c5e9c1f0a53da03"
]
}
}
Expand Down Expand Up @@ -1939,26 +1939,34 @@
{
"symbols": [],
"public_keys": [
"ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463"
"ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463",
"ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"
],
"external_key": "ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189",
"code": "query(1);\nquery(1, 2) <- query(1), query(2) trusting ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463;\ncheck if query(2), query(3) trusting ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463;\ncheck if query(1) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189;\n"
},
{
"symbols": [],
"public_keys": [],
"public_keys": [
"ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463",
"ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"
],
"external_key": "ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463",
"code": "query(2);\ncheck if query(2), query(3) trusting ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463;\ncheck if query(1) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189;\n"
},
{
"symbols": [],
"public_keys": [],
"public_keys": [
"ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463",
"ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189"
],
"external_key": "ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463",
"code": "query(3);\ncheck if query(2), query(3) trusting ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463;\ncheck if query(1) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189;\n"
},
{
"symbols": [],
"public_keys": [
"ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463",
"ed25519/f98da8c1cf907856431bfc3dc87531e0eaadba90f919edc232405b85877ef136"
],
"external_key": null,
Expand Down Expand Up @@ -2082,10 +2090,10 @@
"authorizer_code": "check if query(1, 2) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189, ed25519/a060270db7e9c9f06e8f9cc33a64e99f6596af12cb01c4b638df8afc7b642463;\n\ndeny if query(3);\ndeny if query(1, 2);\ndeny if query(0) trusting ed25519/acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189;\nallow if true;\n",
"revocation_ids": [
"3771cefe71beb21ead35a59c8116ee82627a5717c0295f35980662abccb159fe1b37848cb1818e548656bd4fd882d0094a2daab631c76b2b72e3a093914bfe04",
"45133b90f228a81fe4d3042a79f6c6b7608e656e903d6b1f4db32cd774b09b8315af360879a5f210ad7be37ff55e3eb34f237bcc9711407b6329ac6018bfb400",
"179f054f3c572646aba5013159ae192ac42f5666dbdd984129955f4652b6829e59f54aa251e451f96329d42a2524ce569c3e1ec52e708b642dd8994af51dd703",
"edab54789d6656936fcd28200b9c61643434842d531f09f209fad555e11ff53174db174dafba126e6de448983a56f78d2042bc5782d71a45799c022fe69fb30d",
"6a62306831e9dbe83e7b33db96b758c77dd690930f2d2d87e239b210b1944c5582bf6d7e1bfea8e7f928c27f2fff0e2ee2e0adc41e11e0c3abe8d7b96b9ede07"
"6528db2c9a561ada9086268549a600a8a52ff434ea8183812623eec0e9b6c5d3c41ab7868808623021d92294d583afdf92f4354bcdaa1bc50453e1b89afd630d",
"5d5679fe69bfe74b7919323515e9ecba9d01422b16be9341b57f88e695b2bb0bd7966b781001d2b9e00ee618fdc239c96e17e32cb379f13f12d6bd7b1b47ad04",
"c37bf24c063f0310eccab8864e48dbeffcdd7240b4f8d1e01eba4fc703e6c9082b845bb55543b10f008dc7f4e78540411912ac1f36fa2aa90011dca40f323b09",
"3f675d6c364e06405d4868c904e40f3d81c32b083d91586db814d4cb4bf536b4ba209d82f11b4cb6da293b60b20d6122fc3e0e08e80c381dee83edd848211900"
]
}
}
Expand Down
Binary file modified biscuit/test/samples/current/test024_third_party.bc
Binary file not shown.
Binary file modified biscuit/test/samples/current/test026_public_keys_interning.bc
Binary file not shown.
Loading