diff options
| author | forsyth <forsyth@vitanuova.com> | 2011-01-17 11:10:35 +0000 |
|---|---|---|
| committer | forsyth <forsyth@vitanuova.com> | 2011-01-17 11:10:35 +0000 |
| commit | d6b4eae8eb0a5ca3119414005e483fedd63a62d6 (patch) | |
| tree | 4959b04b1ae02ce5ccb4b3c0a8c459ff46587eb7 /appl/cmd/auth/signer.b | |
| parent | 9e6910dc0c747c8f30b87f6482f4eadb48ad6654 (diff) | |
20110117-1110
Diffstat (limited to 'appl/cmd/auth/signer.b')
| -rw-r--r-- | appl/cmd/auth/signer.b | 83 |
1 files changed, 34 insertions, 49 deletions
diff --git a/appl/cmd/auth/signer.b b/appl/cmd/auth/signer.b index b27a719c..b3f4669d 100644 --- a/appl/cmd/auth/signer.b +++ b/appl/cmd/auth/signer.b @@ -5,20 +5,10 @@ include "sys.m"; include "draw.m"; -include "ipints.m"; - ipints: IPints; - IPint: import ipints; - -include "crypt.m"; - crypt: Crypt; - -include "oldauth.m"; - oldauth: Oldauth; - -include "msgio.m"; - msgio: Msgio; - include "keyring.m"; + kr: Keyring; + IPint: import kr; + include "security.m"; random: Random; @@ -39,12 +29,7 @@ init(nil: ref Draw->Context, nil: list of string) { sys = load Sys Sys->PATH; random = load Random Random->PATH; - ipints = load IPints IPints->PATH; - crypt = load Crypt Crypt->PATH; - oldauth = load Oldauth Oldauth->PATH; - oldauth->init(); - msgio = load Msgio Msgio->PATH; - msgio->init(); + kr = load Keyring Keyring->PATH; stdin = sys->fildes(0); stdout = sys->fildes(1); @@ -70,75 +55,75 @@ sign(): string return "can't read key"; # send public part to client - mypkbuf := array of byte oldauth->pktostr(crypt->sktopk(info.mysk), info.owner); - msgio->sendmsg(stdout, mypkbuf, len mypkbuf); + mypkbuf := array of byte kr->pktostr(kr->sktopk(info.mysk)); + kr->sendmsg(stdout, mypkbuf, len mypkbuf); alphabuf := array of byte info.alpha.iptob64(); - msgio->sendmsg(stdout, alphabuf, len alphabuf); + kr->sendmsg(stdout, alphabuf, len alphabuf); pbuf := array of byte info.p.iptob64(); - msgio->sendmsg(stdout, pbuf, len pbuf); + kr->sendmsg(stdout, pbuf, len pbuf); # get client's public key - hisPKbuf := msgio->getmsg(stdin); + hisPKbuf := kr->getmsg(stdin); if(hisPKbuf == nil) return "caller hung up"; - (hisPK, hisname) := oldauth->strtopk(string hisPKbuf); + hisPK := kr->strtopk(string hisPKbuf); if(hisPK == nil) return "illegal caller PK"; # hash, sign, and blind - state := crypt->sha1(hisPKbuf, len hisPKbuf, nil, nil); - cert := oldauth->sign(info.mysk, info.owner, 0, state, "sha1"); + state := kr->sha1(hisPKbuf, len hisPKbuf, nil, nil); + cert := kr->sign(info.mysk, 0, state, "sha1"); # sanity clause - state = crypt->sha1(hisPKbuf, len hisPKbuf, nil, nil); - if(oldauth->verify(info.mypk, cert, state) == 0) + state = kr->sha1(hisPKbuf, len hisPKbuf, nil, nil); + if(kr->verify(info.mypk, cert, state) == 0) return "bad signer certificate"; - certbuf := array of byte oldauth->certtostr(cert); + certbuf := array of byte kr->certtostr(cert); blind := random->randombuf(random->ReallyRandom, len certbuf); for(i := 0; i < len blind; i++) certbuf[i] = certbuf[i] ^ blind[i]; # sum PKs and blinded certificate - state = crypt->md5(mypkbuf, len mypkbuf, nil, nil); - crypt->md5(hisPKbuf, len hisPKbuf, nil, state); + state = kr->md5(mypkbuf, len mypkbuf, nil, nil); + kr->md5(hisPKbuf, len hisPKbuf, nil, state); digest := array[Keyring->MD5dlen] of byte; - crypt->md5(certbuf, len certbuf, digest, state); + kr->md5(certbuf, len certbuf, digest, state); # save sum and blinded cert in a file - file := "signed/"+hisname; + file := "signed/"+hisPK.owner; fd := sys->create(file, Sys->OWRITE, 8r600); if(fd == nil) return "can't create "+file+sys->sprint(": %r"); - if(msgio->sendmsg(fd, blind, len blind) < 0 || - msgio->sendmsg(fd, digest, len digest) < 0){ + if(kr->sendmsg(fd, blind, len blind) < 0 || + kr->sendmsg(fd, digest, len digest) < 0){ sys->remove(file); return "can't write "+file+sys->sprint(": %r"); } # send blinded cert to client - msgio->sendmsg(stdout, certbuf, len certbuf); + kr->sendmsg(stdout, certbuf, len certbuf); return nil; } -signerkey(filename: string): ref Oldauth->Authinfo +signerkey(filename: string): ref Keyring->Authinfo { - info := oldauth->readauthinfo(filename); + info := kr->readauthinfo(filename); if(info != nil) return info; # generate a local key - info = ref Oldauth->Authinfo; - info.mysk = crypt->genSK("elgamal", PKmodlen); - info.mypk = crypt->sktopk(info.mysk); - info.spk = crypt->sktopk(info.mysk); - myPKbuf := array of byte oldauth->pktostr(info.mypk, "*"); - state := crypt->sha1(myPKbuf, len myPKbuf, nil, nil); - info.cert = oldauth->sign(info.mysk, "*", 0, state, "sha1"); - (info.alpha, info.p) = crypt->dhparams(DHmodlen); - - if(oldauth->writeauthinfo(filename, info) < 0){ + info = ref Keyring->Authinfo; + info.mysk = kr->genSK("elgamal", "*", PKmodlen); + info.mypk = kr->sktopk(info.mysk); + info.spk = kr->sktopk(info.mysk); + myPKbuf := array of byte kr->pktostr(info.mypk); + state := kr->sha1(myPKbuf, len myPKbuf, nil, nil); + info.cert = kr->sign(info.mysk, 0, state, "sha1"); + (info.alpha, info.p) = kr->dhparams(DHmodlen); + + if(kr->writeauthinfo(filename, info) < 0){ sys->fprint(stderr, "can't write signerkey file: %r\n"); return nil; } |