![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to Authentication3.cr CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDTahoe / new / xns / courierlib|
Return to Authentication3.cr CVS log | Up to [CSRG BSD Unix] / 43BSDTahoe / new / xns / courierlib |
1.1 ! root 1: -- $Header: Authentication3.cr,v 1.1 86/12/10 13:34:24 ed Exp $ -- ! 2: ! 3: -- $Log: Authentication3.cr,v $ ! 4: -- Revision 1.1 86/12/10 13:34:24 ed ! 5: -- Initial revision ! 6: -- ! 7: -- ! 8: ! 9: Authentication: PROGRAM 14 VERSION 3 = ! 10: ! 11: BEGIN ! 12: DEPENDS UPON Time(15) VERSION 2; ! 13: ! 14: -- faked dependency: should be DEPENDS UPON Clearinghouse(2) VERSION 3; -- ! 15: ! 16: Organization: TYPE = STRING; ! 17: Domain: TYPE = STRING; ! 18: Object: TYPE = STRING; ! 19: ! 20: ThreePartName: TYPE = RECORD [ ! 21: organization: Organization, ! 22: domain: Domain, ! 23: object: Object ! 24: ]; ! 25: ! 26: Clearinghouse_Name: TYPE = ThreePartName; ! 27: ! 28: ! 29: -- TYPES -- ! 30: ! 31: -- Types supporting encoding -- ! 32: ! 33: Key: TYPE = ARRAY 4 OF UNSPECIFIED; -- lsb of each octet is odd parity bit -- ! 34: ! 35: Block: TYPE = ARRAY 4 OF UNSPECIFIED; -- cipher text or plain text block -- ! 36: ! 37: HashedPassword: TYPE = CARDINAL; ! 38: ! 39: -- Types describing credentials and verifiers -- ! 40: ! 41: CredentialsType: TYPE = {simple(0), strong(1)}; ! 42: ! 43: simpleCredentials: CredentialsType = simple; ! 44: ! 45: Credentials: TYPE = RECORD [type: CredentialsType, ! 46: value: SEQUENCE OF UNSPECIFIED]; ! 47: ! 48: -- nullCredentials doesn't work yet -- ! 49: -- nullCredentials: Credentials = [type: simple, value: []]; -- ! 50: ! 51: CredentialsPackage: TYPE = RECORD [ ! 52: credentials: Credentials, ! 53: nonce: LONG CARDINAL, ! 54: recipient: Clearinghouse_Name, ! 55: conversationKey: Key ]; ! 56: ! 57: -- instances of the following type must be a multiple of 64 bits, padded -- ! 58: -- with zeros, before encryption -- ! 59: ! 60: StrongCredentials: TYPE = RECORD [ ! 61: conversationKey: Key, ! 62: expirationTime: Time.Time, ! 63: initiator: Clearinghouse_Name ]; ! 64: ! 65: SimpleCredentials: TYPE = Clearinghouse_Name; ! 66: ! 67: Verifier: TYPE = SEQUENCE 12 OF UNSPECIFIED; ! 68: ! 69: StrongVerifier: TYPE = RECORD [ ! 70: timeStamp: Time.Time, ! 71: ticks: LONG CARDINAL ]; ! 72: ! 73: SimpleVerifier: TYPE = HashedPassword; ! 74: ! 75: Proxy: TYPE = SEQUENCE OF UNSPECIFIED; ! 76: ! 77: -- instances of the following type must be a multiple of 64 bits, padded -- ! 78: -- with zeros, before encryption -- ! 79: ! 80: StrongProxy: TYPE = RECORD [ ! 81: randomBits: Block, ! 82: expirationTime: Time.Time, ! 83: agent: Clearinghouse_Name]; ! 84: ! 85: SimpleProxy: TYPE = BOOLEAN; ! 86: ! 87: -- ERRORS -- ! 88: ! 89: Problem: TYPE = { ! 90: credentialsInvalid(0), -- credentials unacceptable -- ! 91: verifierInvalid(1), -- verifier unacceptable -- ! 92: verifierExpired(2), -- the verifier was too old -- ! 93: verifierReused(3), -- the verifier has been used before -- ! 94: credentialsExpired(4), -- the credentials have expired -- ! 95: inappropriateCredentials(5), -- passed strong, wanted simple, or vica versa -- ! 96: proxyInvalid(6), -- proxy has invalid format -- ! 97: proxyExpired(7), -- the proxy was too old -- ! 98: otherProblem(8) }; ! 99: AuthenticationError: ERROR[problem: Problem] = 2; ! 100: ! 101: CallProblem: TYPE = { ! 102: tooBusy(0), -- server is too busy to service this request -- ! 103: accessRightsInsufficient(1), -- operation prevented by access controls -- ! 104: keysUnavailable(2), -- the server which holds the required key was inaccessible -- ! 105: strongKeyDoesNotExist(3), -- a strong key critical to this operation has not been registered -- ! 106: simpleKeyDoesNotExist(4), -- a simple key critical to this operation has not been registered -- ! 107: strongKeyAlreadyRegistered(5), -- cannot create a strong key for an entity which already has one -- ! 108: simpleKeyAlreadyRegistered(6), -- cannot create a simple key for an entity which already has one -- ! 109: domainForNewKeyUnavailable(7), -- cannot create a new key because the domain to hold it is unaccessible -- ! 110: domainForNewKeyUnknown(8), -- cannot create a new key because the domain to hold it is unknown -- ! 111: badKey(9), -- bad key passed to CreateStrongKey or ChangeStrongKey -- ! 112: badName(10), -- bad name passed to CreateStrongKey or ChangeStrongKey -- ! 113: databaseFull(11), -- no more data can be added to the Authentication database -- ! 114: otherCallProblem(12) }; ! 115: Which: TYPE = {notApplicable(0), initiator(1), recipient(2), agent(3) }; ! 116: CallError: ERROR [problem: CallProblem, whichArg: Which] = 1; ! 117: ! 118: ! 119: -- PROCEDURES -- ! 120: ! 121: -- Strong Authentication -- ! 122: ! 123: GetStrongCredentials: PROCEDURE [ ! 124: initiator, recipient: Clearinghouse_Name, ! 125: nonce: LONG CARDINAL ] ! 126: RETURNS [ credentialsPackage: SEQUENCE OF UNSPECIFIED ] ! 127: -- encrypted with the initiator's strong key -- ! 128: REPORTS [ CallError ] = 1; ! 129: ! 130: TradeProxyForCredentials: PROCEDURE [ ! 131: credentials: Credentials, verifier: Verifier, ! 132: initiator: Clearinghouse_Name, proxy: Proxy, ! 133: recipient: Clearinghouse_Name, nonce: LONG CARDINAL ] ! 134: RETURNS [ credentialsPackage: SEQUENCE OF UNSPECIFIED, ! 135: -- enxrypted with the agent's strong key -- ! 136: proxyForRecipient: Proxy ] ! 137: REPORTS [ AuthenticationError, CallError ] = 9; ! 138: ! 139: CreateStrongKey: PROCEDURE [ ! 140: credentials: Credentials, verifier: Verifier, ! 141: name: Clearinghouse_Name, encryptedKey: Block ] ! 142: REPORTS [ AuthenticationError, CallError ] = 3; ! 143: ! 144: ChangeStrongKey: PROCEDURE [ ! 145: credentials: Credentials, verifier: Verifier, ! 146: encryptedNewKey: Block ] ! 147: REPORTS [ AuthenticationError, CallError ] = 4; ! 148: ! 149: DeleteStrongKey: PROCEDURE [ ! 150: credentials: Credentials, verifier: Verifier, ! 151: name: Clearinghouse_Name ] ! 152: REPORTS [ AuthenticationError, CallError ] = 5; ! 153: ! 154: ! 155: -- Simple Authentication -- ! 156: ! 157: CheckSimpleCredentials: PROCEDURE [ ! 158: credentials: Credentials, verifier: Verifier ] ! 159: RETURNS [ ok: BOOLEAN, initiator: Clearinghouse_Name ] ! 160: REPORTS [ AuthenticationError, CallError ] = 2; ! 161: ! 162: CreateSimpleKey: PROCEDURE [ ! 163: credentials: Credentials, verifier: Verifier, ! 164: name: Clearinghouse_Name, key: HashedPassword ] ! 165: REPORTS [ AuthenticationError, CallError ] = 6; ! 166: ! 167: ChangeSimpleKey: PROCEDURE [ ! 168: credentials: Credentials, verifier: Verifier, ! 169: newKey: HashedPassword ] ! 170: REPORTS [ AuthenticationError, CallError ] = 7; ! 171: ! 172: DeleteSimpleKey: PROCEDURE [ ! 173: credentials: Credentials, verifier: Verifier, ! 174: name: Clearinghouse_Name ] ! 175: REPORTS [ AuthenticationError, CallError ] = 8; ! 176: ! 177: ! 178: END.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.