![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to Authentication3.cr CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDTahoe / new / xns / courierlib|
Return to Authentication3.cr CVS log | Up to [CSRG BSD Unix] / 43BSDTahoe / new / xns / courierlib |
1.1 root 1: -- $Header: Authentication3.cr,v 1.1 86/12/10 13:34:24 ed Exp $ --
2:
3: -- $Log: Authentication3.cr,v $
4: -- Revision 1.1 86/12/10 13:34:24 ed
5: -- Initial revision
6: --
7: --
8:
9: Authentication: PROGRAM 14 VERSION 3 =
10:
11: BEGIN
12: DEPENDS UPON Time(15) VERSION 2;
13:
14: -- faked dependency: should be DEPENDS UPON Clearinghouse(2) VERSION 3; --
15:
16: Organization: TYPE = STRING;
17: Domain: TYPE = STRING;
18: Object: TYPE = STRING;
19:
20: ThreePartName: TYPE = RECORD [
21: organization: Organization,
22: domain: Domain,
23: object: Object
24: ];
25:
26: Clearinghouse_Name: TYPE = ThreePartName;
27:
28:
29: -- TYPES --
30:
31: -- Types supporting encoding --
32:
33: Key: TYPE = ARRAY 4 OF UNSPECIFIED; -- lsb of each octet is odd parity bit --
34:
35: Block: TYPE = ARRAY 4 OF UNSPECIFIED; -- cipher text or plain text block --
36:
37: HashedPassword: TYPE = CARDINAL;
38:
39: -- Types describing credentials and verifiers --
40:
41: CredentialsType: TYPE = {simple(0), strong(1)};
42:
43: simpleCredentials: CredentialsType = simple;
44:
45: Credentials: TYPE = RECORD [type: CredentialsType,
46: value: SEQUENCE OF UNSPECIFIED];
47:
48: -- nullCredentials doesn't work yet --
49: -- nullCredentials: Credentials = [type: simple, value: []]; --
50:
51: CredentialsPackage: TYPE = RECORD [
52: credentials: Credentials,
53: nonce: LONG CARDINAL,
54: recipient: Clearinghouse_Name,
55: conversationKey: Key ];
56:
57: -- instances of the following type must be a multiple of 64 bits, padded --
58: -- with zeros, before encryption --
59:
60: StrongCredentials: TYPE = RECORD [
61: conversationKey: Key,
62: expirationTime: Time.Time,
63: initiator: Clearinghouse_Name ];
64:
65: SimpleCredentials: TYPE = Clearinghouse_Name;
66:
67: Verifier: TYPE = SEQUENCE 12 OF UNSPECIFIED;
68:
69: StrongVerifier: TYPE = RECORD [
70: timeStamp: Time.Time,
71: ticks: LONG CARDINAL ];
72:
73: SimpleVerifier: TYPE = HashedPassword;
74:
75: Proxy: TYPE = SEQUENCE OF UNSPECIFIED;
76:
77: -- instances of the following type must be a multiple of 64 bits, padded --
78: -- with zeros, before encryption --
79:
80: StrongProxy: TYPE = RECORD [
81: randomBits: Block,
82: expirationTime: Time.Time,
83: agent: Clearinghouse_Name];
84:
85: SimpleProxy: TYPE = BOOLEAN;
86:
87: -- ERRORS --
88:
89: Problem: TYPE = {
90: credentialsInvalid(0), -- credentials unacceptable --
91: verifierInvalid(1), -- verifier unacceptable --
92: verifierExpired(2), -- the verifier was too old --
93: verifierReused(3), -- the verifier has been used before --
94: credentialsExpired(4), -- the credentials have expired --
95: inappropriateCredentials(5), -- passed strong, wanted simple, or vica versa --
96: proxyInvalid(6), -- proxy has invalid format --
97: proxyExpired(7), -- the proxy was too old --
98: otherProblem(8) };
99: AuthenticationError: ERROR[problem: Problem] = 2;
100:
101: CallProblem: TYPE = {
102: tooBusy(0), -- server is too busy to service this request --
103: accessRightsInsufficient(1), -- operation prevented by access controls --
104: keysUnavailable(2), -- the server which holds the required key was inaccessible --
105: strongKeyDoesNotExist(3), -- a strong key critical to this operation has not been registered --
106: simpleKeyDoesNotExist(4), -- a simple key critical to this operation has not been registered --
107: strongKeyAlreadyRegistered(5), -- cannot create a strong key for an entity which already has one --
108: simpleKeyAlreadyRegistered(6), -- cannot create a simple key for an entity which already has one --
109: domainForNewKeyUnavailable(7), -- cannot create a new key because the domain to hold it is unaccessible --
110: domainForNewKeyUnknown(8), -- cannot create a new key because the domain to hold it is unknown --
111: badKey(9), -- bad key passed to CreateStrongKey or ChangeStrongKey --
112: badName(10), -- bad name passed to CreateStrongKey or ChangeStrongKey --
113: databaseFull(11), -- no more data can be added to the Authentication database --
114: otherCallProblem(12) };
115: Which: TYPE = {notApplicable(0), initiator(1), recipient(2), agent(3) };
116: CallError: ERROR [problem: CallProblem, whichArg: Which] = 1;
117:
118:
119: -- PROCEDURES --
120:
121: -- Strong Authentication --
122:
123: GetStrongCredentials: PROCEDURE [
124: initiator, recipient: Clearinghouse_Name,
125: nonce: LONG CARDINAL ]
126: RETURNS [ credentialsPackage: SEQUENCE OF UNSPECIFIED ]
127: -- encrypted with the initiator's strong key --
128: REPORTS [ CallError ] = 1;
129:
130: TradeProxyForCredentials: PROCEDURE [
131: credentials: Credentials, verifier: Verifier,
132: initiator: Clearinghouse_Name, proxy: Proxy,
133: recipient: Clearinghouse_Name, nonce: LONG CARDINAL ]
134: RETURNS [ credentialsPackage: SEQUENCE OF UNSPECIFIED,
135: -- enxrypted with the agent's strong key --
136: proxyForRecipient: Proxy ]
137: REPORTS [ AuthenticationError, CallError ] = 9;
138:
139: CreateStrongKey: PROCEDURE [
140: credentials: Credentials, verifier: Verifier,
141: name: Clearinghouse_Name, encryptedKey: Block ]
142: REPORTS [ AuthenticationError, CallError ] = 3;
143:
144: ChangeStrongKey: PROCEDURE [
145: credentials: Credentials, verifier: Verifier,
146: encryptedNewKey: Block ]
147: REPORTS [ AuthenticationError, CallError ] = 4;
148:
149: DeleteStrongKey: PROCEDURE [
150: credentials: Credentials, verifier: Verifier,
151: name: Clearinghouse_Name ]
152: REPORTS [ AuthenticationError, CallError ] = 5;
153:
154:
155: -- Simple Authentication --
156:
157: CheckSimpleCredentials: PROCEDURE [
158: credentials: Credentials, verifier: Verifier ]
159: RETURNS [ ok: BOOLEAN, initiator: Clearinghouse_Name ]
160: REPORTS [ AuthenticationError, CallError ] = 2;
161:
162: CreateSimpleKey: PROCEDURE [
163: credentials: Credentials, verifier: Verifier,
164: name: Clearinghouse_Name, key: HashedPassword ]
165: REPORTS [ AuthenticationError, CallError ] = 6;
166:
167: ChangeSimpleKey: PROCEDURE [
168: credentials: Credentials, verifier: Verifier,
169: newKey: HashedPassword ]
170: REPORTS [ AuthenticationError, CallError ] = 7;
171:
172: DeleteSimpleKey: PROCEDURE [
173: credentials: Credentials, verifier: Verifier,
174: name: Clearinghouse_Name ]
175: REPORTS [ AuthenticationError, CallError ] = 8;
176:
177:
178: END.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.