diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2015-08-19 21:06:17 +0200 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2015-08-19 21:06:17 +0200 |
| commit | 02cfcfeab46f36aad95263ed40d19df7bd5eddef (patch) | |
| tree | 30f67204be8d474b2c761e8944c20d042df1a08b /sys/src/cmd/auth/convkeys.c | |
| parent | f785d4da07349c7bb250eb00a3f2bed3eb170828 (diff) | |
libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption
this is in preparation for replacing DES ticket encryption with
something better. but first need to make the code stop making
assumptions.
the wire encoding of the Ticket might be variable length
with TICKETLEN just giving an upper bound. the details will be
handled by libauthsrv _asgetticket() and _asgetresp() funciotns.
the Authenticator and Passwordreq structures are encrypted
with the random ticket key. The encryption schmeme will depend
on the Ticket format used, so we pass the Ticket* structure
instead of the DES key.
introduce Authkey structure that will hold all the required
cryptographic keys instead of passing DES key.
Diffstat (limited to 'sys/src/cmd/auth/convkeys.c')
| -rw-r--r-- | sys/src/cmd/auth/convkeys.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/sys/src/cmd/auth/convkeys.c b/sys/src/cmd/auth/convkeys.c index dcd2c027f..bb7d553b3 100644 --- a/sys/src/cmd/auth/convkeys.c +++ b/sys/src/cmd/auth/convkeys.c @@ -7,19 +7,19 @@ #include <bio.h> #include "authcmdlib.h" -char authkey[DESKEYLEN]; +Authkey authkey; int verb; int usepass; -int convert(char*, char*, int); -int dofcrypt(int, char*, char*, int); +int convert(char*, Authkey*, int); void usage(void); void main(int argc, char *argv[]) { Dir *d; - char *p, *file, key[DESKEYLEN]; + Authkey key; + char *p, *file; int fd, len; ARGBEGIN{ @@ -40,12 +40,12 @@ main(int argc, char *argv[]) /* get original key */ if(usepass){ print("enter password file is encoded with\n"); - getpass(authkey, nil, 0, 1); + getpass(&authkey, nil, 0, 1); } else - getauthkey(authkey); + getauthkey(&authkey); if(!verb){ print("enter password to reencode with\n"); - getpass(key, nil, 0, 1); + getpass(&key, nil, 0, 1); } fd = open(file, ORDWR); @@ -60,7 +60,7 @@ main(int argc, char *argv[]) error("out of memory"); if(read(fd, p, len) != len) error("can't read key file: %r\n"); - len = convert(p, key, len); + len = convert(p, &key, len); if(verb) exits(0); if(pwrite(fd, p, len, 0) != len) @@ -128,7 +128,7 @@ badname(char *s) } int -convert(char *p, char *key, int len) +convert(char *p, Authkey *key, int len) { int i; @@ -139,7 +139,7 @@ convert(char *p, char *key, int len) len -= len % KEYDBLEN; } len += KEYDBOFF; - oldCBCdecrypt(authkey, p, len); + oldCBCdecrypt(authkey.des, p, len); for(i = KEYDBOFF; i < len; i += KEYDBLEN) if (badname(&p[i])) { print("bad name %.30s... - aborting\n", &p[i]); @@ -150,7 +150,7 @@ convert(char *p, char *key, int len) print("%s\n", &p[i]); randombytes((uchar*)p, 8); - oldCBCencrypt(key, p, len); + oldCBCencrypt(key->des, p, len); return len; } |