libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption

this is in preparation for replacing DES ticket encryption with
something better. but first need to make the code stop making
assumptions.

the wire encoding of the Ticket might be variable length
with TICKETLEN just giving an upper bound. the details will be
handled by libauthsrv _asgetticket() and _asgetresp() funciotns.

the Authenticator and Passwordreq structures are encrypted
with the random ticket key. The encryption schmeme will depend
on the Ticket format used, so we pass the Ticket* structure
instead of the DES key.

introduce Authkey structure that will hold all the required
cryptographic keys instead of passing DES key.

12 files changed, 29 insertions, 6 deletions

diff --git a/sys/src/cmd/auth/lib/error.c b/sys/src/cmd/auth/lib/error.c
index 71bf63df1..784ae37df 100644
--- a/sys/src/cmd/auth/lib/error.c
+++ b/sys/src/cmd/auth/lib/error.c
@@ -1,6 +1,7 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 void
diff --git a/sys/src/cmd/auth/lib/fs.c b/sys/src/cmd/auth/lib/fs.c
index 43f7db845..35429d0ac 100644
--- a/sys/src/cmd/auth/lib/fs.c
+++ b/sys/src/cmd/auth/lib/fs.c
@@ -1,6 +1,7 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 Fs fs[3] =
diff --git a/sys/src/cmd/auth/lib/getauthkey.c b/sys/src/cmd/auth/lib/getauthkey.c
index 1ae8d4e87..84c3d1557 100644
--- a/sys/src/cmd/auth/lib/getauthkey.c
+++ b/sys/src/cmd/auth/lib/getauthkey.c
@@ -17,9 +17,10 @@ getkey(char *authkey)
 }
 
 int
-getauthkey(char *authkey)
+getauthkey(Authkey *authkey)
 {
-	if(getkey(authkey) == 0)
+	memset(authkey, 0, sizeof(Authkey));
+	if(getkey(authkey->des) == 0)
 		return 1;
 	print("can't read NVRAM, please enter machine key\n");
 	getpass(authkey, nil, 0, 1);
diff --git a/sys/src/cmd/auth/lib/getexpiration.c b/sys/src/cmd/auth/lib/getexpiration.c
index 44ebfaaca..ebbd1c24c 100644
--- a/sys/src/cmd/auth/lib/getexpiration.c
+++ b/sys/src/cmd/auth/lib/getexpiration.c
@@ -2,6 +2,7 @@
 #include <libc.h>
 #include <ctype.h>
 #include <bio.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 /*
diff --git a/sys/src/cmd/auth/lib/keyfmt.c b/sys/src/cmd/auth/lib/keyfmt.c
index 86c2378a3..35642c9a5 100644
--- a/sys/src/cmd/auth/lib/keyfmt.c
+++ b/sys/src/cmd/auth/lib/keyfmt.c
@@ -1,13 +1,14 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 /*
  * print a key in des standard form
  */
 int
-keyfmt(Fmt *f)
+deskeyfmt(Fmt *f)
 {
 	uchar key[8];
 	char buf[32];
diff --git a/sys/src/cmd/auth/lib/netcheck.c b/sys/src/cmd/auth/lib/netcheck.c
index 5e4220c25..7b8fa92d7 100644
--- a/sys/src/cmd/auth/lib/netcheck.c
+++ b/sys/src/cmd/auth/lib/netcheck.c
@@ -1,6 +1,7 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 /*
diff --git a/sys/src/cmd/auth/lib/querybio.c b/sys/src/cmd/auth/lib/querybio.c
index 97218a6dc..90e54ae74 100644
--- a/sys/src/cmd/auth/lib/querybio.c
+++ b/sys/src/cmd/auth/lib/querybio.c
@@ -2,6 +2,7 @@
 #include <libc.h>
 #include <bio.h>
 #include <ctype.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 
diff --git a/sys/src/cmd/auth/lib/rdbio.c b/sys/src/cmd/auth/lib/rdbio.c
index 34196fd36..1d56c5da6 100644
--- a/sys/src/cmd/auth/lib/rdbio.c
+++ b/sys/src/cmd/auth/lib/rdbio.c
@@ -2,6 +2,7 @@
 #include <libc.h>
 #include <bio.h>
 #include <ctype.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 void
diff --git a/sys/src/cmd/auth/lib/readarg.c b/sys/src/cmd/auth/lib/readarg.c
index cce957db9..238e8252f 100644
--- a/sys/src/cmd/auth/lib/readarg.c
+++ b/sys/src/cmd/auth/lib/readarg.c
@@ -1,6 +1,7 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 int
diff --git a/sys/src/cmd/auth/lib/readln.c b/sys/src/cmd/auth/lib/readln.c
index ee470a52c..38a712497 100644
--- a/sys/src/cmd/auth/lib/readln.c
+++ b/sys/src/cmd/auth/lib/readln.c
@@ -5,7 +5,7 @@
 #include "authcmdlib.h"
 
 void
-getpass(char *key, char *pass, int check, int confirm)
+getpass(Authkey *key, char *pass, int check, int confirm)
 {
 	char rpass[32], npass[32];
 	char *err;
diff --git a/sys/src/cmd/auth/lib/readwrite.c b/sys/src/cmd/auth/lib/readwrite.c
index 54f494eb4..1c19bad01 100644
--- a/sys/src/cmd/auth/lib/readwrite.c
+++ b/sys/src/cmd/auth/lib/readwrite.c
@@ -33,7 +33,7 @@ writefile(char *file, char *buf, int n)
 }
 
 char*
-findkey(char *db, char *user, char *key)
+finddeskey(char *db, char *user, char *key)
 {
 	int n;
 	char filename[Maxpath];
@@ -46,6 +46,13 @@ findkey(char *db, char *user, char *key)
 		return key;
 }
 
+int
+findkey(char *db, char *user, Authkey *key)
+{
+	memset(key, 0, sizeof(Authkey));
+	return finddeskey(db, user, key->des) != nil;
+}
+
 char*
 findsecret(char *db, char *user, char *secret)
 {
@@ -62,7 +69,7 @@ findsecret(char *db, char *user, char *secret)
 }
 
 char*
-setkey(char *db, char *user, char *key)
+setdeskey(char *db, char *user, char *key)
 {
 	int n;
 	char filename[Maxpath];
@@ -75,6 +82,12 @@ setkey(char *db, char *user, char *key)
 		return key;
 }
 
+int
+setkey(char *db, char *user, Authkey *key)
+{
+	return setdeskey(db, user, key->des) != nil;
+}
+
 char*
 setsecret(char *db, char *user, char *secret)
 {
diff --git a/sys/src/cmd/auth/lib/wrbio.c b/sys/src/cmd/auth/lib/wrbio.c
index 9c688dbe1..2590ad72d 100644
--- a/sys/src/cmd/auth/lib/wrbio.c
+++ b/sys/src/cmd/auth/lib/wrbio.c
@@ -2,6 +2,7 @@
 #include <libc.h>
 #include <bio.h>
 #include <ctype.h>
+#include <authsrv.h>
 #include "authcmdlib.h"
 
 void