-- $Header: Authentication2.cr,v 2.2 86/06/05 08:37:06 jqj Exp $ -- -- $Log: Authentication2.cr,v $ -- Revision 2.2 86/06/05 08:37:06 jqj -- updated it to actual Authentication V 2 instead of subset -- (compiler has been fixed to support everything) -- -- Revision 2.0 85/11/21 07:24:00 jqj -- 4.3BSD standard release, still a small subset -- -- initial version was: -- a subset of Authentication, hopefully big enough for some testing -- Authentication: PROGRAM 14 VERSION 2 = BEGIN DEPENDS UPON Time(15) VERSION 2; -- faked dependency: should be DEPENDS UPON Clearinghouse(2) VERSION 2; -- Organization: TYPE = STRING; Domain: TYPE = STRING; Object: TYPE = STRING; ThreePartName: TYPE = RECORD [ organization: Organization, domain: Domain, object: Object ]; Clearinghouse_Name: TYPE = ThreePartName; -- TYPES -- -- Types supporting encoding -- Key: TYPE = ARRAY 4 OF UNSPECIFIED; -- lsb of each octet is odd parity bit -- Block: TYPE = ARRAY 4 OF UNSPECIFIED; -- cipher text or plain text block -- HashedPassword: TYPE = CARDINAL; -- Types describing credentials and verifiers -- CredentialsType: TYPE = {simple(0), strong(1)}; simpleCredentials: CredentialsType = simple; Credentials: TYPE = RECORD [type: CredentialsType, value: SEQUENCE OF UNSPECIFIED]; CredentialsPackage: TYPE = RECORD [ credentials: Credentials, nonce: LONG CARDINAL, recipient: Clearinghouse_Name, conversationKey: Key ]; -- instances of the following type must be a multiple of 64 bits, padded -- -- with zeros, before encryption -- StrongCredentials: TYPE = RECORD [ conversationKey: Key, expirationTime: Time.Time, initiator: Clearinghouse_Name ]; SimpleCredentials: TYPE = Clearinghouse_Name; Verifier: TYPE = SEQUENCE 12 OF UNSPECIFIED; StrongVerifier: TYPE = RECORD [ timeStamp: Time.Time, ticks: LONG CARDINAL ]; SimpleVerifier: TYPE = HashedPassword; -- ERRORS -- Problem: TYPE = { credentialsInvalid(0), verifierInvalid(1), verifierExpired(2), verifierReused(3), credentialsExpired(4), inappropriateCredentials(5) }; AuthenticationError: ERROR[problem: Problem] = 2; CallProblem: TYPE = { tooBusy(0), accessRightsInsufficient(1), keysUnavailable(2), strongKeyDoesNotExist(3), simpleKeyDoesNotExist(4), strongKeyAlreadyRegistered(5), simpleKeyAlreadyRegistered(6), domainForNewKeyUnavailable(7), domainForNewKeyUnknown(8), badKey(9), badName(10), databaseFull(11), other(12) }; Which: TYPE = {notApplicable(0), initiator(1), recipient(2), client(3) }; CallError: ERROR [problem: CallProblem, whichArg: Which] = 1; -- PROCEDURES -- -- Strong Authentication -- GetStrongCredentials: PROCEDURE [ initiator, recipient: Clearinghouse_Name, nonce: LONG CARDINAL ] RETURNS [ credentialsPackage: SEQUENCE OF UNSPECIFIED ] REPORTS [ CallError ] = 1; CreateStrongKey: PROCEDURE [ credentials: Credentials, verifier: Verifier, name: Clearinghouse_Name, key: Key ] REPORTS [ AuthenticationError, CallError ] = 3; ChangeStrongKey: PROCEDURE [ credentials: Credentials, verifier: Verifier, newKey: Block ] REPORTS [ AuthenticationError, CallError ] = 4; DeleteStrongKey: PROCEDURE [ credentials: Credentials, verifier: Verifier, name: Clearinghouse_Name ] REPORTS [ AuthenticationError, CallError ] = 5; -- Simple Authentication -- CheckSimpleCredentials: PROCEDURE [ credentials: Credentials, verifier: Verifier ] RETURNS[ok: BOOLEAN] REPORTS[AuthenticationError, CallError] = 2; CreateSimpleKey: PROCEDURE [ credentials: Credentials, verifier: Verifier, name: Clearinghouse_Name, key: HashedPassword ] REPORTS[AuthenticationError, CallError] = 6; ChangeSimpleKey: PROCEDURE [ credentials: Credentials, verifier: Verifier, newKey: HashedPassword ] REPORTS[AuthenticationError, CallError] = 7; DeleteSimpleKey: PROCEDURE [ credentials: Credentials, verifier: Verifier, name: Clearinghouse_Name ] REPORTS[AuthenticationError, CallError] = 8; END.