2 * p9sk1, p9sk2 - Plan 9 secret (private) key authentication.
3 * p9sk2 is an incomplete flawed variant of p9sk1.
6 * write challenge[challen] (p9sk1 only)
7 * read tickreq[tickreqlen]
8 * write ticket[ticketlen]
9 * read authenticator[authentlen]
12 * read challenge[challen] (p9sk1 only)
13 * write tickreq[tickreqlen]
14 * read ticket[ticketlen]
15 * write authenticator[authentlen]
21 static int gettickets(Ticketreq*, char*, Key*);
23 #define max(a, b) ((a) > (b) ? (a) : (b))
26 MAXAUTH = max(TICKREQLEN, TICKETLEN+max(TICKETLEN, AUTHENTLEN))
47 /* p9sk1: send client challenge */
48 if(c->proto == &p9sk1){
49 c->state = "write challenge";
50 memrandom(cchal, CHALLEN);
51 if(convwrite(c, cchal, CHALLEN) < 0)
55 /* read ticket request */
56 c->state = "read tickreq";
57 if(convread(c, buf, TICKREQLEN) < 0)
61 /* p9sk2: use server challenge as client challenge */
62 if(c->proto == &p9sk2)
63 memmove(cchal, tr.chal, CHALLEN);
68 * if the user is the factotum owner, any key will do.
69 * if not, then if we have a speakfor key,
70 * we will only vouch for the user's local identity.
72 * this logic is duplicated in p9any.c
74 user = strfindattr(c->attr, "user");
75 a = delattr(copyattr(c->attr), "role");
76 a = addattr(a, "proto=p9sk1");
78 if(strcmp(c->sysuser, owner) == 0){
80 a = addattr(a, "proto=p9sk1 user? dom=%q", tr.authdom);
81 }else if(user==nil || strcmp(c->sysuser, user)==0){
83 a = delattr(a, "user");
84 a = addattr(a, "proto=p9sk1 user? dom=%q role=speakfor", tr.authdom);
86 werrstr("will not authenticate for %q as %q", c->sysuser, user);
91 c->state = "find key";
92 k = keyfetch(c, "%A", a);
96 /* relay ticket request to auth server, get tickets */
97 strcpy(tr.hostid, strfindattr(k->attr, "user"));
99 strcpy(tr.uid, c->sysuser);
101 strcpy(tr.uid, tr.hostid);
103 c->state = "get tickets";
104 if(gettickets(&tr, buf, k) < 0)
107 convM2T(buf, &t, k->priv);
111 /* we don't agree with the auth server about the key; try again */
112 c->state = "replace key";
113 if((k = keyreplace(c, k, "key mismatch with auth server")) == nil){
114 werrstr("key mismatch with auth server");
119 /* send second ticket and authenticator to server */
120 c->state = "write ticket+auth";
121 memmove(buf, buf+TICKETLEN, TICKETLEN);
123 memmove(au.chal, tr.chal, CHALLEN);
125 convA2M(&au, buf+TICKETLEN, t.key);
126 if(convwrite(c, buf, TICKETLEN+AUTHENTLEN) < 0)
129 /* read authenticator from server */
130 c->state = "read auth";
131 if(convread(c, buf, AUTHENTLEN) < 0)
133 convM2A(buf, &au, t.key);
134 if(au.num != AuthAs || memcmp(au.chal, cchal, CHALLEN) != 0 || au.id != 0){
135 werrstr("server lies through his teeth");
140 c->attr = addcap(c->attr, c->sysuser, &t);
141 des56to64((uchar*)t.key, secret);
142 c->attr = addattr(c->attr, "secret=%.8H", secret);
154 char cchal[CHALLEN], buf[MAXAUTH];
165 a = addattr(copyattr(c->attr), "user? dom?");
166 a = addattr(a, "user? dom? proto=p9sk1");
167 if((k = keyfetch(c, "%A", a)) == nil)
170 /* p9sk1: read client challenge */
171 if(c->proto == &p9sk1){
172 if(convread(c, cchal, CHALLEN) < 0)
176 /* send ticket request */
177 memset(&tr, 0, sizeof tr);
179 strcpy(tr.authid, strfindattr(k->attr, "user"));
180 strcpy(tr.authdom, strfindattr(k->attr, "dom"));
181 memrandom(tr.chal, sizeof tr.chal);
183 if(convwrite(c, buf, TICKREQLEN) < 0)
186 /* p9sk2: use server challenge as client challenge */
187 if(c->proto == &p9sk2)
188 memmove(cchal, tr.chal, sizeof tr.chal);
190 /* read ticket+authenticator */
191 if(convread(c, buf, TICKETLEN+AUTHENTLEN) < 0)
194 convM2T(buf, &t, k->priv);
195 if(t.num != AuthTs || memcmp(t.chal, tr.chal, CHALLEN) != 0){
197 werrstr("key mismatch with auth server");
201 convM2A(buf+TICKETLEN, &au, t.key);
202 if(au.num != AuthAc || memcmp(au.chal, tr.chal, CHALLEN) != 0 || au.id != 0){
203 werrstr("client lies through his teeth");
207 /* send authenticator */
209 memmove(au.chal, cchal, CHALLEN);
210 convA2M(&au, buf, t.key);
211 if(convwrite(c, buf, AUTHENTLEN) < 0)
215 c->attr = addcap(c->attr, c->sysuser, &t);
216 des56to64((uchar*)t.key, secret);
217 c->attr = addattr(c->attr, "secret=%.8H", secret);
227 _asgetticket(int fd, char *trbuf, char *tbuf)
229 if(write(fd, trbuf, TICKREQLEN) < 0){
233 return _asrdresp(fd, tbuf, 2*TICKETLEN);
236 getastickets(Ticketreq *tr, char *buf)
241 if((asfd = xioauthdial(nil, tr->authdom)) < 0)
244 ret = xioasgetticket(asfd, buf, buf);
250 mktickets(Ticketreq *tr, char *buf, Key *k)
254 if(strcmp(tr->authid, tr->hostid) != 0)
257 memset(&t, 0, sizeof t);
258 memmove(t.chal, tr->chal, CHALLEN);
259 strcpy(t.cuid, tr->uid);
260 strcpy(t.suid, tr->uid);
261 memrandom(t.key, DESKEYLEN);
263 convT2M(&t, buf, k->priv);
265 convT2M(&t, buf+TICKETLEN, k->priv);
270 gettickets(Ticketreq *tr, char *buf, Key *k)
272 if(getastickets(tr, buf) == 0)
274 if(mktickets(tr, buf, k) == 0)
276 werrstr("gettickets: %r");
283 char *user, *dom, *pass;
286 user = strfindattr(k->attr, "user");
287 dom = strfindattr(k->attr, "dom");
288 if(user==nil || dom==nil){
289 werrstr("need user and dom attributes");
292 if(strlen(user) >= sizeof tr.authid){
293 werrstr("user name too long");
296 if(strlen(dom) >= sizeof tr.authdom){
297 werrstr("auth dom name too long");
301 k->priv = emalloc(DESKEYLEN);
302 if(pass = strfindattr(k->privattr, "!password"))
303 passtokey(k->priv, pass);
304 else if(pass = strfindattr(k->privattr, "!hex")){
305 if(hexparse(pass, k->priv, 7) < 0){
306 werrstr("malformed !hex key data");
310 werrstr("need !password or !hex attribute");
327 "client", p9skclient,
328 "server", p9skserver,
335 "client", p9skclient,
336 "server", p9skserver,
343 .checkkey= p9sk1check,
344 .closekey= p9sk1close,
345 .keyprompt= "user? dom? !password?",