.TH AUTHSRV 2
.SH NAME
-authdial, passtokey, nvcsum, readnvram, convT2M, convM2T, convTR2M, convM2TR, convA2M, convM2A, convPR2M, convM2PR, _asgetticket, _asrdresp \- routines for communicating with authentication servers
+authdial, passtokey, nvcsum, readnvram, convT2M, convM2T, convTR2M, convM2TR, convA2M, convM2A, convPR2M, convM2PR, _asgetticket, _asrequest, _asgetresp, _asrdresp, _asgetpakkey, authpak_hash, authpak_new, authpak_finish \- routines for communicating with authentication servers
.SH SYNOPSIS
.nf
.PP
int authdial(char *netroot, char *ad);
.PP
.B
-int passtokey(char key[DESKEYLEN], char *password)
+void passtokey(Authkey *key, char *password)
.PP
.B
uchar nvcsum(void *mem, int len)
int readnvram(Nvrsafe *nv, int flag);
.PPP
.B
-int convT2M(Ticket *t, char *msg, char *key)
+int convT2M(Ticket *t, char *msg, int len, Authkey *key)
.PP
.B
-void convM2T(char *msg, Ticket *t, char *key)
+int convM2T(char *msg, int len, Ticket *t, Authkey *key)
.PP
.B
-int convA2M(Authenticator *a, char *msg, char *key)
+int convA2M(Authenticator *a, char *msg, int len, Ticket *t)
.PP
.B
-void convM2A(char *msg, Authenticator *a, char *key)
+int convM2A(char *msg, int len, Authenticator *a, Ticket *t)
.PP
.B
-int convTR2M(Ticketreq *tr, char *msg)
+int convTR2M(Ticketreq *tr, char *msg, int len)
.PP
.B
-void convM2TR(char *msg, Ticketreq *tr)
+int convM2TR(char *msg, int len, Ticketreq *tr)
.PP
.B
-int convPR2M(Passwordreq *pr, char *msg, char *key)
+int convPR2M(Passwordreq *pr, char *msg, int len, Ticket *t)
.PP
.B
-void convM2PR(char *msg, Passwordreq *pr, char *key)
+int convM2PR(char *msg, int len, Passwordreq *pr, Ticket *t)
.PP
.B
-int _asgetticket(int fd, char *trbuf, char *tbuf);
+int _asgetticket(int fd, Ticketreq *tr, char *buf, int len)
.PP
.B
-int _asrdresp(int fd, char *buf, int len);
+int _asrequest(int fd, Ticketreq *tr)
+.PP
+.B
+int _asgetresp(int fd, Ticket *t, Authenticator *a, Authkey *key)
+.PP
+.B
+int _asrdresp(int fd, char *buf, int len)
+.PP
+.B
+int _asgetpakkey(int fd, Ticketreq *tr, Authkey *a)
+.PP
+.B
+void authpak_hash(Authkey *k, char *u)
+.PP
+.B
+void authpak_new(PAKpriv *p, Authkey *k, uchar y[PAKYLEN], int isclient)
+.PP
+.B
+int authpak_finish(PAKpriv *p, Authkey *k, uchar y[PAKYLEN])
.SH DESCRIPTION
.I Authdial
dials an authentication server over the
.I Passtokey
converts
.I password
-into a DES key and stores the result in
+into a set of cryptographic keys and stores them in the
+.I Authkey
+structure
.IR key .
-It returns 0 if
-.I password
-could not be converted,
-and 1 otherwise.
.PP
.I Readnvram
reads authentication information into the structure:
uchar authidsum;
char authdom[DOMLEN]; /* auth domain, e.g., cs.bell-labs.com */
uchar authdomsum;
+
+ uchar aesmachkey[AESKEYLEN];
+ uchar aesmachsum;
};
.EE
.PP
.I Key
is used for encrypting the message before transmission and decrypting
after reception.
+.IR ConvA2M ,
+.IR convM2A ,
+.I convPR2M
+and
+.I convM2PR
+encrypt/decrypt the message with the random ticket key.
.PP
The routine
+.I _asgetticket
+sends a ticket request
+.I tr
+returning the two encrypted tickets in
+.IR buf .
+The routine
+.I _asrequest
+encodes the ticket request
+.I tr
+and sends it not waiting for a response.
+After sending a request,
.I _asgetresp
+can be used to receive the response containing a ticket and an optional
+authenticator and decrypts the ticket and authenticator using
+.IR key .
+The routine
+.I _asrdresp
receives either a character array or an error string.
On error, it sets errstr and returns -1. If successful,
it returns the number of bytes received.
.PP
-The routine
-.I _asgetticket
-sends a ticket request message and then uses
-.I _asgetresp
-to recieve an answer.
+.I Authpak_hash
+prepares a
+.I Authkey
+structure for a password authenticated key exchange (see
+.IR authsrv (6))
+by calculating the pakhash from a user's aeskey and id
+.IR u .
+The fuction hashes the password derived aeskey and user id together
+using hmac_sha256 and maps the result into two elliptic curve points
+PN/PM on the Ed448-goldielocks curve using elligator2.
+.PP
+.I Authpak_new
+generates a new elliptic curve diffie-hellman key pair for a password
+authenticated key exchange from a previously hashed
+.I Authkey
+structure
+.IR k .
+The randomly generated private key is returned in the
+.I PAKpriv
+structure passed in
+.IR p ,
+while the pakhash encrytped public key is returned in
+.IR y .
+.PP
+.I Authpak_finish
+completes a password authenticated key exchange, taking the other
+sides pakhash encrypted public key
+.I y
+and our private key
+.I p
+returning the shared secret pakkey in the
+.I Authkey
+structure
+.IR k .
+The function returns zero on success or non-zero on failure (malformed
+public key).
+.PP
+The function
+.I _asgetpakkey
+establishes a new shared pakkey between the us and the authentication server
+for ticket encryption; using the functions above; taking a previously hashed
+.I Authkey
+.I a
+and
+.I Ticketreq
+.I tr
+and returns the shared pakkey in the
+.I Authkey
+structure. It is usually called before
+.I _asrequest
+right after
+.IR authdial
+to negotiate bruteforce resistant ticket encryption for the
+ticket request that follows (see
+.IR authsrv (6)).
+Returns zero on success, or non-zero on error (authenticatoin
+server does not support the AuthPAK request or when we got a malformed public key).
.SH SOURCE
.B /sys/src/libauthsrv
.SH SEE ALSO