enum{ MAXFILESIZE = 10*1024*1024 };
enum{// PW status bits
Enabled = (1<<0),
STA = (1<<1), // extra SecurID step
};
typedef struct PW {
char *id; // user id
ulong expire; // expiration time (epoch seconds)
ushort status; // Enabled, STA, ...
ushort failed; // number of failed login attempts
char *other; // other information, e.g. sponsor
mpint *Hi; // H(passphrase)^-1 mod p
} PW;
PW *getPW(char *, int);
int putPW(PW *);
void freePW(PW *);
char* getpassm(char*);
char *validatefile(char *f);
// *client: SConn, client name, passphrase
// *server: SConn, (partial) 1st msg, PW entry
// *setpass: Username, hashed passphrase, PW entry
int PAKclient(SConn *, char *, char *, char **);
int PAKserver(SConn *, char *, char *, PW **);
char *PAK_Hi(char *, char *, mpint *, mpint *);
#define LOG "secstore"
#define SECSTORE_DIR "/adm/secstore"
|