| 1 | .\" -*-nroff-*- |
| 2 | .de hP |
| 3 | .IP |
| 4 | .ft B |
| 5 | \h'-\w'\\$1\ 'u'\\$1\ \c |
| 6 | .ft P |
| 7 | .. |
| 8 | .ie t \{\ |
| 9 | . if \n(.g \{\ |
| 10 | . fam P |
| 11 | . \} |
| 12 | .\} |
| 13 | .ie t .ds o \(bu |
| 14 | .el .ds o o |
| 15 | . |
| 16 | .TH cookie 1 "5 June 1999" "Straylight/Edgeware" "Catacomb cryptographic library" |
| 17 | .SH NAME |
| 18 | cookie \- generate and validate cryptographic cookies |
| 19 | .SH SYNOPSIS |
| 20 | .B cookie |
| 21 | .RB [ \-k |
| 22 | .IR keyring ] |
| 23 | .I command |
| 24 | .PP |
| 25 | where command is one of: |
| 26 | .PP |
| 27 | .B help |
| 28 | .RI [ command ...] |
| 29 | .br |
| 30 | .B show |
| 31 | .RI [ item ...] |
| 32 | .br |
| 33 | .B generate |
| 34 | .RB [ \-b |
| 35 | .IR bits ] |
| 36 | .RB [ \-e |
| 37 | .IR expire ] |
| 38 | .RB [ \-k |
| 39 | .IR tag ] |
| 40 | .I data |
| 41 | .br |
| 42 | .B verify |
| 43 | .RB [ \-fquv ] |
| 44 | .RB [ \-b |
| 45 | .IR bits ] |
| 46 | .RB [ \-m |
| 47 | .IR bits ] |
| 48 | .I cookie |
| 49 | .RI [ data ] |
| 50 | .SH DESCRIPTION |
| 51 | The |
| 52 | .B cookie |
| 53 | program generates timestamped cryptographic cookies which can be handed |
| 54 | out to clients and later validated. It provides two subcommands: one to |
| 55 | create a new cookie, and one to ensure that a particular cookie is |
| 56 | valid. |
| 57 | .SS "Global options" |
| 58 | Before the command name, |
| 59 | .I "global options" |
| 60 | may be given. The following global options are supported: |
| 61 | .TP |
| 62 | .BR "\-h, \-\-help " [ \fIcommand ...] |
| 63 | Displays help text for |
| 64 | .B cookie |
| 65 | on standard output and exits successfullly. With command names, gives |
| 66 | help on each command. |
| 67 | .TP |
| 68 | .B "\-v, \-\-version" |
| 69 | Displays |
| 70 | .BR cookie 's |
| 71 | version number on standard output and exits successfullly. |
| 72 | .TP |
| 73 | .B "\-u, \-\-usage" |
| 74 | Displays an unhelpfully terse usage summary on standard output and exits |
| 75 | successfully. |
| 76 | .TP |
| 77 | .BI "\-k, \-\-keyring " file |
| 78 | Use |
| 79 | .I file |
| 80 | as the keyring file rather than the default, which is the file named |
| 81 | .B keyring |
| 82 | in the current directory. See |
| 83 | .BR key (1) |
| 84 | and |
| 85 | .BR keyring (5) |
| 86 | for more details about keyring files. |
| 87 | .SH "KEY SETUP" |
| 88 | The message authentication algorithm used to tag and verify cookies is |
| 89 | described by an attribute on the key, or its type. If the key has a |
| 90 | .B mac |
| 91 | attribute, then that is taken to be the name of the MAC algorithm to |
| 92 | use; otherwise the key must have the type |
| 93 | .BR cookie- \c |
| 94 | .IR mac . |
| 95 | .SH "COMMAND REFERENCE" |
| 96 | .SS help |
| 97 | The |
| 98 | .B help |
| 99 | command behaves exactly as the |
| 100 | .B \-\-help |
| 101 | option. With no arguments, it shows an overview of |
| 102 | .BR cookie 's |
| 103 | options; with arguments, it describes the named subcommands. |
| 104 | .SS show |
| 105 | The |
| 106 | .B show |
| 107 | command prints various lists of tokens understood by |
| 108 | .BR cookie . |
| 109 | With no arguments, it prints all of the lists; with arguments, it prints |
| 110 | just the named lists, in order. The recognized lists can be enumerated |
| 111 | using the |
| 112 | .VS |
| 113 | cookie show list |
| 114 | .VE |
| 115 | command. The lists are as follows. |
| 116 | .TP |
| 117 | .B list |
| 118 | The lists which can be enumerated by the |
| 119 | .B show |
| 120 | command. |
| 121 | .TP |
| 122 | .B mac |
| 123 | The message authentication algorithms which can be used in a key's |
| 124 | .B mac |
| 125 | attribute. |
| 126 | .SS generate |
| 127 | The |
| 128 | .B generate |
| 129 | command creates a new cookie. The command understands the following |
| 130 | options: |
| 131 | .TP |
| 132 | .BI "\-b, \-\-bits " bits |
| 133 | Specifies the size of the cryptographic token to generate. The default |
| 134 | token size is 32 bits. |
| 135 | .TP |
| 136 | .BI "\-e, \-\-expire " expire |
| 137 | The expiry date for the cookie. This may be the string |
| 138 | .RB ` forever ' |
| 139 | if the cookie should never expire, or any date acceptable to the |
| 140 | .BR getdate (3) |
| 141 | library function, e.g., |
| 142 | .RB ` "+2 weeks" '. |
| 143 | It is an error to ask for a non-expiring cookie to be created using a |
| 144 | key which will expire. |
| 145 | .TP |
| 146 | .BI "\-k, \-\-key " tag |
| 147 | Use the key named |
| 148 | .I tag |
| 149 | to authenticate the cookie; the default key is named |
| 150 | .BR cookie . |
| 151 | .PP |
| 152 | If a |
| 153 | .I data |
| 154 | argument is supplied, then an identical argument must be supplied to the |
| 155 | .B verify |
| 156 | command if the cookie is to be accepted as valid. The data will usually |
| 157 | be some way of identifying the cookie's recipient, e.g., an email |
| 158 | address. |
| 159 | .PP |
| 160 | The generated cookie is written to standard output, followed by a |
| 161 | newline. Cookies are not architecture-specific. |
| 162 | .SS verify |
| 163 | The |
| 164 | .B verify |
| 165 | command checks a cookie for validity. It accepts the following |
| 166 | options: |
| 167 | .TP |
| 168 | .BI "\-b, \-\-bits " bits |
| 169 | Only accept a cookie with a cryptographic token exactly |
| 170 | .I bits |
| 171 | bits long. |
| 172 | .TP |
| 173 | .BI "\-m, \-\-min\-bits " bits |
| 174 | Only accept a cookie with a cryptographic token at least |
| 175 | .I bits |
| 176 | bits long. The default is to accept any token with size 32 bits or |
| 177 | more. |
| 178 | .TP |
| 179 | .B "\-f, \-\-forever" |
| 180 | Allow non-expiring cookies. Without this option, cookies which never |
| 181 | expire are automatically rejected by |
| 182 | .BR cookie . |
| 183 | .TP |
| 184 | .B "\-u, \-\-utc" |
| 185 | Display expiry time as UTC rather than using the local time zone. |
| 186 | .TP |
| 187 | .B "\-q, \-\-quiet" |
| 188 | Make |
| 189 | .B cookie |
| 190 | more quiet. Repeat for a greater effect. |
| 191 | .TP |
| 192 | .B "\-v, \-\-verbose" |
| 193 | Make |
| 194 | .B cookie |
| 195 | more verbose. Repeat for a greater effect. |
| 196 | .PP |
| 197 | The argument |
| 198 | .I cookie |
| 199 | is the cookie to check. The cookie may have whitespace before, after |
| 200 | or within it. |
| 201 | .PP |
| 202 | If |
| 203 | .I data |
| 204 | is specified, it must exactly match the data passed to |
| 205 | .B generate |
| 206 | if the cookie is to be accepted. |
| 207 | .PP |
| 208 | Each line of text emitted by the |
| 209 | .B verify |
| 210 | command begins with a status indicator, which is one of the following: |
| 211 | .TP |
| 212 | .B INFO |
| 213 | This line provides possibly useful information about the cookie. |
| 214 | .B INFO |
| 215 | lines are displayed while |
| 216 | .B cookie |
| 217 | is working, before it's made its mind up about whether to reject the |
| 218 | cookie. The remainder of the line contains the information gleaned. |
| 219 | .TP |
| 220 | .B FAIL |
| 221 | The cookie is invalid. The remainder of the line is a human-readable |
| 222 | error message giving a reason for rejecting the cookie. |
| 223 | .TP |
| 224 | .B OK |
| 225 | The cookie is valid. |
| 226 | .PP |
| 227 | The |
| 228 | .B \-q |
| 229 | and |
| 230 | .B \-v |
| 231 | flags control the amount of output that |
| 232 | .B cookie |
| 233 | generates. By default, only |
| 234 | .B OK |
| 235 | and |
| 236 | .B FAIL |
| 237 | lines are generated. One |
| 238 | .B \-v |
| 239 | option shows the cookie's keyid and expiry time. Two |
| 240 | .B \-v |
| 241 | options also show the authentication token width. A |
| 242 | .B \-q |
| 243 | option suppresses all output, or cancels out a previous |
| 244 | .BR \-v . |
| 245 | .PP |
| 246 | Regardless of how much output is generated, |
| 247 | .B cookie |
| 248 | exits with return code 0 if the cookie was accepted and return code 1 if |
| 249 | validation failed for some reason. |
| 250 | .SH "COOKIE FORMAT" |
| 251 | Cookies are Base64-encoded binary objects. The binary data consists of: |
| 252 | .hP \*o |
| 253 | A 32-bit keyid referring to the key with which the cookie was created. |
| 254 | .hP \*o |
| 255 | An expiry date, expressed as a 64-bit integer in the format returned by |
| 256 | the |
| 257 | .BR time (2) |
| 258 | system call. |
| 259 | .hP \*o |
| 260 | The `authentication token', which is the leftmost bits of a MAC over the |
| 261 | keyid and date and any extra data supplied to the |
| 262 | .B generate |
| 263 | command |
| 264 | .PP |
| 265 | The keyid and expiry date are stored in network (big-endian) byte order. |
| 266 | .SH "SEE ALSO" |
| 267 | .BR key (1). |
| 268 | .SH "AUTHOR" |
| 269 | Mark Wooding, <mdw@distorted.org.uk> |