~mdw / ezmlm / blame
| Commit | Line | Data |
|---|---|---|
| 5b62e993 MW |
1 | #include "cookie.h" |
| 2 | #include "str.h" | |
| 3 | #include "uint32.h" | |
| 4 | #include "surfpcs.h" | |
| 5 | ||
| 6 | void cookie(hash,key,keylen,date,addr,action) | |
| 7 | char *hash; | |
| 8 | char *key; | |
| 9 | unsigned int keylen; | |
| 10 | char *date; | |
| 11 | char *addr; | |
| 12 | char *action; | |
| 13 | { | |
| 14 | surfpcs s; | |
| 15 | uint32 seed[32]; | |
| 16 | unsigned char out[32]; | |
| 17 | int i; | |
| 18 | int j; | |
| 19 | ||
| 20 | /* | |
| 21 | step 1: create seed from key. note that this doesn't have to be | |
| 22 | cryptographic; it simply has to avoid destroying the user's entropy. | |
| 23 | if speed turns out to be a problem, switch to a CRC. | |
| 24 | */ | |
| 25 | for (i = 0;i < 32;++i) seed[i] = 0; | |
| 26 | for (j = 0;j < 4;++j) { | |
| 27 | surfpcs_init(&s,seed); | |
| 28 | surfpcs_add(&s,key,keylen); | |
| 29 | surfpcs_out(&s,out); | |
| 30 | for (i = 0;i < 32;++i) seed[i] = (seed[i] << 8) + out[i]; | |
| 31 | } | |
| 32 | ||
| 33 | /* | |
| 34 | step 2: apply SURF. | |
| 35 | */ | |
| 36 | surfpcs_init(&s,seed); | |
| 37 | surfpcs_add(&s,date,str_len(date) + 1); | |
| 38 | surfpcs_add(&s,addr,str_len(addr) + 1); | |
| 39 | surfpcs_add(&s,action,1); | |
| 40 | surfpcs_out(&s,out); | |
| 41 | ||
| 42 | /* | |
| 43 | step 3: extract a readable cookie from the SURF output. | |
| 44 | */ | |
| 45 | for (i = 0;i < 20;++i) | |
| 46 | hash[i] = 'a' + (out[i] & 15); | |
| 47 | } |