Commit | Line | Data |
---|---|---|
5b62e993 MW |
1 | #include "cookie.h" |
2 | #include "str.h" | |
3 | #include "uint32.h" | |
4 | #include "surfpcs.h" | |
5 | ||
6 | void cookie(hash,key,keylen,date,addr,action) | |
7 | char *hash; | |
8 | char *key; | |
9 | unsigned int keylen; | |
10 | char *date; | |
11 | char *addr; | |
12 | char *action; | |
13 | { | |
14 | surfpcs s; | |
15 | uint32 seed[32]; | |
16 | unsigned char out[32]; | |
17 | int i; | |
18 | int j; | |
19 | ||
20 | /* | |
21 | step 1: create seed from key. note that this doesn't have to be | |
22 | cryptographic; it simply has to avoid destroying the user's entropy. | |
23 | if speed turns out to be a problem, switch to a CRC. | |
24 | */ | |
25 | for (i = 0;i < 32;++i) seed[i] = 0; | |
26 | for (j = 0;j < 4;++j) { | |
27 | surfpcs_init(&s,seed); | |
28 | surfpcs_add(&s,key,keylen); | |
29 | surfpcs_out(&s,out); | |
30 | for (i = 0;i < 32;++i) seed[i] = (seed[i] << 8) + out[i]; | |
31 | } | |
32 | ||
33 | /* | |
34 | step 2: apply SURF. | |
35 | */ | |
36 | surfpcs_init(&s,seed); | |
37 | surfpcs_add(&s,date,str_len(date) + 1); | |
38 | surfpcs_add(&s,addr,str_len(addr) + 1); | |
39 | surfpcs_add(&s,action,1); | |
40 | surfpcs_out(&s,out); | |
41 | ||
42 | /* | |
43 | step 3: extract a readable cookie from the SURF output. | |
44 | */ | |
45 | for (i = 0;i < 20;++i) | |
46 | hash[i] = 'a' + (out[i] & 15); | |
47 | } |