view release on metacpan or  search on metacpan

lib/Authen/Ticket/Signature.pm  view on Meta::CPAN

    my %parts = {(map split(/:/), split(/;/, $key))};
    $Keys{$id}->{Public} = { %parts };
    return { %{$Keys{$id}->{Public}} };
  }

  return '';
}

# called to either retrieve stored private key or generate public/private
# pair
sub get_private_key {
  my $self = shift;

#  tie_keys;

  my $id = $self->{TicketSignatureId} || '<none>';
  
  if(exists $Keys{$id} and defined $Keys{$id}->{Private}) {
    my $hprivate = $Keys{$id}->{Private};
    my $private = { map(($_ => OpenSSL::BN::hex2bn($hprivate->{$_})),
                      keys %$hprivate) };

lib/Authen/Ticket/Signature.pm  view on Meta::CPAN

  $x = OpenSSL::BN::rand( $p->num_bits - 1 );
  $y = $g->mod_exp( $x, $p );

  return ( { 'x' => $x, p => $p, g => $g },
           { 'y' => $y, p => $p, g => $g } );
}

sub sign_ticket {
  my($self, $ticket) = @_;

  my $private_key = $self->get_private_key;

  return '' unless $private_key;

  my($p, $g, $x) = map $private_key->{$_}, (qw/p g x/);
  my $msg = OpenSSL::BN::hex2bn(MD5->hexhash($ticket));

  my $k;
  do { $k = OpenSSL::BN::rand( $p->num_bits - 1);
  } until $k->gcd( $p - 1 ) == 1;

  my $a = $g->mod_exp( $k, $p );
  my $b = $p - 1 + $msg - $x->mod_mul( $a, $p-1 );
  $b = $b->mod_mul( OpenSSL::BN::mod_inverse( $k, $p-1 ), $p-1 );

lib/Authen/Ticket/Signature.pm  view on Meta::CPAN

A public key is a hash reference with the various
parts of the key.  This is algorithm dependent.  The El Gamal routine
will return the following hashref:

  { 'y' => $y, 'p' => $p, 'g' => $g }

This is returned by the key server as the string "y:$y;p:$p;g:$g" with
the values in hexadecimal.

=item $self->get_private_key

This routine will return the private key as appropriate according to the
server configuration.  If the required key is not available in cache, it
will be generated.  Since the private key is only to be used on the machine
it is generated on, it does not make sense to fetch the private key from
any particular location.  

A private key is a hash reference with the various parts of the key.  This
is algorithm dependent.  The El Gamal routine will return the following
hashref:

  { 'x' => $x, 'p' => $p, 'g' => $g }

=item $self->generate_key( $key_length )

This routine must return the private and public key parts with a nominal
key length of $key_length.  See the get_{private,public}_key routines
for the format of the key parts.  The actual value returned is an array
of the format:

  ( { private_key }, { public_key } )

=item $self->sign_ticket( $ticket )

This routine should attach a signature to $ticket and return the resulting
value.  The format used must be understood by $self->verify_ticket.  The
$ticket will have already been passed through $self->construct_ticket
and $self->encode_ticket.

=item $self->verify_ticket( $ticket )