Aut
view release on metacpan - search on metacpan
view release on metacpan or search on metacpan
};
my $backend=$args->{"Backend"};
my $ui=$args->{"UI"};
my $bits=$args->{"RSA_Bits"};
my $self;
$self->{"string"}=\$string;
$self->{"status"}="NONE";
$self->{"errmsg"}="";
if (not defined $backend) { die "You need to specify an Aut Backend"; }
if (not defined $ui) { die "You need to specify an Aut user interface"; }
$self->{"backend"}=$backend;
$self->{"ui"}=$ui;
$self->{"levels"}=$args->{"Levels"};
$self->{"adminlevel"}=$args->{"Adminlevel"};
$self->{"ui"}->initialize($self->{"levels"},$self->{"adminlevel"});
$self->{"base64"}=new Aut::Base64();
bless $self,$class;
$self->initialize($bits);
return $self;
}
#####################################################################
# Initializing
#####################################################################
# Internal function.
# Used to initialize the subsystem.
sub initialize {
my $self=shift;
my $bits=shift;
if (not defined $self->{"backend"}->get_keys()) {
my $pass=$self->{"ui"}->ask_pass($self,_T("Initializing cryptography system.\n".
"Please provide a password for the global\n".
"RSA key-pair. You need to keep this password\n".
"secret and will have to remember it!"));
if (not defined $pass) { die "Cannot continue without password"; }
my $passagain=$self->{"ui"}->ask_pass($self,_T("Enter the RSA password again for verification."));
if ($pass ne $passagain) { die "Cannot continue with two different passwords"; }
$self->{"ui"}->message(_T("Generating keys, this will take some time...")."($bits bits)");
my $rsa = new Crypt::RSA;
my ($public,$private) =$rsa->keygen(
Identity => 'Aut module',
Size => $bits,
Password => "",
Verbosity => 0
) or die $rsa->errstr();
my $private_str=private_key_to_string($private);
$private_str="private,".$private_str;
my $cipher=new Aut::Crypt($pass);
$private_str=$cipher->encrypt($private_str);
my $public_str=public_key_to_string($public);
$public_str=$self->{"base64"}->encode($public_str);
$private_str=$self->{"base64"}->encode($private_str);
$self->{"backend"}->set_keys($public_str,$private_str);
$self->{"ui"}->message(_T("done."));
}
}
#####################################################################
# Querying
#####################################################################
sub has_accounts {
my $self=shift;
$self->{"backend"}->has_accounts();
}
sub is_admin {
my $self=shift;
my $ticket=shift;
return ($ticket->valid()) && ($ticket->rights() eq $self->{"adminlevel"});
}
sub status {
my $self=shift;
return $self->{"status"};
}
sub last_error {
my $self=shift;
return $self->{"errmsg"};
}
sub list_accounts {
my $self=shift;
return $self->{"backend"}->get_all_accounts();
}
sub exists {
my $self=shift;
my $account=shift;
return $self->{"backend"}->exists($account);
}
#####################################################################
# Bag functionality --> Backend as Configuration file
#####################################################################
sub set {
my ($self,$ticket,$var,$val) = @_;
$val=$ticket->encrypt($val);
$self->{"backend"}->set($ticket->account(),$var,$val);
}
sub get {
my ($self,$ticket,$var) = @_;
my $val=$self->{"backend"}->get($ticket->account(),$var);
$val=$ticket->decrypt($val);
return $val;
}
sub del {
my ($self,$ticket,$var) = @_;
$self->{"backend"}->del($ticket->account(),$var);
}
#####################################################################
# status and error
#####################################################################
### Internal Functions
sub set_status {
my ($self,$status)=@_;
$self->{"status"}=$status;
}
sub set_error {
my ($self,$msg)=@_;
$self->{"errmsg"}=$msg;
}
#####################################################################
# rsa crypting/decrypting
#####################################################################
### Internal Functions
### Using an undocumented feature here!
sub public_key_to_string {
my $key=shift;
return $key->serialize();
}
sub string_to_public_key {
my $string=shift;
my $key=new Crypt::RSA::Key::Public;
my @pub;
push @pub,$string;
return $key->deserialize(String => \@pub);
}
sub private_key_to_string {
my $key=shift;
return $key->serialize();
}
sub string_to_private_key {
my $string=shift;
my $key=new Crypt::RSA::Key::Private;
my @pub;
push @pub,$string;
return $key->deserialize(String => \@pub);
}
### Using an undocumented feature here!
sub rsa_crypt {
my $self=shift;
my $text=shift;
my $rsa=new Crypt::RSA;
my ($public_str,$private_str)=$self->{"backend"}->get_keys();
my $public;
$public_str=$self->{"base64"}->decode($public_str);
my $public=string_to_public_key($public_str);
$text=$rsa->encrypt(
Message => $text,
Key => $public
);
if (not defined $text) { warn "cannot encrypt"; }
$text=$self->{"base64"}->encode($text);
return $text;
}
sub rsa_decrypt {
my $self=shift;
my $text=shift;
my $pass=shift;
my $rsa=new Crypt::RSA;
my ($public_str,$private_str)=$self->{"backend"}->get_keys();
$private_str=$self->{"base64"}->decode($private_str);
if (not defined $pass) {
$pass=$self->{"ui"}->ask_pass($self,_T("Give the password for the account global RSA private key"));
}
if (not defined $pass) {
return undef;
}
my $cipher=new Aut::Crypt($pass);
$private_str=$cipher->decrypt($private_str);
if (substr($private_str,0,8) ne "private,") {
return undef;
}
else {
$private_str=substr($private_str,8,length($private_str));
my $private=string_to_private_key($private_str);
$text=$self->{"base64"}->decode($text);
$text=$rsa->decrypt(
Cyphertext => $text,
Key => $private,
);
if (not defined $text) {
warn "Unexpected! Cannot decrypt text with good private key!";
}
return $text;
}
}
sub check_rsa_private_pass {
my $self=shift;
my $pass=shift;
my ($public_str,$private_str)=$self->{"backend"}->get_keys();
$private_str=$self->{"base64"}->decode($private_str);
my $cipher=new Aut::Crypt($pass);
$private_str=$cipher->decrypt($private_str);
if (substr($private_str,0,8) ne "private,") {
return 0;
}
else {
return 1;
}
}
### Internal Functions
################################################################
# Account handling
#####################################################################
sub ticket_create {
my $self=shift;
$self->ticket_update(@_);
}
sub ticket_update {
my $self=shift;
my $ticket=shift;
my $account=$ticket->account();
my $pass=$ticket->pass();
my $rights=$ticket->rights();
my $seed=$ticket->seed();
#my $md5pass=md5_base64($pass);
my $rsapass=$self->rsa_crypt($pass);
my $cipher=new Aut::Crypt($pass);
my $crypt_seed=$cipher->encrypt($seed);
my $b64_seed=$self->{"base64"}->encode($crypt_seed);
#$self->{"backend"}->set_md5pass($account,$md5pass);
#$self->{"backend"}->set_pass($account,$rsapass);
$self->{"backend"}->set_pass($account,$pass);
view release on metacpan - search on metacpan
( run in 0.777 second using v1.00-cache-2.02-grep-82fe00e-cpan-9e6bc14194b )