Table 9-1 Summary of Security Modules
Keyring
|
auth
|
performs authentication
|
|
readauthinfo
|
reads the authinfo adt
|
|
writeauthinfo
|
writes the authinfo adt
|
|
iptob64
|
converts integer to base 64 string
|
|
b64toip
|
converts base 64 string to integer
|
|
random
|
generate large, random numbers
|
|
bits
|
returns number of bits of precision
|
|
expmod
|
returns base**exp mod (mod)
|
|
eq
|
compares two IPint adts
|
|
iptobytes
|
converts integer to array of bytes
|
|
certtostr
|
convert ref Certificate to a string
|
|
pktostr
|
convert ref PK to a string
|
|
sktostr
|
convert ref SK to a string
|
|
strtocert
|
convert string to ref Certificate
|
|
strtopk
|
convert string to ref PK
|
|
strtosk
|
convert string to ref SK
|
|
sign
|
create a signed certificate
|
|
verify
|
verify a signed certificate
|
|
genSK
|
generate private, public keys
|
|
genSKfromPK
|
generate SK based on PK parameters
|
|
sktopk
|
extracts PK from SK/PK pair
|
|
sha
|
produce a message digest with sha
|
|
md5
|
produce a message digest with md5
|
|
dhparams
|
creates Diffie-Hellman parameters
|
|
getstring
|
reads a string from a file descriptor
|
|
putstring
|
writes a string to a file descriptor
|
|
getbytearray
|
reads a byte array from a file descriptor
|
|
putbytearray
|
writes a byte array to a file descriptor
|
|
puterror
|
writes an error string to a file descriptor
|
SSL
|
connect
|
connect to ssl device
|
|
secret
|
provide secrets to ssl connection
|
Login
|
init
|
loads required modules
|
|
defaultsigner
|
reads cs/db
|
|
signerkey
|
reads signerkey file and checks expiration date
|
|
chello
|
(client hello): sends user ID and, if valid, gets agreement
|
|
shello
|
(server hello): gets user ID, checks against password file. If valid, sends agreement and proceeds if user agrees.
|
|
ckeyx
|
(client key exchange): get certificate
|
|
skeyx
|
(server key exchange): create and send certificate
|
Auth
|
client
|
authenticate and push ssl
|
|
server
|
authenticate and push ssl
|
Password
|
get
|
read a password from a password file
|
|
put
|
write a password to a password file
|
Random
|
randomint
|
generate a random number
|
|
randombuf
|
generate an array of random bytes
|