include "sys.m"; include "keyring.m"; kr:= load Keyring Keyring->PATH; auth: fn(fd: ref Sys->FD, info: ref Authinfo, setid: int) : (string, array of byte); readauthinfo: fn(filename: string) : ref Authinfo; writeauthinfo:fn(filename: string, info: ref Authinfo): int;
The auth function returns a string and a byte array. If the byte array is nil then the authentication has failed and the string is an error message. If the byte array is non-nil, then it represents a secret shared by the two communicating parties. In this case the string is the name of the party at the other end of the connection.
If the authentication is successful and the argument setid is non-zero then auth attempts to write the id of the party at the other end of the connection into /dev/user (see cons - console device in Chapter 2). No error is generated if this does not succeed. If the authentication is not successful and setid is non-zero, auth writes 'none' into /dev/user.
0 -> 1 alpha**r0 mod p, CERTu0, PKu0 1 -> 0 alpha**r1 mod p, CERTu1, PKu1 0 -> 1 sig0(alpha**r0 mod p, alpha**r1 mod p) 1 -> 0 sig1(alpha**r0 mod p, alpha**r1 mod p)At this point both 0 and 1 share the secret alpha**(r0*r1) which is returned in the byte array.