[Top] [Prev] [Next]


Keyring: login, getauthinfo -

get an Authinfo adt from a certificate authority


include "keyring.m";
kr:= load Keyring Keyring->PATH;
login:       fn(id, password, dest: string):
                   (string, ref Keyring->Authinfo);
getauthinfo: fn(ctxt: ref Draw->Context, keyname, path: string):
                        ref Keyring->Authinfo;


login (i, password, dest)

The login function is used to get a signed certificate from the certifying authority, CA, using the protocol described in login. The dest parameter is the network address of the CA. The user, id, must have previously received the password from the CA for this to work.

If login fails, the string returned will be an error message. If it succeeds, the string will be the nil value and an Authinfo abstract data type is returned. This adt can be used with the auth function (see auth) to authenticate future connections.

getauthinfo (ctxt, keyname, path)

The getauthinfo function is a Tk user interface to login. It will first try to read the file, path, for the Authinfo adt (see the description of the readauthfinfo function on auth). If path is nil, it is set to /usr/$user/keyring/keyname. If the read succeeds, then that adt is returned. If it fails a Tk window will be opened to allow the user to enter an id, password, and the network address of the certificate authority to use. The default CA is the $SIGNER listed in the file /services/cs/db.

If requested by the checkbox in the interface, getauthinfo will save the adt in the file, path. This allows the Authinfo to be kept across re-boots. If the box is not checked, getauthinfo will use the system file2chan function (see file2chan) to create a temporary file, path, that will disappear if unmounted or when the system is re-booted.

The login protocol uses TCP port 6673 with the symbolic name inflogin.

See Also

auth, and file2chan

[Top] [Prev] [Next]

Copyright © 1996,Lucent Technologies, Inc. All rights reserved.