Mercurial > core / lisp/lib/cry/pkg.lisp
changeset 362: |
b1f78dffbcdd |
parent: |
c4682fedd73d
|
child: |
d1d64b856fae |
author: |
Richard Westhaver <ellis@rwest.io> |
date: |
Thu, 23 May 2024 18:23:38 -0400 |
permissions: |
-rw-r--r-- |
description: |
rustls work, fixed https bugs |
2 (:nicknames :cryptography) 3 (:shadowing-import-from :ironclad :integer-to-octets :octets-to-integer :xor) 4 (:use :cl :std :sb-thread :sb-concurrency :ironclad :obj/db :obj/id) 5 (:export :crypto-error :crypto-token-expired :crypto-token-invalid 6 :crypto-key :token :crypto-token :password 7 :*default-password-db* :*default-password-hasher* :*default-password-store* :*default-password-pepper* 19 (:use :cl :std :cry/hotp) 21 *time-step-in-seconds* 24 (defpackage :cry/crc64 26 (:export :+polynomial+ :+improved-polynomial+ 27 :init-crc64 :crc64-stream 28 :crc64-file :crc64-sequence)) 32 (defvar *password-db* nil 33 "The default password database.") 34 (defvar *password-hasher* nil 35 "The default password hasher.") 36 (defvar *password-store* nil 37 "The default password store.") 38 (defvar *password-pepper* nil 39 "The default pepper value for password hashing. Make sure you change this.") 41 (defclass token (id) ()) 43 (defun random-token () 44 (let ((id (make-array 64 :element-type '(unsigned-byte 8) :fill-pointer 0))) 46 (vector-push (random 128) id)) 47 (make-instance 'token :id id))) 49 (defgeneric token-bytes (self) 50 (:method ((self token)) 53 (defgeneric token-string (self) 54 (:method ((self token)) 55 (sb-ext:octets-to-string (obj/id:id self)))) 57 (defclass crypto-token (token) ()) 58 (defclass crypto-key (id) ()) 59 (defclass password () ()) 60 (defclass password-db (database) ()) 61 (defclass password-store () ()) 64 (defgeneric register-user (user &key store password deadline) 65 (:documentation "Register user identified by TOKEN in store specified by STORE. Returns 66 the user object and an optionally a confirmation token.")) 67 (defgeneric get-confirmation-token (user &key store duration) 68 (:documentation "Create a new user confirmation token which must be 69 validated within DURATION if non-nil. Register it for USER in STORE.")) 70 (defgeneric confirm-registration (user confirmation &key store) 71 (:documentation "Confirm USER using CONFIRMATION in STORE.")) 72 (defgeneric user-pending-p (user &key store) 73 (:documentation "Return non-nil if USER isn't pending confirmation, else nil.")) 74 (defgeneric user-known-p (user &key store) 75 (:documentation "Return non-nil if USER is known in STORE.")) 76 (defgeneric authenticate-user (user password &key store) 77 (:documentation "Check whether USER successfully authenticates with PASSWORD in STORE. If user had a reset-token pending, clear it upon success.")) 78 (defgeneric get-reset-token (user &key store duration) 79 (:documentation "Create a new reset token, register it for USER in STORE for DURATION.")) 80 (defgeneric clear-reset-token (user &key store) 81 (:documentation "Clear reset token of USER.")) 82 (defgeneric reset-password (user reset new &key store) 83 (:documentation "Reset password of USER in STORE to NEW, authenticating with RESET.")) 84 (defgeneric delete-user (user &key store error-p) 85 (:documentation "Delete user identified by USER in STORE. Signal an error if user can't be found and ERROR-P is non-nil."))