Documentation ¶
Overview ¶
package auth implements Sauerbraten's player authentication mechanism.
The mechanism relies on the associativity of scalar multiplication on elliptic curves: private keys are random (big) scalars, and the corresponding public key is created by multiplying the curve base point with the private key. (This means the public key is another point on the curve.) To check for posession of the private key belonging to a public key known to the server, the base point is multiplied with another random, big scalar (the "secret") and the resulting point is sent to the user as "challenge". The user multiplies the challenge curve point with his private key (a scalar), and sends the X coordinate of the resulting point back to the server. The server instead multiplies the user's public key with the secret scalar. Since pub = base * priv, pub * secret = (base * priv) * secret = (base * secret) * priv = challenge * priv. Because of the curve's symmetry, there are exactly two points on the curve at any given X. For simplicity (and maybe performance), the server is satisfied when the user responds with the correct X.
Index ¶
- func GenerateChallenge(pub PublicKey) (challenge, solution string, err error)
- func GenerateKeyPair() (priv PrivateKey, pub PublicKey, err error)
- func Solve(challenge string, priv PrivateKey) (string, error)
- type InMemoryProvider
- type Manager
- type PrivateKey
- type Provider
- type PublicKey
- type RemoteProvider
- type User
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GenerateChallenge ¶
func GenerateKeyPair ¶
func GenerateKeyPair() (priv PrivateKey, pub PublicKey, err error)
Types ¶
type InMemoryProvider ¶
type InMemoryProvider struct {
// contains filtered or unexported fields
}
func NewInMemoryProvider ¶
func NewInMemoryProvider(users []*User) *InMemoryProvider
func (*InMemoryProvider) ConfirmAnswer ¶
func (*InMemoryProvider) GenerateChallenge ¶
func (p *InMemoryProvider) GenerateChallenge(name string, callback func(uint32, string, error))
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
func (*Manager) CheckAnswer ¶
type PrivateKey ¶
type PrivateKey []byte
func ParsePrivateKey ¶
func ParsePrivateKey(s string) (PrivateKey, error)
func (PrivateKey) String ¶
func (k PrivateKey) String() string
type PublicKey ¶
type PublicKey struct {
// contains filtered or unexported fields
}
func ParsePublicKey ¶
func (PublicKey) MarshalJSON ¶
func (*PublicKey) UnmarshalJSON ¶
type RemoteProvider ¶
type RemoteProvider struct {
// contains filtered or unexported fields
}
func NewRemoteProvider ¶
func NewRemoteProvider(inc <-chan string, out chan<- string, rol role.ID) *RemoteProvider
func (*RemoteProvider) ConfirmAnswer ¶
func (*RemoteProvider) GenerateChallenge ¶
func (p *RemoteProvider) GenerateChallenge(name string, callback func(reqID uint32, chal string, err error))