[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SPKI verification in pseudocode
You can find below a sketch of a pseudocode for verifying if `self' has
authorised `requested_action' for `subject'. It returns true/false. It
does this by reading the sequence construct `seq' that has been supplied
by the subject or perhaps built by the verifier itself. All syntax
checks have been omitted.
This reflects my current understanding of the draft. Here most of the
intelligence needed has been transferred from the verifier to the
subject. Note that the function fails if the sequence has irrelevant
certificates.
It does not support threshold subjects. We will probably need a more
complex mechanism for that.
I've used a Python-like pseudocode. I hope you can follow.
- Markku-Juhani Saarinen <mjos@ssh.fi>
-- start of the pseudocode --
def permission(seq, self, subject, requested_action):
i = 1 # the 0th element should read 'sequence'
last_obj = NULL # the last object encountered
red_5tuple = NULL # the current 5-tuple
# walk trough the sequence
while i < len(seq):
switch seq[i][0]: # this is the first element in each sublist
# i.e. the object identifier
case 'cert':
case 'pub-key':
last_obj = seq[i]
case 'do':
if seq[i][1] == 'hash':
hash_and_put_into_global_hashtree(last_obj, seq[i][2])
# seq[i][2] should give the name of the hash algorithm
case 'signature':
if valid_signature_by_the_issuer(seq[i]):
this_5tuple = 5tupleize(related_certificate(seq[i]))
# reduce the current 5 tuple
if red_5tuple == NULL:
red_5tuple = this_5tuple
else
red_5tuple = 5_tuple_reduction(red_5tuple, this_5tuple)
# ok, proceed in the list
i = i + 1
# ok, we have read the sequence.
# see if it permits the requested action for the subject
if red_5tuple.issuer != self or red_5tuple.subject != subject:
return false
if time() not in red_5tuple.valid:
return false
if intersection(red_5tuple.auth, requested_action) != requested_action:
return false
return true