miércoles, 19 de septiembre de 2012

[SC] 6. RSA-Based Digital Signatures

For this week the homework was:

"Implement a HTTP public key repository for ket exchange that employs RSA-bases digital signatures"

Implementation


The deployed web application uses a python script as CGI to serve the request, and another script named validator, to validate the written data into the forms.

The CGI implements 

  • def function(x): The function that is evaluated with x, returns the value of fx.
  • def fastmodexp(r, e, n): Calculates the value of y (y = re mod n)
  • def generateResult(x, username, r): When the CGI validates the values of x, username and response, this function uses the username to get the value of e and n, then, calculates the value of fx and y, finally, compares their values and if fx and y are equals returns SUCCESS!, otherwise, returns FAILURE!. Implements a debug flag to print all the calculated values.
  • def validation(): Validates that the written data in the forms has the correct format. Uses a error flag to warn to the script if something is wrong, then, prints the error messages.
  • def getOption(): Gets the option of the CGI form. If option doesn't exists in the form, the normal page is printed. If option exists in the form and the value is one, the CGI generate a challenge value and print it in the challenge input. If the value is two, the CGI gets the value of the challenge, username and response inputs and send them to the validate function.
  • def getUsers(): Open the text file with the users data (public keys), read the contents and parse them to a list. Return a list with all the users and keys.
  • def getUserData(username): Read the list of users and extract the data of the specified username.
  • def generateChallenge(): Implements random.randint to generate a challenge between a specified range.
  • def printUsers(selectedUser): Prints the select input in the web page, calls the function getUsers(), gets the list of users and uses the information to generate options. Uses the parameter selectedUser to print a preselected option.
  • def printHead(challenge, selectedUser, response, result): Prints all the web application. If challenge is defined, prints its value in the challenge input. If selectedUser is defined, send it to the function printUsers() to print the select input with a preselected username. If response is defined, prints its value in the response input. If result is defines, prints its contents (error messages or successful messages) in a hidden specified area below the response input.
  • def main(): Gets the form, search for the option key and makes a decision to print the correct content in the window.
Also implements JQuery to control the events of the buttons and manage dynamically the form values.

Code - webapp



Script

The user has to download a script to generate the response, the script implements the functions :
  • def function(x): The function that is evaluated with x, returns the value of y.
  • def fastmodexp(y, d, n): Calculates the value of r (r = yd mod n)
The user must copy and paste the response in the webapp to validate the data.

Code - script



External Tests

Cecy


Web Interface

 Script Execution






Ramon

Web Interface

Rafael





Web Interface



 Script Execution


Video


http://www.youtube.com/watch?v=qFQEJK2cZ8A


Link to the WebApp

http://jcespinosa.dyndns-web.com/~jc1/cgi-bin/cryptography/authentication.py

1 comentario: