From 1f578ec23c4f28aec3e067c34e51e2a6ecb54dd9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 5 Jan 2010 20:07:44 -0500 Subject: [PATCH 1/1] initial commit --- .gitignore | 1 + README | 23 ++++++++++++++++++++ msva | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 86 insertions(+) create mode 100644 .gitignore create mode 100644 README create mode 100755 msva diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b25c15b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*~ diff --git a/README b/README new file mode 100644 index 0000000..dca3836 --- /dev/null +++ b/README @@ -0,0 +1,23 @@ +2010-01-05 18:21:59-0500 +------------------------ + +msva is the Monkeysphere Validation Agent. + +Its goal is to simplify bindings between cryptographic tokens and the +real-world entities that humans actually care about. + +In its current technical conception, is a minimal HTTP server that +accepts two requests: + +POST /reviewcert (vars: UID, context, PKC) +POST /extracerts (vars: certificates) + +(PKC means: public key carrier: raw key, OpenPGP cert, or X.509 cert) +(UID means: User ID (like in OpenPGP)) +(context means: (this is too vague right now) something like "this certificate was used to try to identify an HTTPS server") + + + +Authors: Daniel Kahn Gillmor + Matthew James Goins + Jameson Rollins diff --git a/msva b/msva new file mode 100755 index 0000000..75e28f6 --- /dev/null +++ b/msva @@ -0,0 +1,62 @@ +#!/usr/bin/perl -wT + +use warnings; +use strict; + +{ + package MSVA; + + use HTTP::Server::Simple::CGI; + use base qw(HTTP::Server::Simple::CGI); + use warnings; + use strict; + + use JSON; + + my %dispatch = ( + '/reviewcert' => \&reviewcert, + '/extracerts' => \&extracerts, + ); + + sub handle_request { + my $self = shift; + my $cgi = shift; + + my $path = $cgi->path_info(); + my $handler = $dispatch{$path}; + + if (ref($handler) eq "CODE") { + my ($status, $object) = $handler->($cgi); + printf("HTTP/1.0 %s\r\nContent-Type: application/json\r\n\r\n%s", $status, to_json ($object)); + + } else { + printf("HTTP/1.0 Bad Request -- not handled by Monkeysphere validation agent\r\nContent-Type: text/plain\r\n\r\nBad Request -- the path:\r\n %s\r\nis not handled by the MonkeySphere validation agent.\r\nPlease try one of the following paths instead:\r\n\r\n%s\r\n", $path, ' * '.join("\r\n * ", keys %dispatch) ); + } + } + + sub reviewcert { + my $cgi = shift; # CGI.pm object + return if !ref $cgi; + + my $uid = $cgi->param('uid'); + my $pkc = $cgi->param('pkc'); + my $context = $cgi->param('context'); + + my $ret = { foo => 'bar' }; + # my $status = '404 no match found for the public key in this certificate'; + # or: + my $status = '200 match found, authentication details to follow'; + + return $status, $ret; + } + + sub extracerts { + my $cgi = shift; + + return '500 not yet implemented', { }; + } +} + +# start the server on port 8080 +my $server = MSVA->new(8901); +$server->run(); -- 2.26.2