Ubuntu Manpage: oath_totp_validate2_callback

Provided by: liboath-dev_2.6.7-3build1_amd64

NAME

       oath_totp_validate2_callback - API function

SYNOPSIS

       #include <oath.h>

       int  oath_totp_validate2_callback(const  char  * secret, size_t secret_length, time_t now,
       unsigned time_step_size, time_t  start_offset,  unsigned  digits,  size_t  window,  int  *
       otp_pos, oath_validate_strcmp_function strcmp_otp, void * strcmp_handle);

ARGUMENTS

       const char * secret
                   the shared secret string

       size_t secret_length
                   length of secret

       time_t now  Unix time value to compute TOTP for

       unsigned time_step_size
                   time step system parameter (typically 30)

       time_t start_offset
                   Unix time of when to start counting time steps (typically 0)

       unsigned digits
                   number of requested digits in the OTP

       size_t window
                   how many OTPs after start counter to test

       int * otp_pos
                   output search position in search window (may be NULL).

       oath_validate_strcmp_function strcmp_otp
                   function pointer to a strcmp-like function.

       void * strcmp_handle
                   caller handle to be passed on to strcmp_otp.

DESCRIPTION

       Validate an OTP according to OATH TOTP algorithm per RFC 6238.

       Validation  is  implemented by generating a number of potential OTPs and performing a call
       to the strcmp_otp function, to compare the potential OTP against the given  otp.   It  has
       the following prototype:

       int (*oath_validate_strcmp_function) (void *handle, const char *test_otp);

       The  function should be similar to strcmp in that it return 0 only on matches.  It differs
       by permitting use of negative return codes as  indication  of  internal  failures  in  the
       callback.  Positive values indicate OTP mismatch.

       This  callback  interface  is  useful  when  you cannot compare OTPs directly using normal
       strcmp, but instead for example only have a hashed OTP.  You would then typically pass  in
       the  hashed  OTP  in  the strcmp_handle and let your implementation of strcmp_otp hash the
       test_otp OTP using the same hash, and then compare the results.

       Currently only OTP lengths of 6, 7 or 8 digits are supported.  This  restrictions  may  be
       lifted in future versions, although some limitations are inherent in the protocol.

RETURNS

       Returns   absolute  value  of  position  in  OTP  window  (zero  is  first  position),  or
       OATH_INVALID_OTP if no OTP was found in OTP window, or an error code.

SINCE

       1.10.0

REPORTING BUGS

       Report     bugs     to     <oath-toolkit-help@nongnu.org>.      liboath     home     page:
       https://www.nongnu.org/oath-toolkit/      General     help     using     GNU     software:
       http://www.gnu.org/gethelp/

COPYRIGHT

       Copyright © 2009-2020 Simon Josefsson.
       Copying and distribution of this file, with or without modification, are permitted in  any
       medium without royalty provided the copyright notice and this notice are preserved.