Provided by: liboath-dev_2.6.7-3.1_amd64 bug

NAME

       oath_totp_validate4_callback - API function

SYNOPSIS

       #include <oath.h>

       int  oath_totp_validate4_callback(const  char  * secret, size_t secret_length, time_t now,
       unsigned time_step_size, time_t  start_offset,  unsigned  digits,  size_t  window,  int  *
       otp_pos, uint64_t * otp_counter, int flags, oath_validate_strcmp_function strcmp_otp, void
       * strcmp_handle);

ARGUMENTS

       const char * secret
                   the shared secret string

       size_t secret_length
                   length of secret

       time_t now  Unix time value to compute TOTP for

       unsigned time_step_size
                   time step system parameter (typically 30)

       time_t start_offset
                   Unix time of when to start counting time steps (typically 0)

       unsigned digits
                   number of requested digits in the OTP

       size_t window
                   how many OTPs after start counter to test

       int * otp_pos
                   output search position in search window (may be NULL).

       uint64_t * otp_counter
                   counter value used to calculate OTP value (may be NULL).

       int flags   flags indicating mode, one of oath_totp_flags

       oath_validate_strcmp_function strcmp_otp
                   function pointer to a strcmp-like function.

       void * strcmp_handle
                   caller handle to be passed on to strcmp_otp.

DESCRIPTION

       Validate an OTP according to OATH TOTP algorithm per RFC 6238.

       Validation is implemented by generating a number of potential OTPs and performing  a  call
       to  the  strcmp_otp  function, to compare the potential OTP against the given otp.  It has
       the following prototype:

       int (*oath_validate_strcmp_function) (void *handle, const char *test_otp);

       The function should be similar to strcmp in that it return 0 only on matches.  It  differs
       by  permitting  use  of  negative  return  codes as indication of internal failures in the
       callback.  Positive values indicate OTP mismatch.

       This callback interface is useful when you  cannot  compare  OTPs  directly  using  normal
       strcmp,  but instead for example only have a hashed OTP.  You would then typically pass in
       the hashed OTP in the strcmp_handle and let your implementation  of  strcmp_otp  hash  the
       test_otp OTP using the same hash, and then compare the results.

       Currently  only  OTP  lengths of 6, 7 or 8 digits are supported.  This restrictions may be
       lifted in future versions, although some limitations are inherent in the protocol.

       The  flags  parameter  may  be  used   to   change   the   MAC   function,   for   example
       OATH_TOTP_HMAC_SHA256 or OATH_TOTP_HMAC_SHA512.

RETURNS

       Returns   absolute  value  of  position  in  OTP  window  (zero  is  first  position),  or
       OATH_INVALID_OTP if no OTP was found in OTP window, or an error code.

SINCE

       2.6.0

REPORTING BUGS

       Report     bugs     to     <oath-toolkit-help@nongnu.org>.      liboath     home     page:
       https://www.nongnu.org/oath-toolkit/      General     help     using     GNU     software:
       http://www.gnu.org/gethelp/

COPYRIGHT

       Copyright © 2009-2020 Simon Josefsson.
       Copying and distribution of this file, with or without modification, are permitted in  any
       medium without royalty provided the copyright notice and this notice are preserved.