plucky (3) oath_hotp_validate_callback.3.gz

Provided by: liboath-dev_2.6.11-3ubuntu1_amd64 bug

NAME

       oath_hotp_validate_callback - API function

SYNOPSIS

       #include <oath.h>

       int  oath_hotp_validate_callback(const char * secret, size_t secret_length, uint64_t start_moving_factor,
       size_t window, unsigned digits, oath_validate_strcmp_function strcmp_otp, void * strcmp_handle);

ARGUMENTS

       const char * secret
                   the shared secret string

       size_t secret_length
                   length of secret

       uint64_t start_moving_factor
                   start counter in OTP stream

       size_t window
                   how many OTPs after start counter to test

       unsigned digits
                   number of requested digits in the OTP

       oath_validate_strcmp_function strcmp_otp
                   function pointer to a strcmp-like function.

       void * strcmp_handle
                   caller handle to be passed on to strcmp_otp.

DESCRIPTION

       Validate an OTP according to OATH HOTP algorithm per RFC 4226.

       Validation is implemented by generating a  number  of  potential  OTPs  and  performing  a  call  to  the
       strcmp_otp function, to compare the potential OTP against the given otp.  It has the following prototype:

       int (*oath_validate_strcmp_function) (void *handle, const char *test_otp);

       The  function  should be similar to strcmp in that it return 0 only on matches.  It differs by permitting
       use of negative return codes as indication  of  internal  failures  in  the  callback.   Positive  values
       indicate OTP mismatch.

       This  callback interface is useful when you cannot compare OTPs directly using normal strcmp, but instead
       for example only have a hashed OTP.  You would then typically pass in the hashed OTP in the strcmp_handle
       and let your implementation of strcmp_otp hash the test_otp OTP using the same hash, and then compare the
       results.

       Currently only OTP lengths of 6, 7 or 8 digits are supported.  This restrictions may be lifted in  future
       versions, although some limitations are inherent in the protocol.

RETURNS

       Returns  position  in OTP window (zero is first position), or OATH_INVALID_OTP if no OTP was found in OTP
       window, or an error code.

SINCE

       1.4.0

REPORTING BUGS

       Report bugs to <oath-toolkit-help@nongnu.org>.  liboath home  page:  https://www.nongnu.org/oath-toolkit/
       General help using GNU software: http://www.gnu.org/gethelp/

       Copyright © 2009-2020 Simon Josefsson.
       Copying  and distribution of this file, with or without modification, are permitted in any medium without
       royalty provided the copyright notice and this notice are preserved.