1oath_hotp_validate_callback(3)      liboath     oath_hotp_validate_callback(3)
2
3
4

NAME

6       oath_hotp_validate_callback - API function
7

SYNOPSIS

9       #include <oath.h>
10
11       int    oath_hotp_validate_callback(const    char   *   secret,   size_t
12       secret_length, uint64_t start_moving_factor,  size_t  window,  unsigned
13       digits,  oath_validate_strcmp_function  strcmp_otp,  void * strcmp_han‐
14       dle);
15

ARGUMENTS

17       const char * secret
18                   the shared secret string
19
20       size_t secret_length
21                   length of secret
22
23       uint64_t start_moving_factor
24                   start counter in OTP stream
25
26       size_t window
27                   how many OTPs after start counter to test
28
29       unsigned digits
30                   number of requested digits in the OTP
31
32       oath_validate_strcmp_function strcmp_otp
33                   function pointer to a strcmp-like function.
34
35       void * strcmp_handle
36                   caller handle to be passed on to strcmp_otp.
37

DESCRIPTION

39       Validate an OTP according to OATH HOTP algorithm per RFC 4226.
40
41       Validation is implemented by generating a number of potential OTPs  and
42       performing  a call to the strcmp_otp function, to compare the potential
43       OTP against the given otp.  It has the following prototype:
44
45       int  (*oath_validate_strcmp_function)   (void   *handle,   const   char
46       *test_otp);
47
48       The  function  should  be similar to strcmp in that it return 0 only on
49       matches.  It differs by permitting use  of  negative  return  codes  as
50       indication of internal failures in the callback.  Positive values indi‐
51       cate OTP mismatch.
52
53       This callback interface is useful when you cannot compare OTPs directly
54       using  normal  strcmp,  but instead for example only have a hashed OTP.
55       You would then typically pass in the hashed OTP  in  the  strcmp_handle
56       and  let  your implementation of strcmp_otp hash the test_otp OTP using
57       the same hash, and then compare the results.
58
59       Currently only OTP lengths of 6, 7 or 8  digits  are  supported.   This
60       restrictions  may  be  lifted in future versions, although some limita‐
61       tions are inherent in the protocol.
62

RETURNS

64       Returns  position  in  OTP  window  (zero  is   first   position),   or
65       OATH_INVALID_OTP if no OTP was found in OTP window, or an error code.
66

SINCE

68       1.4.0
69

REPORTING BUGS

71       Report  bugs  to  <oath-toolkit-help@nongnu.org>.   liboath  home page:
72       http://www.gnu.org/software/liboath/ General help using  GNU  software:
73       http://www.gnu.org/gethelp/
74
76       Copyright © 2009-2020 Simon Josefsson.
77       Copying  and  distribution  of this file, with or without modification,
78       are permitted in any medium  without  royalty  provided  the  copyright
79       notice and this notice are preserved.
80
81
82
83liboath                              2.6.6      oath_hotp_validate_callback(3)
Impressum