1oath_hotp_validate_callback(3) liboath oath_hotp_validate_callback(3)
2
3
4
6 oath_hotp_validate_callback - API function
7
9 #include <oath.h>
10
11 int oath_hotp_validate_callback(const char * secret, size_t se‐
12 cret_length, uint64_t start_moving_factor, size_t window, unsigned dig‐
13 its, oath_validate_strcmp_function strcmp_otp, void * strcmp_handle);
14
16 const char * secret
17 the shared secret string
18
19 size_t secret_length
20 length of secret
21
22 uint64_t start_moving_factor
23 start counter in OTP stream
24
25 size_t window
26 how many OTPs after start counter to test
27
28 unsigned digits
29 number of requested digits in the OTP
30
31 oath_validate_strcmp_function strcmp_otp
32 function pointer to a strcmp-like function.
33
34 void * strcmp_handle
35 caller handle to be passed on to strcmp_otp.
36
38 Validate an OTP according to OATH HOTP algorithm per RFC 4226.
39
40 Validation is implemented by generating a number of potential OTPs and
41 performing a call to the strcmp_otp function, to compare the potential
42 OTP against the given otp. It has the following prototype:
43
44 int (*oath_validate_strcmp_function) (void *handle, const char
45 *test_otp);
46
47 The function should be similar to strcmp in that it return 0 only on
48 matches. It differs by permitting use of negative return codes as in‐
49 dication of internal failures in the callback. Positive values indi‐
50 cate OTP mismatch.
51
52 This callback interface is useful when you cannot compare OTPs directly
53 using normal strcmp, but instead for example only have a hashed OTP.
54 You would then typically pass in the hashed OTP in the strcmp_handle
55 and let your implementation of strcmp_otp hash the test_otp OTP using
56 the same hash, and then compare the results.
57
58 Currently only OTP lengths of 6, 7 or 8 digits are supported. This re‐
59 strictions may be lifted in future versions, although some limitations
60 are inherent in the protocol.
61
63 Returns position in OTP window (zero is first position), or OATH_IN‐
64 VALID_OTP if no OTP was found in OTP window, or an error code.
65
67 1.4.0
68
70 Report bugs to <oath-toolkit-help@nongnu.org>. liboath home page:
71 https://www.nongnu.org/oath-toolkit/ General help using GNU software:
72 http://www.gnu.org/gethelp/
73
75 Copyright © 2009-2020 Simon Josefsson.
76 Copying and distribution of this file, with or without modification,
77 are permitted in any medium without royalty provided the copyright no‐
78 tice and this notice are preserved.
79
80
81
82liboath 2.6.7 oath_hotp_validate_callback(3)