oath_hotp_validate_callback(3)

1oath_hotp_validate_callback(3)      liboath     oath_hotp_validate_callback(3)
2
3
4

NAME

6       oath_hotp_validate_callback - API function
7

SYNOPSIS

9       #include <oath.h>
10
11       int   oath_hotp_validate_callback(const   char  *  secret,  size_t  se‐
12       cret_length, uint64_t start_moving_factor, size_t window, unsigned dig‐
13       its, oath_validate_strcmp_function strcmp_otp, void * strcmp_handle);
14

ARGUMENTS

16       const char * secret
17                   the shared secret string
18
19       size_t secret_length
20                   length of secret
21
22       uint64_t start_moving_factor
23                   start counter in OTP stream
24
25       size_t window
26                   how many OTPs after start counter to test
27
28       unsigned digits
29                   number of requested digits in the OTP
30
31       oath_validate_strcmp_function strcmp_otp
32                   function pointer to a strcmp-like function.
33
34       void * strcmp_handle
35                   caller handle to be passed on to strcmp_otp.
36

DESCRIPTION

38       Validate an OTP according to OATH HOTP algorithm per RFC 4226.
39
40       Validation  is implemented by generating a number of potential OTPs and
41       performing a call to the strcmp_otp function, to compare the  potential
42       OTP against the given otp.  It has the following prototype:
43
44       int   (*oath_validate_strcmp_function)   (void   *handle,   const  char
45       *test_otp);
46
47       The function should be similar to strcmp in that it return  0  only  on
48       matches.   It differs by permitting use of negative return codes as in‐
49       dication of internal failures in the callback.  Positive  values  indi‐
50       cate OTP mismatch.
51
52       This callback interface is useful when you cannot compare OTPs directly
53       using normal strcmp, but instead for example only have  a  hashed  OTP.
54       You  would  then  typically pass in the hashed OTP in the strcmp_handle
55       and let your implementation of strcmp_otp hash the test_otp  OTP  using
56       the same hash, and then compare the results.
57
58       Currently only OTP lengths of 6, 7 or 8 digits are supported.  This re‐
59       strictions may be lifted in future versions, although some  limitations
60       are inherent in the protocol.
61

RETURNS

63       Returns  position  in  OTP window (zero is first position), or OATH_IN‐
64       VALID_OTP if no OTP was found in OTP window, or an error code.
65

SINCE

67       1.4.0
68

REPORTING BUGS

70       Report bugs  to  <oath-toolkit-help@nongnu.org>.   liboath  home  page:
71       https://www.nongnu.org/oath-toolkit/  General  help using GNU software:
72       http://www.gnu.org/gethelp/
73

COPYRIGHT

75       Copyright © 2009-2020 Simon Josefsson.
76       Copying and distribution of this file, with  or  without  modification,
77       are  permitted in any medium without royalty provided the copyright no‐
78       tice and this notice are preserved.
79
80
81
82liboath                              2.6.9      oath_hotp_validate_callback(3)