Changeset 643 in openpam for trunk/modules/pam_oath/oath_totp.c


Ignore:
Timestamp:
Mar 5, 2013, 3:24:00 PM (8 years ago)
Author:
Dag-Erling Smørgrav
Message:
  • Add a provisional API for computing the current HOTP or TOTP code.
  • Add a provisional API for matching a user response.
  • Add a provisional API for generating a dummy key. When one of the matching functions recognizes a dummy key, it will go through the motions but never report a match.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/modules/pam_oath/oath_totp.c

    r623 r643  
    3535
    3636#include <stdint.h>
     37#include <string.h>
    3738#include <time.h>
    3839
     
    4950        return (oath_hotp(K, Klen, now / TOTP_TIME_STEP, Digit));
    5051}
     52
     53unsigned int
     54oath_totp_current(const struct oath_key *k)
     55{
     56        unsigned int code;
     57        uint64_t seq;
     58
     59        if (k == NULL)
     60                return (-1);
     61        if (k->mode != om_totp)
     62                return (-1);
     63        if (k->timestep == 0)
     64                return (-1);
     65        seq = time(NULL) / k->timestep;
     66        code = oath_hotp(k->key, k->keylen, seq, k->digits);
     67        return (code);
     68}
     69
     70int
     71oath_totp_match(const struct oath_key *k, unsigned int response, int window)
     72{
     73        unsigned int code;
     74        uint64_t seq;
     75        int dummy;
     76
     77        if (k == NULL)
     78                return (-1);
     79        if (window < 1)
     80                return (-1);
     81        if (k->mode != om_totp)
     82                return (-1);
     83        if (k->timestep == 0)
     84                return (-1);
     85        seq = time(NULL) / k->timestep;
     86        dummy = (memcmp(k->label, DUMMY_LABEL, DUMMY_LABELLEN) == 0);
     87        for (int i = -window; i <= window; ++i) {
     88                code = oath_hotp(k->key, k->keylen, seq + i, k->digits);
     89                if (code == response && !dummy)
     90                        return (1);
     91        }
     92        return (0);
     93}
Note: See TracChangeset for help on using the changeset viewer.