OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Clean up and simplify dummy key handling. 

git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@679 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
Dag-Erling Smørgrav 2013-03-18 21:38:58 +00:00
parent 7da9af6602
commit 9f6bdd74f4
5 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/security/oath.h
View File

@ -42,10 +42,6 @@ struct oath_key *oath_key_from_uri(const char *);
struct oath_key *oath_key_from_file(const char *);
char *oath_key_to_uri(const struct oath_key *);
#define DUMMY_LABEL ("oath-dummy-key")
#define DUMMY_LABELLEN (sizeof DUMMY_LABEL)
#define DUMMY_KEYLEN 64
struct oath_key *oath_dummy_key(enum oath_mode, enum oath_hash, unsigned int);
unsigned int oath_hotp(const uint8_t *, size_t, uint64_t, unsigned int);

5
include/security/oath_constants.h
View File

@ -76,4 +76,9 @@ enum oath_hash {
*/
#define OATH_MAX_LABELLEN 64
/*
* Label to use for dummy keys
*/
#define OATH_DUMMY_LABEL "oath-dummy-key"
#endif

2
lib/liboath/oath_hotp.c
View File

@ -127,7 +127,7 @@ oath_hotp_match(struct oath_key *k, unsigned int response, int window)
return (-1);
if (k->counter >= UINT64_MAX - window)
return (-1);
dummy = (memcmp(k->label, DUMMY_LABEL, DUMMY_LABELLEN) == 0);
dummy = (strcmp(k->label, OATH_DUMMY_LABEL) == 0);
for (int i = 0; i < window; ++i) {
code = oath_hotp(k->key, k->keylen, k->counter + i, k->digits);
if (code == response && !dummy) {

6
lib/liboath/oath_key.c
View File

@ -310,8 +310,8 @@ oath_dummy_key(enum oath_mode mode, enum oath_hash hash, unsigned int digits)
key->counter = 0;
key->timestep = 30;
key->hash = hash;
memcpy(key->label, DUMMY_LABEL, DUMMY_LABELLEN);
key->labellen = DUMMY_LABELLEN;
key->keylen = DUMMY_KEYLEN;
strcpy(key->label, "oath-dummy-key");
key->labellen = strlen(key->label);
key->keylen = sizeof key->key;
return (key);
}

2
lib/liboath/oath_totp.c
View File

@ -83,7 +83,7 @@ oath_totp_match(const struct oath_key *k, unsigned int response, int window)
if (k->timestep == 0)
return (-1);
seq = time(NULL) / k->timestep;
dummy = (memcmp(k->label, DUMMY_LABEL, DUMMY_LABELLEN) == 0);
dummy = (strcmp(k->label, OATH_DUMMY_LABEL) == 0);
for (int i = -window; i <= window; ++i) {
code = oath_hotp(k->key, k->keylen, seq + i, k->digits);
if (code == response && !dummy)