*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->NetBSD man pages -> skey (3)              
Title
Content
Arch
Section
 

SKEY(3)

Contents


NAME    [Toc]    [Back]

     skey, skeychallenge, skeylookup, skeygetnext, skeyverify, skeyzero,
     getskeyprompt, skey_set_algorithm, skey_get_algorithm, skey_haskey,
     skey_keyinfo, skey_passcheck, skey_authenticate - one-time password (OTP)
     library

LIBRARY    [Toc]    [Back]

     S/key One-Time Password Library (libskey, -lskey)

SYNOPSIS    [Toc]    [Back]

     #include <skey.h>

     int
     skeychallenge(struct skey *mp, const char *name, char *ss, size_t sslen);

     int
     skeylookup(struct skey *mp, const char *name);

     int
     skeygetnext(struct skey *mp);

     int
     skeyverify(struct skey *mp, char *response);

     int
     skeyzero(struct skey *mp, char *response);

     int
     getskeyprompt(struct skey *mp, char *name, char *prompt);

     const char *
     skey_set_algorithm(const char *new);

     const char *
     skey_get_algorithm(void);

     int
     skey_haskey(const char *username);

     const char *
     skey_keyinfo(const char *username);

     int
     skey_passcheck(const char *username, char *passwd);

     int
     skey_authenticate(const char *username);

     void
     f(char *x);

     int
     keycrunch(char *result, const char *seed, const char *passwd);

     void
     rip(char *buf);

     char *
     readpass(char *buf, int n);

     char *
     readskey(char *buf, int n);

     int
     atob8(char *out, const char *in);

     int
     btoa8(char *out, const char *in);

     int
     htoi(int c);

     const char *
     skipspace(const char *cp);

     void
     backspace(char *buf);

     void
     sevenbit(char *buf);

     char *
     btoe(char *engout, const char *c);

     int
     etob(char *out, const char *e);

     char *
     put8(char *out, const char *s);

DESCRIPTION    [Toc]    [Back]

     The skey library provides routines for accessing NetBSD's one-time password
 (OTP) authentication system.

     Most S/Key operations take a pointer to a struct skey, which should be
     considered as an opaque identifier.

FUNCTIONS    [Toc]    [Back]

     The following high-level functions are available:

     skeychallenge(mp, name, ss, sslen)
              Return a S/Key challenge for user name.  If successful, the
              caller's skey structure mp is filled and 0 is returned.  If
              unsuccessful (e.g. if name is unknown), -1 is returned.

     skeylookup(mp, name)
              Find an entry for user name in the one-time password database.
              Returns 0 if the entry is found and 1 if the entry is not found.
              If an error occurs accessing the database, -1 is returned.

     skeygetnext(mp)
              Get the next entry in the one-time password database.  Returns 0
              on success and the entry is stored in mp and 1 if no more
              entries are available.  If an error occurs accessing the
              database, -1 is returned.

     skeyverify(mp, response)
              Verify response response to a S/Key challenge.  Returns 0 if the
              verification is successful and 1 if the verification failed.  If
              an error occurs accessing the database, -1 is returned.

     skeyzero(mp, response)
              Comment out user's entry in the S/Key database.  Returns 0 on
              success and the database is updated, otherwise -1 is returned
              and the database remains unchanged.

     getskeyprompt(mp, name, prompt)
              Issue a S/Key challenge for user name.  If successful, fill in
              the caller's skey structure mp and return 0.  If unsuccessful
              (e.g. if name is unknown) -1 is returned.

     The following lower-level functions are available:

     skey_set_algorithm(new)
              Set hash algorithm type.  Valid values for new are "md4", "md5"
              and "sha1".

     skey_get_algorithm(void)
              Get current hash type.

     skey_haskey(username)
              Returns 0 if the user username exists and 1 if the user doesn't
              exist.  Returns -1 on file error.

     skey_keyinfo(username)
              Returns the current sequence number and seed for user username.

     skey_passcheck(username, passwd)
              Check to see if answer is the correct one to the current challenge.


     skey_authenticate(username)
              Used when calling program will allow input of the user's repsonse
 to the challenge.  Returns zero on success or -1 on failure.


     The following miscellaneous functions are available:

     f(x)     One-way function to take 8 bytes pointed to by x and return 8
              bytes in place.

     keycrunch(char *result, const char *seed, const char *passwd)
              Crunch a key.

     rip(buf)
              Strip trailing CR/LF characters from a line of text buf.

     readpass(buf, n)
              Read in secret passwd (turns off echo).

     readskey(buf, n)
              Read in an s/key OTP (does not turn off echo).

     atob8(out, in)
              Convert 8-byte hex-ascii string in to binary array out.  Returns
              0 on success, -1 on error.

     btoa8(out, in)
              Convert 8-byte binary array in to hex-ascii string out.  Returns
              0 on success, -1 on error.

     htoi(int c)
              Convert hex digit to binary integer.

     skipspace(cp)
              Skip leading spaces from the string cp.

     backspace(buf)
              Remove backspaced over characters from the string buf.

     sevenbit(buf)
              Ensure line buf is all seven bits.

     btoe(engout, c)
              Encode 8 bytes in c as a string of English words.  Returns a
              pointer to a static buffer in engout.

     etob(out, e)
              Convert English to binary.  Returns 0 if the word is not in the
              database, 1 if all good words and parity is valid, -1 if badly
              formed input (i.e. > 4 char word) and -2 if words are valid but
              parity is wrong.

     put8(out, s)
              Display 8 bytes s as a series of 16-bit hex digits.

FILES    [Toc]    [Back]

     /usr/lib/libskey.a    static skey library
     /usr/lib/libskey.so   dynamic skey library
     /usr/lib/libskey_p.a  static skey library compiled for profiling

SEE ALSO    [Toc]    [Back]

      
      
     skey(1), skeyaudit(1), skeyinfo(1)

BUGS    [Toc]    [Back]

     The skey library functions are not re-entrant or thread-safe.

     The skey library defines many poorly named functions which pollute the
     name space.

BSD                            November 10, 2001                           BSD
[ Back ]
 Similar pages
Name OS Title
skey OpenBSD one-time password user database
set_parms HP-UX set system initial identity parameters: hostname, date/time, root password, and networking
yppasswd Tru64 Update user password in Network Information Service (NIS) password map.
passwd IRIX change login password and password attributes
vxfs_ifree_timelag HP-UX VxFS inode free time lag (specifies the minimum time to be spent on a freelist)
create_link HP-UX Creates a soft link and optionally specifies an expiration time and an extension time
adjkerntz FreeBSD adjust local time CMOS clock to reflect time zone changes and keep current timezone offset for the k...
settimeofday Tru64 Gets and sets date and time and converts time between timeval and timeval64
settimeofday64 Tru64 Gets and sets date and time and converts time between timeval and timeval64
TIMEVAL32TO64 Tru64 Gets and sets date and time and converts time between timeval and timeval64
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service