-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello fellow soc-ers,
here's my report for the last week. As always, all committed code can be found on github[1], this week's changes got their own branch (aptly named "ocra"). This week's goal was to implement methods for generating and validating OCRA authentication values. This goal was almost completely fulfilled. I introduced two new API methods (oath_ocra_generate and oath_ocra_validate) as well as test cases for both. I encountered two obstacles: .) The OCRA specification (RFC 6287[2]) allows three different types of challenges: numeric, hexadecimal and alpha-numeric. I had to dig into the reference implementation to find out that numeric challenges are apparently supposed to be converted to base-16 before being converted to a byte-array. This stole quite a bit of precious debugging/coding time ;) .) oath-toolkit currently only contains library functions for generating SHA1 HMACs. Besides SHA1, OCRA is supposed to also support SHA256 and SHA512. My code is designed to be easily extendable once the necessary wrapper methods for gnulib's SHA256 and SHA512 API are written (how to proceed is not yet discussed with oath-toolkit's maintainer). So far all the test-cases indicate full support for all the different OCRA generation combinations (except for SHA256/512 support). I converted most of the reference test vector data to SHA1 and used the reference JAVA implementation to generate the OCRA values which are used to check correctness of the new API. My plans for the next week are to use the new API to extend oath-toolkit's PAM module to allow authentication via OCRA (limited to SHA1 for now, see above) as well as integrating feedback by my mentors. If possible, I would also like to extend the current code to support SHA256/512 this week. After this or next week, the implementation of OCRA in oath-toolkit should be finished and sufficiently tested. Afterwards I will proceed to extend dynalogin to also support authentication via OCRA. Kind regards, Fabian 1: https://github.com/Fabian-Gruenbichler/oath-toolkit/commits/ocra 2: http://tools.ietf.org/html/rfc6287 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQIcBAEBAgAGBQJRzbyqAAoJEK4xK/RwikTnKssQALtYcCtvX0IxjDhUmZUFGAOl oi/blNHTYqm0WVG8Dm1+jYPlTVrrUlHC/pQSe5NHytQ3qnZocF89Dm2Chx3qudJF RMg2HSjTj1KwK6AWtgz+VBwzub8tQVHyvGmLkhmHkLD4vYOyWCd8czquD9rOnAo6 ji2SN0CQNaTd8eOz/C4rcSdYmJkhWdoMCxNaF/vFZi8F/eo5yOpOdlDeVScXcaL/ QzfwAchXeB3K+64Gsn0o+selUlZTsswB4tMYNYCUu6sdHMbbgpEN5P6OjjYcjHy9 weWok04v4BuUQeLP0BPi1Ic44ojsY6nTOUJuv7rgaAHf9bCwDkY2MTb9sObn99TT Ek+wxze03zbk1NtLOBOzXAZTX/rJzhHtAjuwS+PNx36cHDSjPXPkdcEjCzyTLwFc pQaDUwmJVLz5b9X5x5vdk4Or/77YwJr7FxsfC3cxiy5YQFP3wpyDh6GfVgRYeCo1 C2vlM/LEINc7zAdZQWfKJ7A81GcSqRp5kWIjF/ZqAU7BMO85wZvXXurmB1KVm9y9 /fO5OJQi7UgJxdmI56bZZzPKg/8YO64+F5kJpzbP3eJw1ZjC8bP20d7J3UzPHhzo J/VFxcdoBKvh+EYNgUPl4ddg2BeDU8tyOQW+I2PggeKFipf2KWiQiQFAh2Lw7b8Q eVZYnDKvlojbagMGnLu+ =G4by -----END PGP SIGNATURE----- _______________________________________________ Soc-coordination mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/soc-coordination
