1df930be7Sderaadt /* 22565b807Smillert * OpenBSD S/Key (skey.h) 3df930be7Sderaadt * 4df930be7Sderaadt * Authors: 5df930be7Sderaadt * Neil M. Haller <nmh@thumper.bellcore.com> 6df930be7Sderaadt * Philip R. Karn <karn@chicago.qualcomm.com> 7df930be7Sderaadt * John S. Walden <jsw@thumper.bellcore.com> 8df930be7Sderaadt * Scott Chasin <chasin@crimelab.com> 9bf198cc6Smillert * Todd C. Miller <millert@openbsd.org> 10df930be7Sderaadt * 11df930be7Sderaadt * Main client header 12df930be7Sderaadt * 13*e1cb6e2eSjsg * $OpenBSD: skey.h,v 1.23 2024/05/21 11:13:08 jsg Exp $ 14df930be7Sderaadt */ 15df930be7Sderaadt 162565b807Smillert #ifndef _SKEY_H_ 172565b807Smillert #define _SKEY_H_ 1 182565b807Smillert 19fc7f3601Smillert #include <dirent.h> 202565b807Smillert 21df930be7Sderaadt /* Server-side data structure for reading keys file during login */ 22ba6e0603Smillert struct skey { 23df930be7Sderaadt FILE *keyfile; 24fc7f3601Smillert DIR *keydir; 25df930be7Sderaadt char *logname; 26df930be7Sderaadt char *seed; 27df930be7Sderaadt char *val; 28fc7f3601Smillert unsigned int n; 292565b807Smillert char buf[256]; 30df930be7Sderaadt }; 31df930be7Sderaadt 32df930be7Sderaadt /* Client-side structure for scanning data stream for challenge */ 33ba6e0603Smillert struct mc { 34df930be7Sderaadt int skip; 35df930be7Sderaadt int cnt; 362565b807Smillert char buf[256]; 37df930be7Sderaadt }; 38df930be7Sderaadt 3985ff9955Smillert /* Maximum sequence number we allow */ 4085ff9955Smillert #define SKEY_MAX_SEQ 10000 4185ff9955Smillert 422565b807Smillert /* Minimum secret password length (rfc2289) */ 4385ff9955Smillert #define SKEY_MIN_PW_LEN 10 4485ff9955Smillert 452565b807Smillert /* Max secret password length (rfc2289 says 63 but allows more) */ 4685ff9955Smillert #define SKEY_MAX_PW_LEN 255 4785ff9955Smillert 482565b807Smillert /* Max length of an S/Key seed (rfc2289) */ 4985ff9955Smillert #define SKEY_MAX_SEED_LEN 16 5085ff9955Smillert 5185ff9955Smillert /* Max length of S/Key challenge (otp-???? 9999 seed) */ 5285ff9955Smillert #define SKEY_MAX_CHALLENGE (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN) 5385ff9955Smillert 541862619eSnaddy /* Max length of hash algorithm name (md5/sha1/rmd160) */ 55a0ff248aSmillert #define SKEY_MAX_HASHNAME_LEN 6 5685ff9955Smillert 5785ff9955Smillert /* Size of a binary key (not NULL-terminated) */ 5885ff9955Smillert #define SKEY_BINKEY_SIZE 8 5985ff9955Smillert 60fc7f3601Smillert /* Directory for S/Key per-user files */ 61fc7f3601Smillert #define _PATH_SKEYDIR "/etc/skey" 62fc7f3601Smillert 632565b807Smillert __BEGIN_DECLS 64c72b5b24Smillert void f(char *); 65c72b5b24Smillert int keycrunch(char *, char *, char *); 66c72b5b24Smillert char *btoe(char *, char *); 67c72b5b24Smillert char *put8(char *, char *); 68c72b5b24Smillert int etob(char *, char *); 69c72b5b24Smillert void rip(char *); 70c72b5b24Smillert int skeychallenge(struct skey *, char *, char *); 714dd1809cSmillert int skeychallenge2(int, struct skey *, char *, char *); 72c72b5b24Smillert int skeylookup(struct skey *, char *); 73c72b5b24Smillert int skeyverify(struct skey *, char *); 74c72b5b24Smillert void sevenbit(char *); 75c72b5b24Smillert void backspace(char *); 76c72b5b24Smillert char *skipspace(char *); 77c72b5b24Smillert char *readpass(char *, int); 78c72b5b24Smillert char *readskey(char *, int); 79c72b5b24Smillert int skey_authenticate(char *); 80c72b5b24Smillert int skey_passcheck(char *, char *); 81c72b5b24Smillert char *skey_keyinfo(char *); 82c72b5b24Smillert int skey_haskey(char *); 83c72b5b24Smillert int atob8(char *, char *); 84c72b5b24Smillert int btoa8(char *, char *); 85c72b5b24Smillert int htoi(int); 86c72b5b24Smillert const char *skey_get_algorithm(void); 87c72b5b24Smillert char *skey_set_algorithm(char *); 88c72b5b24Smillert int skeygetnext(struct skey *); 89c72b5b24Smillert int skey_unlock(struct skey *); 902565b807Smillert __END_DECLS 912565b807Smillert 922565b807Smillert #endif /* _SKEY_H_ */ 93