Add otp client preauth plugin

Implements the client side of RFC 6560. Not all features are implemented, but it should work for the most common cases. ticket: 7242 (new)
author: Nathaniel McCallum <npmccallum@redhat.com> 2012-08-20 16:49:54 -0400
committer: Greg Hudson <ghudson@mit.edu> 2012-08-23 13:30:15 -0400
commit: 652313bbda5f4fdd6ca2828f0aa61ff1b0178c51 (patch)
tree: 14a3147191965cba7e86d8ef818fcf5880f68fb2 /src/include
parent: a7dc565cafbaa6c18d5a76ea3cc823c7159a0d6b (diff)
download: krb5-652313bbda5f4fdd6ca2828f0aa61ff1b0178c51.tar.gz
krb5-652313bbda5f4fdd6ca2828f0aa61ff1b0178c51.tar.xz
krb5-652313bbda5f4fdd6ca2828f0aa61ff1b0178c51.zip
2 files changed, 11 insertions, 0 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 6a853ce798..d119d02be4 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -479,6 +479,12 @@ typedef struct _krb5_enc_sam_response_enc_2 {
 #define KRB5_OTP_FLAG_SEPARATE_PIN   0x02000000
 #define KRB5_OTP_FLAG_CHECK_DIGIT    0x01000000
 
+#define KRB5_OTP_FORMAT_DECIMAL      0x00000000
+#define KRB5_OTP_FORMAT_HEXADECIMAL  0x00000001
+#define KRB5_OTP_FORMAT_ALPHANUMERIC 0x00000002
+#define KRB5_OTP_FORMAT_BINARY       0x00000003
+#define KRB5_OTP_FORMAT_BASE64       0x00000004
+
 typedef struct _krb5_otp_tokeninfo {
     krb5_flags flags;
     krb5_data vendor;
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index fde0d8ff44..16da726663 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -970,6 +970,7 @@ krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype,
 #define KRB5_KEYUSAGE_AD_SIGNEDPATH             -21
 #define KRB5_KEYUSAGE_IAKERB_FINISHED           42
 #define KRB5_KEYUSAGE_PA_PKINIT_KX              44
+#define KRB5_KEYUSAGE_PA_OTP_REQUEST            45
 /* define in draft-ietf-krb-wg-preauth-framework*/
 #define KRB5_KEYUSAGE_FAST_REQ_CHKSUM 50
 #define KRB5_KEYUSAGE_FAST_ENC 51
@@ -1812,6 +1813,10 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype,
 #define KRB5_PADATA_FX_FAST             136
 #define KRB5_PADATA_FX_ERROR            137
 #define KRB5_PADATA_ENCRYPTED_CHALLENGE 138
+#define KRB5_PADATA_OTP_CHALLENGE       141
+#define KRB5_PADATA_OTP_REQUEST         142
+#define KRB5_PADATA_OTP_CONFIRM         143
+#define KRB5_PADATA_OTP_PIN_CHANGE      144
 #define KRB5_PADATA_PKINIT_KX 147
 #define KRB5_ENCPADATA_REQ_ENC_PA_REP 149
author	Nathaniel McCallum <npmccallum@redhat.com>	2012-08-20 16:49:54 -0400
committer	Greg Hudson <ghudson@mit.edu>	2012-08-23 13:30:15 -0400
commit	652313bbda5f4fdd6ca2828f0aa61ff1b0178c51 (patch)
tree	14a3147191965cba7e86d8ef818fcf5880f68fb2 /src/include
parent	a7dc565cafbaa6c18d5a76ea3cc823c7159a0d6b (diff)
download	krb5-652313bbda5f4fdd6ca2828f0aa61ff1b0178c51.tar.gz krb5-652313bbda5f4fdd6ca2828f0aa61ff1b0178c51.tar.xz krb5-652313bbda5f4fdd6ca2828f0aa61ff1b0178c51.zip