5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 * Copyright 2001,2002 Google, Inc.
20 * Copyright 2005,2006 TRI-D Systems, Inc.
24 * IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT
26 * In order to safely use challenge/response (async) mode, you must
27 * - implement a site-specific transform of the challenge, and/or
28 * - only allow async mode from secure locations.
30 * Please read the accompanying docs for more info.
32 * IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT
38 static const char rcsid[] = "$Id$";
42 * The default transform appends the first 2 username chars to the
43 * challenge. This results in a challenge that generally cannot be
44 * entered on any supported token, thus forcing a site-specific
45 * implementation to support async mode.
48 otp_challenge_transform(const char *username,
49 unsigned char challenge[OTP_MAX_CHALLENGE_LEN],
52 /* overwrite challenge in-place if not enough room */
53 switch (OTP_MAX_CHALLENGE_LEN - clen) {
54 case 0: clen -= 2; break;
55 case 1: clen -= 1; break;
58 /* append first 2 username chars to challenge */
60 challenge[clen++] = *username++;
62 challenge[clen++] = *username++;