[Soc-coordination] Status Report Week 3, Extending oath-toolkit and dynalogin to provide CROTP/OCRA

[Fabian Grünbichler]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello everyone,

this week was a little slower than the last two as I wrote my last
homework project for university as well.

*Changes/Updates finished this week*
.) Refactoring of OCRA API, parsing the ocra_suite string is now moved
to its own method, a new struct for storing information about the OCRA
parameters was introduced
.) Refactoring/extension of oathtool, the command line tool based on
liboath which allows generation and validation of HOTP, TOTP and
(newly introduced) OCRA values
.) Small bug fixes, most in yet unused code (i.e., SHA256/SHA512 handling)

The second part was a little more work than I expected because the
code turned out to not be as easily extendable (i.e., it relied on the
fact that previously there were only two OTP schemes supported).

Both of the updates above also include necessary test cases and API
documentation (where applicable).

*Changes started but not yet finished and committed*
.) Extending the OATH PAM module to support OCRA as authentication scheme

This requires extending the credential storage currently in use (which
I would like to discuss with the maintainer before pushing my changes)
and establishing which modes of OCRA are applicable for this usage
scenario (e.g. one-way vs two-way, including session information or
not, etc.pp.).

*Changes postponed*
.) Writing wrapper methods for SHA256/SHA512

*Plans for the next week*
.) Finish work on the PAM module
.) Finish SHA256/SHA512 support
.) Start discussion with mentors about dynalogin implementation/protocol

Kind regards,
Fabian

p.s. I didn't receive feedback on my last report. Was this intentional
or just an oversight?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQIcBAEBAgAGBQJR1z2NAAoJEK4xK/RwikTnmwcP/1DX6F1Kz235+gWb7MvpWuB1
d5e0mHFfBthBgJ+JJNrGCersLA7CSDqE9m9ugfnLFoqoeZNesvjgx8xNxNj+p4j7
n7TLXbvI5ol6lesFvs6AcmGrugq9iJ/HoqyrBoPtu6NDDgBsa/iWWjI712upSVHl
Bgxo6Cck6vWfeui3gprTQlwEnbjD6yz/cY2KE0HlrQkRINfOpweSmHpJaGQFMpqL
LGOz9PGHVeys69pG15nRGsQ/HfljlxZz8Yrd+lfsUS5+Np/BQ3rk+VqoungewVx5
M25Z+EsAYMT1ZN5Qm0a9Gzg0pWsITEcfKJLi0gF+bvqxRVm0VMk1hoqZFtrGAmH5
ppImHDGT/t7tSFa1jcpLiOwd+36lKXL+mv3xXOkDrB8pqfwqhfboF+MJd4x5iyDR
HVQPSwgwxDU+dLwafXtfTLbfajC4R7efIC2KqofWjZ8xarD57Vfir03PrX8Z9hVZ
7rXQ19iKiU7iksaPXOzUGkxzCY4vl1pRDfvvv6z2yzc8J0osrlB3z4k3wNctdFDK
AgvQl+LiSqc9+9nlQeKXd5ff6KVFirOdA79JMFm/ozIVH5ekoQlu8TxUGQOiT0jy
Gg0ic7KB2a/V5PEf4Yh2YLC6AdMzR2J0xizi/pBaNeDuthOApQJLVeTeWZnKzKCd
DK6qIoFXbjn+fMpzCqap
=skQI
-----END PGP SIGNATURE-----