[OATH-Toolkit-help] [sr #108895] oath_authenticate

oath-toolkit-help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] [sr #108895] oath_authenticate_usersfile() read from

From:	Nikos Mavrogiannopoulos
Subject:	[OATH-Toolkit-help] [sr #108895] oath_authenticate_usersfile() read from HSM
Date:	Mon, 05 Oct 2015 13:45:42 +0000
User-agent:	Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0

URL:
  <http://savannah.nongnu.org/support/?108895>

                 Summary: oath_authenticate_usersfile() read from HSM
                 Project: OATH Toolkit
            Submitted by: nmav
            Submitted on: Mon 05 Oct 2015 04:45:41 PM EEST
                Category: None
                Priority: 5 - Normal
                Severity: 1 - Wish
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: None

    _______________________________________________________

Details:

I've recently modified the openconnect VPN server to use liboath for one time
passwords. Having seen however various HSMs like YubiHSM and
oath_authenticate_usersfile(), it seems straightforward to extend the
oath_authenticate_usersfile() to support HSMs. The API is high level allowing
to specify a userfile (which could be a URL similarly to PKCS #11 URLs), and
thus could accommodate for more than just files.

That would greatly extend the value of this library for server applications.




    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/support/?108895>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[OATH-Toolkit-help] [sr #108895] oath_authenticate_usersfile() read from HSM, Nikos Mavrogiannopoulos <=

Index(es):
- Date
- Thread