<HIDAsyncOTPGenerator> Protocol Reference

Extends the OTP generator to support asynchronous challenge-response generation. (OCRA) Computes OTP using externally provided challenge or transaction data. More...

#import <HIDAsyncOTPGenerator.h>

Inheritance diagram for <HIDAsyncOTPGenerator>:

Instance Methods
(NSString *)	- computeClientResponse:withClientChallenge:withServerChallenge:withInputParams:error:
(NSString *)	- computeResponse:withChallenge:withInputParams:error:
(NSString *)	- computeServerResponse:withClientChallenge:withServerChallenge:withInputParams:error:
(NSString *)	- computeSignature:withSigChallenge:withClientChallenge:withInputParams:error:
(NSString *)	- formatSignatureChallenge:error:
(NSString *)	- getChallenge:
(NSString *)	- getType

Detailed Description

Extends the OTP generator to support asynchronous challenge-response generation. (OCRA) Computes OTP using externally provided challenge or transaction data.

Method Documentation

- (NSString*) computeClientResponse:		(NSString *)	password
withClientChallenge:		(NSString *)	clientChallenge
withServerChallenge:		(NSString *)	serverChallenge
withInputParams:		(HIDOTPInputAlgorithmParameters *)	input
error:		(NSError **)	error

Compute the client response for one-way challenge-response with optional parameters. If there are no optional parameters, input can be omitted.

Parameters

password	OTP key password (if protected by password).
clientChallenge	The challenge for a client.
serverChallenge	The challenge for a server.
input	InputParameters (session info and PIN) as required by OCRASuite.
error	error details. It may be nil.

Possible error codes are:

• HIDInternal if unexpected error occurred.
• HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns

Formatted response for the challenge.

- (NSString*) computeResponse:		(NSString *)	password
withChallenge:		(NSString *)	challenge
withInputParams:		(HIDOTPInputAlgorithmParameters *)	input
error:		(NSError **)	error

Compute the response for one-way challenge-response. The params allows you to pass additional data to compute the OTP. If there are no optional parameters, input can be omitted.

Parameters

password	OTP key password (if protected by password).
challenge	The challenge for the mutual authentication.
input	InputParameters (session info and PIN) as required by OCRASuite.
error	error details. It may be nil.

Possible error codes are:

• HIDInternal if unexpected error occurred.
• HIDInvalidArgument if the given parameters are invalid or required parameters are missing.
• HIDPasswordRequired if required password was not provided.

Returns

Formatted response for challenge.

- (NSString*) computeServerResponse:		(NSString *)	password
withClientChallenge:		(NSString *)	clientChallenge
withServerChallenge:		(NSString *)	serverChallenge
withInputParams:		(HIDOTPInputAlgorithmParameters *)	input
error:		(NSError **)	error

Compute the server response for one-way challenge-response or for two-way signature. If there are no optional parameters, input can be omitted.

Parameters

password	OTP key password (if protected by password).
clientChallenge	The challenge for client.
serverChallenge	The challenge for server.
input	InputParameters (session info and PIN) as required by OCRASuite.
error	error details. It may be nil.

Possible error codes are:

• HIDInternal if unexpected error occurred.
• HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns

The formatted response for challenge.

- (NSString*) computeSignature:		(NSString *)	password
withSigChallenge:		(NSString *)	sigChallenge
withClientChallenge:		(NSString *)	clientChallenge
withInputParams:		(HIDOTPInputAlgorithmParameters *)	input
error:		(NSError **)	error

Compute the signature for one-way or two-way signature. For one-way signature, clientChallenge is empty. If there are no optional parameters, input can be omitted.

Parameters

password	OTP key password (if protected by the password).
sigChallenge	The challenge for the signature.
clientChallenge	The challenge for client.
input	InputParameters (session info and PIN) as required by OCRASuite.
error	error details. It may be nil.

Possible error codes are:

• HIDInternal if unexpected error occurred.
• HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns

Formatted response for challenge.

- (NSString*) formatSignatureChallenge:		(NSArray *)	inputData
error:		(NSError **)	error

For transaction signing use cases, this method permits a challenge to be formatted according to standard based on several input provided by the user. Typically for OCRA see Appendix A of the Certificate profile.

Parameters

inputData	An array of input data provided by the user. Returns the fully formatted challenge to use in computeResponse method.
error	error details. It may be nil.

Possible error codes are:

• HIDInternal if unexpected error occurred.
• HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns

Formatted challenge.

- (NSString*) getChallenge:

(NSError **)

error

Returns a challenge according to format specified in OCRA suit for one-way use cases (challenge-response and signature). This method can be used by the client to provide the challenge to other parties (typically a server) so that it can authenticate the server using the asynchronous method.

Parameters

error

error details. It may be nil.

Possible error codes are:

• HIDInternal if unexpected error occurred.
• HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns

Formatted challenge.

- (NSString*) getType

The type of OTP generator.

Returns

The Asynchronous generator type (challenge-response).