CreateChallenge Method
Creates the challenge.
Syntax
ocra.createChallenge([callback])
Callback
The 'callback' parameter specifies a function which will be called when the operation completes (or an error is encountered). If the 'callback' parameter is not specified, then the method will block and will not return until the operation completes (or an error is encountered).
The callback for this method is defined as:
function(err){ }
'err' is the error that occurred. If there was no error, then 'err' is 'null'.
'err' has 2 properties which hold detailed information:
err.code err.message
Remarks
This method creates a Challenge. After calling this method the Challenge property will be populated with the created value.
When ChallengeType is set to ctRandom the following properties are applicable:
When ChallengeType is set to ctSignature the following properties are applicable:
In addition to creating the Challenge this method will also create the OCRASuite which defines parameters required by the other party to calculate a response. The following properties are applicable to OCRASuite creation:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
Random Challenge Example
//First create the challenge on machine A Ocra ocra = new Ocra(); ocra.ChallengeType = OcraChallengeTypes.ctRandom; ocra.ChallengeLength = 10; ocra.ChallengeFormat = OcraChallengeFormats.cfNumeric; ocra.CreateChallenge(); string challenge = ocra.Challenge; //Value like "3891592139" string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QN10" //Send Challenge and OCRASuite to Machine B //Upon receiving the challenge on Machine B, calculate a response ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Received from other party ocra.Challenge = challenge; //Received from other party ocra.Key = "shared secret key"; ocra.CalculateResponse(); string response = ocra.Response; //Value like "574464" //Send Response back to Machine A //Upon receiving the response on Machine A, verify it ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge ocra.Challenge = challenge; //Original challenge that was sent ocra.Response = response; //Received from other party ocra.Key = "shared secret key"; bool isValid = ocra.VerifyResponse(); //Returns True if verifiedSignature Challenge Example
//First create the challenge on machine A Ocra ocra = new Ocra(); ocra.ChallengeType = OcraChallengeTypes.ctSignature; ocra.ChallengeInput = "test input"; ocra.Key = "signature key"; ocra.ChallengeFormat = OcraChallengeFormats.cfHex; ocra.CreateChallenge(); string challenge = ocra.Challenge; //Value like "973131F0" string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QH08" //Send Challenge and OCRASuite to Machine B //Upon receiving the challenge on Machine B, calculate a response ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Received from other party ocra.Challenge = challenge; //Received from other party ocra.Key = "shared secret key"; ocra.CalculateResponse(); string response = ocra.Response; //Value like "574464" //Send Response back to Machine A //Upon receiving the response on Machine A, verify it ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge ocra.Challenge = challenge; //Original challenge that was sent ocra.Response = response; //Received from other party ocra.Key = "shared secret key"; bool isValid = ocra.VerifyResponse(); //Returns True if verified