CreateChallenge Method
Creates the challenge.
Syntax
ANSI (Cross Platform) int CreateChallenge(); Unicode (Windows) INT CreateChallenge();
- (void)createChallenge;
#define MID_OCRA_CREATECHALLENGE 4 IPWORKSAUTH_EXTERNAL int IPWORKSAUTH_CALL IPWorksAuth_OCRA_Do(void *lpObj, int methid, int cparam, void *param[], int cbparam[], int64 *lpllVal);
Remarks
This method creates a Challenge. After calling this method the Challenge property will be populated with the created value.
When ChallengeType is set to ctRandom the following properties are applicable:
When ChallengeType is set to ctSignature the following properties are applicable:
In addition to creating the Challenge this method will also create the OCRASuite which defines parameters required by the other party to calculate a response. The following properties are applicable to OCRASuite creation:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
Random Challenge Example
//First create the challenge on machine A Ocra ocra = new Ocra(); ocra.ChallengeType = OcraChallengeTypes.ctRandom; ocra.ChallengeLength = 10; ocra.ChallengeFormat = OcraChallengeFormats.cfNumeric; ocra.CreateChallenge(); string challenge = ocra.Challenge; //Value like "3891592139" string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QN10" //Send Challenge and OCRASuite to Machine B //Upon receiving the challenge on Machine B, calculate a response ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Received from other party ocra.Challenge = challenge; //Received from other party ocra.Key = "shared secret key"; ocra.CalculateResponse(); string response = ocra.Response; //Value like "574464" //Send Response back to Machine A //Upon receiving the response on Machine A, verify it ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge ocra.Challenge = challenge; //Original challenge that was sent ocra.Response = response; //Received from other party ocra.Key = "shared secret key"; bool isValid = ocra.VerifyResponse(); //Returns True if verifiedSignature Challenge Example
//First create the challenge on machine A Ocra ocra = new Ocra(); ocra.ChallengeType = OcraChallengeTypes.ctSignature; ocra.ChallengeInput = "test input"; ocra.Key = "signature key"; ocra.ChallengeFormat = OcraChallengeFormats.cfHex; ocra.CreateChallenge(); string challenge = ocra.Challenge; //Value like "973131F0" string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QH08" //Send Challenge and OCRASuite to Machine B //Upon receiving the challenge on Machine B, calculate a response ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Received from other party ocra.Challenge = challenge; //Received from other party ocra.Key = "shared secret key"; ocra.CalculateResponse(); string response = ocra.Response; //Value like "574464" //Send Response back to Machine A //Upon receiving the response on Machine A, verify it ocra = new Ocra(); ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge ocra.Challenge = challenge; //Original challenge that was sent ocra.Response = response; //Received from other party ocra.Key = "shared secret key"; bool isValid = ocra.VerifyResponse(); //Returns True if verified
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)