Annotation of src/usr.bin/x99token/x99token.1, Revision 1.2
1.2 ! millert 1: .\" $OpenBSD$
! 2: .\"
! 3: .Dd August 1, 2001
! 4: .Dt X99TOKEN 1
! 5: .Os
! 6: .Sh NAME
! 7: .Nm x99token
! 8: .Nd X9.9 software token calculator
! 9: .Sh SYNOPSIS
! 10: .Nm x99token
! 11: .Op Fl d
! 12: .Op Fl i
! 13: .Op Fl k Ar keyfile
! 14: .Op Fl n Ar count
! 15: .Sh DESCRIPTION
1.1 millert 16: The
1.2 ! millert 17: .Nm x99token
1.1 millert 18: program is a simple X9.9 software token calculator.
19: The token is initialized by using the
1.2 ! millert 20: .Fl i
1.1 millert 21: option.
22: In this mode,
1.2 ! millert 23: .Nm
! 24: requests a key.
! 25: The key consists of 8 bytes encoded in either hex or octal.
! 26: When encoded in hex the key must consist of 16 hex digits,
1.1 millert 27: no spaces (e.g., "0123456789abcdef").
1.2 ! millert 28: When encoded in octal the key must consist of 8 3 digit octets,
! 29: each separated by exactly one space
1.1 millert 30: (e.g., "001 010 100 002 020 200 003 030").
1.2 ! millert 31: Once the key is entered, a PIN number is requested.
! 32: The PIN number is used to perturb the key before it is stored in a keyfile.
! 33: This perturbation is not terribly secure.
! 34: You should assume that anyone with access to your
1.1 millert 35: keyfile will also have access to your key.
1.2 ! millert 36: .Pp
1.1 millert 37: When
1.2 ! millert 38: .Fl i
1.1 millert 39: is not specified,
1.2 ! millert 40: .Nm
1.1 millert 41: is in calculator mode.
1.2 ! millert 42: In this mode you must enter the same PIN as used in the initialization step.
! 43: The PIN is used decode the the key read from the keyfile.
! 44: Next you enter the challenge you have been presented with.
1.1 millert 45: The
1.2 ! millert 46: .Nm
! 47: program will provide you a response to the challenge.
! 48: If the
! 49: .Fl d
1.1 millert 50: option is used, the response will fold any hex digits to decimal.
51: If a
1.2 ! millert 52: .Ar count
1.1 millert 53: is specified by
1.2 ! millert 54: .Fl n ,
! 55: it indicates the number of challenges to predict.
! 56: The first challenge is always the entered challenge.
! 57: By default the value of
! 58: .Ar count
1.1 millert 59: is 1, which implies only the entered challenge is resolved.
1.2 ! millert 60: .Pp
1.1 millert 61: Future challenges are predicted by the following algorithm:
1.2 ! millert 62: .Bl -bullet -offset indent
! 63: .It
! 64: Encrypt the current challenge with the shared secret key
! 65: .It
! 66: AND each byte of the response with 0x0f
! 67: .It
! 68: Modulo each byte by 10 (0x0a)
! 69: .It
! 70: ADD 0x30 (ASCII value of '0') to each byte
! 71: .El
! 72: .Pp
1.1 millert 73: The resulting 8 bytes are all ASCII decimal digits and are the
74: predicted challenge. This process may be repeated.
1.2 ! millert 75: .Sh FILES
! 76: .Bl -tag -width $HOME/.keyfile.des -compact
! 77: .It Pa $HOME/.keyfile.des
! 78: default keyfile
! 79: .El
! 80: .Sh NOTES
1.1 millert 81: This is a very simple minded program. It is recommended that the
82: keyfile be placed on a floppy disk which you keep physically secure.
1.2 ! millert 83: .Pp
1.1 millert 84: Having not read the X9.9 standard, this may not be complete or accurate
85: implementation of that standard. This software is provided AS IS
86: with no express or implied warranty.
1.2 ! millert 87: .Sh AUTHOR
1.1 millert 88: Paul Borman <prb@krystal.com>