주식회사 누리아이티

정보자산의 보안강화를 위한 2차인증 보안SW 및 지문인식 OTP/출입/보안카드 전문기업

▶ BaroSolution/가이드

BaroPAM solution's API guide for no-remember passwords(dll)

누리아이티 2021. 2. 13. 14:20

1. Integration API configuration

 

BaroPAM related dynamic linking library is used to verify one-time authentication keys.

 

API class Description Etc
BaroKEYx.h
BaroKEYx.dll
BaroCRYPTx.dll
Header file and dll related to BaroPAM  
libeay32MD.dll
ssleay32MD.dll
Open SSL related dll  

 

The header file BaroKEYx.h for BaroPAM is as follows.

 

#ifndef _BARO_KEYX_H_
#define _BARO_KEYX_H_
 
#include <stdio.h>
 
#ifdef BARO_DLL_EXPORTS
#define BARO_DLLAPI __declspec(dllexport)
#else
#define BARO_DLLAPI __declspec(dllimport)
#endif
 
#ifdef __cplusplus
extern "C" {
#endif
 
BARO_DLLAPI long getRemainingTime(char *cycle_time);
BARO_DLLAPI char *generateKEYL(const char *login_id, const char *phone_no, const char *cycle_time, const char *corr_time, const char *key_method);
BARO_DLLAPI char *generateKEYP(const char *secure_key, const char *cycle_time, const char *corr_time, const char *key_method);
BARO_DLLAPI int verifyKEYL(const char *login_id, const char *phone_no, const char *cycle_time, const char *corr_time, const char *key_method, char *auth_key);
BARO_DLLAPI int verifyKEYP(const char *secure_key, const char *cycle_time, const char *corr_time, const char *key_method, char *auth_key);
 
#ifdef __cplusplus
}
#endif
 
#endif //_BARO_KEYX_H_
 
#endif

 

 

2. Integration API function

 

1) verifyKEYL function(When using login-ID)

 

- NAME

  verifyKEYL

 

- SYNOPSIS

  int verifyKEYL(const char *login_id, const char *phone_no, const char *cycle_time, const char *corr_time, const char *key_method, char *auth_key)

 

- DESCRIPTION

A function that verifies whether the entered one-time authentication key is correct.

 

login_id: Set the ID entered in the login-ID field of the login screen.

phone_no: Login-ID set user's smart phone number only with numbers.

cycle_time: Set the generation cycle (3~60 seconds) of one-time authentication key specified for each user.

corr_time: This is the guarantee error time (seconds) of the one-time authentication key.

              Set only for authentication cards. (0 seconds)

key_method: Set the one-time authentication key verification method (app1, app256, app384,

app512: app, card1, card256, card384, card512: authentication card).

auth_key: Set the one-time authentication key created and entered in the BaroPAM app on the login screen.

 

If the generation period of the smart phone number for each user and the one-time authentication key designated for each individual is different from the generator of the one-time authentication key, verification may fail because the one-time authentication key is different. You must match the information.

 

- RETURN VALUES

 On success, 1 is returned, and on failure, 0 is returned.

 

 

2) verifyKEYP function(When using secure key)

 

- NAME

  verifyKEYP

 

- SYNOPSIS

  int verifyKEYP(const char *secure_key, const char *cycle_time, const char *corr_time, const char *key_method, char *auth_key)

 

- DESCRIPTION

A function that verifies whether the entered one-time authentication key is correct.

 

Secure_key: Set the secure key given for each user or OTP card.

cycle_time: Set the generation cycle (3~60 seconds) of one-time authentication key specified for each user.

corr_time: This is the guarantee error time (seconds) of the one-time authentication key.

              Set only for authentication cards. (900 seconds)

key_method: Set the one-time authentication key verification method (app1, app256, app384,

app512: app, card1, card256, card384, card512: authentication card).

auth_key: Set the one-time authentication key created and entered in the BaroPAM app on the login screen.

 

If the generation cycle of the secure key and one-time authentication key specified for each user or card is different from the one-time authentication key generator, verification may fail because the one-time authentication key is different. You must match the information.

 

- RETURN VALUES

 On success, 1 is returned, and on failure, 0 is returned.

 

 

3. Authentication key verification part

 

1) Example of using authentication key verification module

 

Sample program) verifyKEYL function (when using login-ID)

 

#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
 
#include "BaroKEYx.h"
 
int main(int argc, char *argv[]) {
    const char *login_id   = argv[1];    // Login-ID
    const char *phone_no   = argv[2];    // Phone number
    const char *cycle_time = argv[3];    // Cycle time
    const char *corr_time  = argv[4];    // Correction time
    const char *key_method = argv[5];    // Key method
          char *auth_key   = argv[6];    // Auth key
 
    // Authentication key verification
    int  bauth_key = verifyKEYL(login_id, phone_no, cycle_time, corr_time, key_method, auth_key);
 
    // Authentication key verification (success)
    if (bauth_key == 1) {
        printf("Auth key success.\n");
    // Authentication key verification (failure)
    } else {
        printf("Auth key faild.\n");
    }
}

 

Sample program) verifyKEYP function (when using secure key)

 

#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
 
#include "BaroKEYx.h"
 
int main(int argc, char *argv[]) {
    const char *secure_key = argv[1];    // Secure key
    const char *cycle_time = argv[2];    // Cycle time
    const char *corr_time  = argv[3];    // Correction time
    const char *key_method = argv[4];    // Key method
          char *auth_key   = argv[5];    // Auth key
 
    // Authentication key verification
    int  bauth_key = verifyKEYP(secure_key, cycle_time, corr_time, key_method, auth_key);
 
    // Authentication key verification (success)
    if (bauth_key == 1) {
        printf("Auth key success.\n");
    // Authentication key verification (failure)
    } else {
        printf("Auth key faild.\n");
    }
}