MirBSD manpage: x99token(1)

X99TOKEN(1)                  BSD Reference Manual                  X99TOKEN(1)

NAME

     x99token - X9.9 software token calculator

SYNOPSIS

     x99token [-d] [-i] [-k keyfile] [-n count]

DESCRIPTION

     The x99token program is a simple X9.9 software token calculator. The to-
     ken is initialized by using the -i option. In this mode, x99token re-
     quests a key. The key consists of 8 bytes encoded in either hex or octal.
     When encoded in hex the key must consist of 16 hex digits, no spaces
     (e.g., "0123456789abcdef"). When encoded in octal the key must consist of
     8 3-digit octets, each separated by exactly one space (e.g., "001 010 100
     002 020 200 003 030"). Once the key is entered, a PIN number is request-
     ed. The PIN number is used to perturb the key before it is stored in a
     keyfile. This perturbation is not terribly secure. You should assume that
     anyone with access to your keyfile will also have access to your key.

     When -i is not specified, x99token is in calculator mode. In this mode
     you must enter the same PIN as used in the initialization step. The PIN
     is used to decode the key read from the keyfile. Next you enter the chal-
     lenge you have been presented with. The x99token program will provide you
     with a response to the challenge. If the -d option is used, the response
     will fold any hex digits to decimal. If a count is specified by -n, it
     indicates the number of challenges to predict. The first challenge is al-
     ways the entered challenge. By default the value of count is 1, which im-
     plies only the entered challenge is resolved.

     Future challenges are predicted by the following algorithm:

           •   Encrypt the current challenge with the shared secret key

           •   AND each byte of the response with 0x0f

           •   Modulo each byte by 10 (0x0a)

           •   ADD 0x30 (ASCII value of '0') to each byte

     The resulting 8 bytes are all ASCII decimal digits and are the predicted
     challenge. This process may be repeated.

FILES

     $HOME/.keyfile.des  default keyfile

SEE ALSO

     tokenadm(8), tokeninit(8)

AUTHORS

     Paul Borman <prb@krystal.com>

CAVEATS

     This is a very simple-minded program. The keyfile should be placed on a
     floppy disk which is kept physically secure.

     Having not read the X9.9 standard, this may not be a complete or accurate
     implementation of the standard. This software is provided AS IS with no
     express or implied warranty.

MirBSD #10-current              August 1, 2001                               1

Generated on 2022-12-24 01:00:14 by $MirOS: src/scripts/roff2htm,v 1.113 2022/12/21 23:14:31 tg Exp $ — This product includes material provided by mirabilos.

These manual pages and other documentation are copyrighted by their respective writers; their sources are available at the project’s CVSweb, AnonCVS and other mirrors. The rest is Copyright © 2002–2022 MirBSD.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report — diffs preferred.

Kontakt / Impressum & Datenschutzerklärung