User's Manual

ManualsBrandsEUTRONSEC ManualsElectronicsWEB OPT TIME

7 SDK

This chapter describes the WebOTP SDK.

The WebOTP product is distributed with an SDK which puts at the developer’s disposal the necessary services for

using the WebOTP features.

The WebOTP features can be subdivided into the following categories:

Initialization –

Initialization features

WebOTP –

Features for WebOTP authentication.

WebCHR –

Features for WebCHR authentication

WebSMS –

Features for WebSMS authentication

Utilities -

Generic utility features

Users –

Customization features.

Configuration –

Configuration features.

The SDK is distributed in different versions for use via DLL, A

CTIVE

X and .NET interface. The following description

refers to the DLL version for use via C language; the other versions offer the same features but they are suited to the

various environments.

7.1 Initialization

The initialization functions enable preparing and configuring the SDK by setting up a data context where all necessary

information is stored for maintaining the SDK internal status.

The use of each function of the SDK will be based on this context, the format of which is hidden to the user, who shall

just confine to provide it at every function call up that requests it. If the C language is used, it is possible to use the

webotp_context type for declaring the context. With any other language just supply a memory area of 4096 bytes.

The initialization functions must be called up only upon the application start and completion. In particular it is essential

that the moment such functions are used there are no other threads which might make simultaneous calls to other

functions of the SDK using the same data context.

int webotp_init(struct webotp_context* context, unsigned char* server_key,

unsigned char* blob_key);

The initialization of the context occurs via webotp_init() function which needs to be provided with the server-key too,

on which all authentication operations will be based and the blob-key used for the Blob cryptography operations.

void

webotp_done

(struct webotp_context* context);

On completion of each operation with the SDK, the context must be destroyed, calling up the webotp_done() function

and providing the context to destroy.

7.2 Authentication

The authentication functions enable obtaining authentication through an information exchange between the server and

the users.

According to the authentication type in use it may be the case of a mono-directional communication (WebOTP) or

bidirectional communication (WebCHR and WebSMS). In case of mono-directional communication, it will be

necessary to call up a single function which will check the information coming from the user. In case of bidirectional

communication it will be necessary first to call up a function for preparing the information which the server has to send

to the user. In a second phase it will be necessary to call up a second function that will check the answer received from

the user.

All such functions are thread-safe.

The information that is necessary for authentication is stored into a data packet called Blob which is associated to every

user. The Blob must be stored into an external database and associated with the corresponding serial number of the

device provided to the user.