[OATH-Toolkit-help] OATH Toolkit 2.6.0

[Simon Josefsson]

Long time, no release!  I'm kicking off working on oath-toolkit with
this release to fix some minor issues.  Now is a good time to ping me
about anything I have neglected to do wrt oath-toolkit.

** liboath: Support TOTP with HMAC-SHA256 and HMAC-SHA512.
This adds new APIs oath_totp_generate2, oath_totp_validate4 and
oath_totp_validate4_callback.

** oathtool: The --totp parameter now take an optional argument to specify MAC.
For example use --totp=sha256 to use HMAC-SHA256.  When --totp is used
the default HMAC-SHA1 is used, as before.

** pam_oath: Mention in README that you shouldn't use insecure keys.
Suggested by Robin.

** pam_oath: Check return value from strdup.
Patch by Eero Häkkinen.

** The files 'gdoc' and 'expect.oath' are now included in the tarball.
Suggested by Jaroslav Škarvada.

Happy hacking,
Simon

The OATH Toolkit makes it easy to build one-time password
authentication systems.  It contains shared libraries, command line
tools and a PAM module.  Supported technologies include the
event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm
(RFC6238).  OATH stands for Open AuTHentication, which is the
organization that specify the algorithms.  For managing secret key
files, the Portable Symmetric Key Container (PSKC) format described in
RFC6030 is supported.

The components included in the package is:

  * liboath: A shared and static C library for OATH handling.

  * oathtool: A command line tool for generating and validating OTPs.

  * pam_oath: A PAM module for pluggable login authentication for OATH.

  * libpskc: A shared and static C library for PSKC handling.

  * pskctool: A command line tool for manipulating PSKC data.

The project's web page is available at:
  http://www.nongnu.org/oath-toolkit/

Documentation for the command line tools oathtool and pskctool:
  http://www.nongnu.org/oath-toolkit/oathtool.1.html
  http://www.nongnu.org/oath-toolkit/pskctool.1.html
  http://www.nongnu.org/oath-toolkit/libpskc-api/pskc-tutorial-pskctool.html

Manual for PAM module:
  http://git.savannah.gnu.org/cgit/oath-toolkit.git/tree/pam_oath/README

Liboath manual:
  http://www.nongnu.org/oath-toolkit/liboath-api/liboath-oath.html

Libpskc Tutorial & Manual
  http://www.nongnu.org/oath-toolkit/libpskc-api/pskc-tutorial-quickstart.html
  http://www.nongnu.org/oath-toolkit/libpskc-api/pskc-reference.html

If you need help to use the OATH Toolkit, or want to help others, you
are invited to join our oath-toolkit-help mailing list, see:
  https://lists.nongnu.org/mailman/listinfo/oath-toolkit-help

Here are the compressed sources of the entire package:
  
http://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.0.tar.gz
 (4.0MB)
  
http://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.0.tar.gz.sig
 (OpenPGP)

The software is cryptographically signed by the author using an OpenPGP
key identified by the following information:

pub   3744R/54265E8C 2014-06-22
      Key fingerprint = 9AA9 BDB1 1BB1 B99A 2128  5A33 0664 A769 5426 5E8C
uid                  Simon Josefsson <address@hidden>

The key is available from:
  http://josefsson.org/54265e8c.txt

I have changed key since the last release, see my transition statement:
  http://blog.josefsson.org/2014/06/23/openpgp-key-transition-statement/

Here are the SHA-1 and SHA-224 checksums:

47d94633917a51527c7e545885422a464f703a2b  oath-toolkit-2.6.0.tar.gz
488b20015df93761e496cd8ddb259a69cadbfa56efa9b8132e8e3f88  
oath-toolkit-2.6.0.tar.gz

General information on contributing:
  http://www.nongnu.org/oath-toolkit/contrib.html

Savannah developer's home page:
  https://savannah.nongnu.org/projects/oath-toolkit/

Code coverage charts:
  http://www.nongnu.org/oath-toolkit/coverage/

Clang code analysis:
  http://www.nongnu.org/oath-toolkit/clang-analyzer/

signature.asc
Description: PGP signature