skey.exm readme
$Id: README,v 1.2 1995/05/10 03:59:05 itojun Exp $


What's this?
	This is a S/Key disposal key generator, with HP95LX system
	manager compliant user interface.
	You can invoke this program from HP100/200LX system
	manager easily.
	Also, the generated key will be copied to clipboard,
	so that it can be sent by simply tapping PASTE key.

	Sorry, it does not work on HP95LX yet(!!).  Read 'Restrictions'
	section for detail.

Installation
	Extract skey.exm to some directory.
	Register skey.exm to application manager.  You may use skey.icn
	if you like.  (how to register? RTFM!)

Quick usage
	1. (If you are using communication software on system manager)
	   Tap COPY to fill clipboard by the current screen image,
	   which contains S/Key challenge.
	2. Enter the S/Key sequence number and seed to the first row,
	   separated by space or slash.  The first row should be like below:

		challenge:   95 do12345

	   Hit return to finish entry.
	   If you have S/Key challenge on your clipboard, just tap PASTE.
	3. Enter your secret passphrase to the second row.  There will be
	   echoback by dots, not letters.  If the passphrase exceeds the
	   entry area, the program will show you the length of the passphrase.
	   The second row should be like below:

		passphrase:  ..........

	   Hit return to generate disposal key.
	4. (If you are using communication software on system manager)
	   Back to communication software, and tap PASTE.  The disposal
	   key will be entered automagically.

Key assignment
	Editing:
		BS	backspace.
		UP/DOWN	increase/decrease sequence number.
			(first row only)
		RETURN	finish entry.
			in second row, generate disposal key if possible.
		ESC	clear the current row.
		TAB	go to another row.
		PASTE	pastes text from clipboard.
			If you have multiple lines in clipboard,
			it takes the most recent line with S/Key challenge
			as input, and automagically pastes challenge part
			only.
			Actually, it recognizes the following regular
			expression: (\s means space, \S means not space,
			as is in perl)
				/^s\/key\s*(\(md5\)\s*)?[0-9]+\s+\S+\s*$/
			(first row only)
	Others:
		MENU Q	quit
		MENU O	setting up options
			each menu items are toggle switch. RETURN to
			switch.  ESC to finish menu mode.
		MENU S	save current setting of the options to
			c:\_dat\skey.env, manually.

Options
	Default value for the options will be read from c:\_dat\skey.env,
	on startup.
	(unfortunately, pathname cannot be altered)
	The file is plaintext, and can be edited by hand.
	Possible keywords are:
		secure insecure md4 md5 autosave noautosave
		password= passphrase=

    skey.env examples (order of keywords does not matter)
	No autosave, secure mode, default to md4
-->8 cut here
noautosave secure md4
-->8

	Autosave, insecure mode, default to md5
-->8 cut here
autosave insecure md5
-->8

    Password security(keyword: secure/insecure)
	There is a security option in the options menu (MENU+O).

	In secure mode(default), the secret passphrase you entered to the
	second row will be erased by the following events, for safety:
	- disposal key generation
	- task switch notification from system manger

	In insecure mode, the secret passphrase will be kept in the memory,
	and can be reused without typing it again.

	NOTICE: if you use insecure mode, you MUST keep your palmtop
	secure enough.  For example, you should never leave it on your desk.
	If you leave your palmtop alone, a bad guy can use your palmtop to
	create disposal key using your secret passphrase (already
	typed into your palmtop) and S/Key challenge (will be displayed
	by /bin/login).
	Also since DOS has no memory protection mechanism, your passphrase
	in memory can be seen by doing dumb memory scan.

    MD4/MD5 mode(keyword: md4/md5)
	The program supports both MD4 and MD5 key generation.
	(MD5 key generation have not been tested.  I don't know MD5 S/Key
	sites near here.  Let me know if it works fine or not)

    Auto-save option(keyword: autosave/noautosave)
	if autosave is specified, the settings of the options will be
	saved to skey.env, when quitting the application.

    Password/passphrase in environment file
	ULTRA-INSECURE option!  You should not use this unless you know
	what you are doing, and vulnerabilities by using this option.
	I do not describe the option here.
	Read skey.c (especially readopt()) for detail.
	The option will not be saved.  Use with noautosave mode.

Originals
	The key generation code was borrowed from termkey.zip 
	and skey.md5.tar.Z.

TODO
	- implement 100/200LX system manager complient version.

Restrictions
	- the length of challenge and passphrase is limited to 299 letters.
	  It can be easily increased, so please let me know if you use
	  longer passphrase.
	- It may take some time, if the key sequence number is big.
	  To make the matter worse, there's no way to stop computation
	  while calculating disposal key.  Do not try to generate disposal
	  key for sequence number 100000:-)
	- (reported by bet@ritz.mordor.com)
	  The code will cause screen-crush on HP95LX.
	  Resetting HP95LX is the only way to fix the screen-crush.
	  Unfortunately, it will not be fixed until I have a chance to
	  debug it on HP95LX.
	  (If any of you are in Tokyo, and using 95LX, would you please
	  let me play with your 95LX?  Let us dine&hack together:-P)

Release dates
    beta-test period:
	95.03.07 - first beta release.
	95.03.09 - MD5 key generation support. save options to skey.env.
	95.03.10 - paste with S/Key challenge recognition.
		   autosave/noautosave option. menu for saving skey.env.
	95.03.22 - changed several messages. improvements on document.
	95.05.10 - public release v0.1

Redistribution
	Freely redistributable if the source code is distributed
	with executable.  Do not redistribute executable form alone.
	If you made something with my source code and plan to redistribute,
	redistribute whole source-code with executable.

	The author assumes no responsibility for any of the damages
	by this program.  Use at your own risk.

Feedbacks
	I will be very happy to hear your opinions on user interface.
	Also, if you are good at icon design, please send me your NEAT icon.
	Would somebody volunteer for proofread and improve this document?
	(I know I'm not good at English writing)

	I have 200LX with 2M memory(and 40M flushmemory), and I test it on
	the machine.  
	Please contact me if you have any trouble with your palmtops.
	I'll try my best to support yours.

	I would like to implement 100/200LX compliant S/Key generator,
	however, there's no developper's kit for 100/200LX system manager
	available.
	If you have developper's kit or detailed technical documentation,
	and you are authorized to redistribute these, please send me one.

Author contact
	Jun-ichiro "itojun" Itoh/ESD
	itojun@csl.sony.co.jp
	itojun@mt.cs.keio.ac.jp
	http://www.mt.cs.keio.ac.jp/person/itojun.html
