Package com.bastiaanjansen.otp

Class OneTimePasswordGenerator

java.lang.Object

com.bastiaanjansen.otp.OneTimePasswordGenerator

Direct Known Subclasses:

HOTPGenerator, TOTPGenerator

public class OneTimePasswordGenerator
extends Object

Generates one-time passwords

Author:

Bastiaan Jansen

Field Summary

Fields

Modifier and Type	Field	Description
protected HMACAlgorithm	algorithm	Hashing algorithm used to generate code, defaults to SHA1
static HMACAlgorithm	DEFAULT_HMAC_ALGORITHM	Default value for HMAC Algorithm
static int	DEFAULT_PASSWORD_LENGTH	Default value for password length
protected int	passwordLength	Number of digits for generated code in range 6...8, defaults to 6
protected String	secret	Secret key used to generate the code, this should be a base32 string

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	OneTimePasswordGenerator(int passwordLength, HMACAlgorithm algorithm, String secret)	Constructs the generator with custom password length and hashing algorithm
protected	OneTimePasswordGenerator(int passwordLength, String secret)	Constructs generator with a custom password length and default hashing algorithm
protected	OneTimePasswordGenerator(HMACAlgorithm algorithm, String secret)	Constructs generator with a custom hashing algorithm and default password length
protected	OneTimePasswordGenerator(String secret)	Constructs generator with default values
protected	OneTimePasswordGenerator(URI uri)	Constructs generator from a OTPAuth URI

Method Summary

Modifier and Type	Method	Description
protected String	generate(BigInteger counter)	Generate a code
HMACAlgorithm	getAlgorithm()
int	getPasswordLength()
String	getSecret()
protected URI	getURI(String type, String path, Map<String,String> query)	Generate an OTPAuth URI
boolean	verify(String code, long counter)	Checks whether a code is valid for a specific counter with a delay window of 0
boolean	verify(String code, long counter, int delayWindow)	Checks whether a code is valid for a specific counter taking a delay window into account

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

passwordLength

protected final int passwordLength

Number of digits for generated code in range 6...8, defaults to 6

algorithm

protected final HMACAlgorithm algorithm

Hashing algorithm used to generate code, defaults to SHA1

secret

protected final String secret

Secret key used to generate the code, this should be a base32 string

DEFAULT_PASSWORD_LENGTH

public static final int DEFAULT_PASSWORD_LENGTH

Default value for password length

See Also:

Constant Field Values

DEFAULT_HMAC_ALGORITHM

public static final HMACAlgorithm DEFAULT_HMAC_ALGORITHM

Default value for HMAC Algorithm

Constructor Details

OneTimePasswordGenerator

protected OneTimePasswordGenerator(String secret)

Constructs generator with default values

Parameters:

secret - used to generate hash

OneTimePasswordGenerator

protected OneTimePasswordGenerator(int passwordLength,
String secret)

Constructs generator with a custom password length and default hashing algorithm

Parameters:

passwordLength - Number of digits for generated code in range 6...8

secret - used to generate hash

OneTimePasswordGenerator

protected OneTimePasswordGenerator(HMACAlgorithm algorithm,
String secret)

Constructs generator with a custom hashing algorithm and default password length

Parameters:

algorithm - HMAC hash algorithm used to hash data

secret - used to generate hash

OneTimePasswordGenerator

protected OneTimePasswordGenerator(URI uri)
                            throws UnsupportedEncodingException

Constructs generator from a OTPAuth URI

Parameters:

uri - OTPAuth URI

Throws:

UnsupportedEncodingException - when URI query items can't be encoded

OneTimePasswordGenerator

protected OneTimePasswordGenerator(int passwordLength,
HMACAlgorithm algorithm,
String secret)

Constructs the generator with custom password length and hashing algorithm

Parameters:

passwordLength - number of digits for generated code in range 6...8

algorithm - HMAC hash algorithm used to hash data

secret - used to generate hash

Method Details

getPasswordLength

public int getPasswordLength()

getAlgorithm

public HMACAlgorithm getAlgorithm()

getSecret

public String getSecret()

verify

public boolean verify(String code,
long counter)

Checks whether a code is valid for a specific counter with a delay window of 0

Parameters:

code - an OTP code

counter - how many times time interval has passed since 1970

Returns:

a boolean, true if code is valid, otherwise false

verify

public boolean verify(String code,
long counter,
int delayWindow)

Checks whether a code is valid for a specific counter taking a delay window into account

Parameters:

code - an OTP codee

counter - how many times time interval has passed since 1970

delayWindow - window in which a code can still be deemed valid

Returns:

a boolean, true if code is valid, otherwise false

generate

protected String generate(BigInteger counter)
                   throws IllegalStateException

Generate a code

Parameters:

counter - how many times time interval has passed since 1970

Returns:

generated OTP code

Throws:

IllegalStateException - when hashing algorithm throws an error

getURI

protected URI getURI(String type,
String path,
Map<String,String> query)
              throws URISyntaxException

Generate an OTPAuth URI

Parameters:

type - of OTPAuth URI: totp or hotp

path - contains issuer and account name

query - items of URI

Returns:

created OTPAuth URI

Throws:

URISyntaxException - when URI cannot be created