Package tech.mgl.utils.security.gen

Class PasscodeGenerator

java.lang.Object
tech.mgl.utils.security.gen.PasscodeGenerator
public class PasscodeGenerator extends Object
An implementation of the HOTP generator specified by RFC 4226. Generates short passcodes that may be used in challenge-response protocols or as timeout passcodes that are only valid for a short period. The default passcode is a 6-digit decimal code. The maximum passcode length is 9 digits.
Author:
sweis@google.com (Steve Weis)

  • Field Details

  • Constructor Details

    • PasscodeGenerator

      public PasscodeGenerator(Mac mac)
      Parameters:
      mac - A Mac used to generate passcodes

    • PasscodeGenerator

      public PasscodeGenerator(tech.mgl.utils.security.gen.PasscodeGenerator.Signer signer)

    • PasscodeGenerator

      public PasscodeGenerator(Mac mac, int passCodeLength)
      Parameters:
      mac - A Mac used to generate passcodes
      passCodeLength - The length of the decimal passcode

    • PasscodeGenerator

      public PasscodeGenerator(tech.mgl.utils.security.gen.PasscodeGenerator.Signer signer, int passCodeLength)

  • Method Details

    • generateResponseCode

      public String generateResponseCode(long state) throws GeneralSecurityException
      Parameters:
      state - 8-byte integer value representing internal OTP state.
      Returns:
      A decimal response code
      Throws:
      GeneralSecurityException - If a JCE exception occur

    • generateResponseCode

      public String generateResponseCode(long state, byte[] challenge) throws GeneralSecurityException
      Parameters:
      state - 8-byte integer value representing internal OTP state.
      challenge - Optional challenge as array of bytes.
      Returns:
      A decimal response code
      Throws:
      GeneralSecurityException - If a JCE exception occur

    • generateResponseCode

      public String generateResponseCode(byte[] challenge) throws GeneralSecurityException
      Parameters:
      challenge - An arbitrary byte array used as a challenge
      Returns:
      A decimal response code
      Throws:
      GeneralSecurityException - If a JCE exception occur

    • verifyResponseCode

      public boolean verifyResponseCode(long challenge, String response) throws GeneralSecurityException
      Parameters:
      challenge - A challenge to check a response against
      response - A response to verify
      Returns:
      True if the response is valid
      Throws:
      GeneralSecurityException

    • verifyTimeoutCode

      public boolean verifyTimeoutCode(long currentInterval, String timeoutCode) throws GeneralSecurityException
      Verify a timeout code. The timeout code will be valid for a time determined by the interval period and the number of adjacent intervals checked.
      Parameters:
      timeoutCode - The timeout code
      Returns:
      True if the timeout code is valid
      Throws:
      GeneralSecurityException

    • verifyTimeoutCode

      public boolean verifyTimeoutCode(String timeoutCode, long currentInterval, int pastIntervals, int futureIntervals) throws GeneralSecurityException
      Verify a timeout code. The timeout code will be valid for a time determined by the interval period and the number of adjacent intervals checked.
      Parameters:
      timeoutCode - The timeout code
      pastIntervals - The number of past intervals to check
      futureIntervals - The number of future intervals to check
      Returns:
      True if the timeout code is valid
      Throws:
      GeneralSecurityException