com.eatthepath.otp

Class TimeBasedOneTimePasswordGenerator

java.lang.Object

com.eatthepath.otp.HmacOneTimePasswordGenerator

com.eatthepath.otp.TimeBasedOneTimePasswordGenerator

public class TimeBasedOneTimePasswordGenerator
extends HmacOneTimePasswordGenerator

Generates time-based one-time passwords (TOTP) as specified in RFC 6238.

TimeBasedOneTimePasswordGenerator instances are thread-safe and may be shared and re-used across multiple threads.

Author:

Jon Chambers

Field Summary

Fields

Modifier and Type	Field and Description
static String	TOTP_ALGORITHM_HMAC_SHA1 A string identifier for the HMAC-SHA1 algorithm (required by HOTP and allowed by TOTP).
static String	TOTP_ALGORITHM_HMAC_SHA256 A string identifier for the HMAC-SHA256 algorithm (allowed by TOTP).
static String	TOTP_ALGORITHM_HMAC_SHA512 A string identifier for the HMAC-SHA512 algorithm (allowed by TOTP).

Fields inherited from class com.eatthepath.otp.HmacOneTimePasswordGenerator

DEFAULT_PASSWORD_LENGTH, HOTP_HMAC_ALGORITHM

Constructor Summary

Constructors

Constructor and Description
TimeBasedOneTimePasswordGenerator() Constructs a new time-based one-time password generator with a default time-step (30 seconds), password length (6 decimal digits), and HMAC algorithm ("HmacSHA1").
TimeBasedOneTimePasswordGenerator(long timeStep, TimeUnit timeStepUnit) Constructs a new time-based one-time password generator with the given time-step and a default password length (6 decimal digits) and HMAC algorithm ("HmacSHA1").
TimeBasedOneTimePasswordGenerator(long timeStep, TimeUnit timeStepUnit, int passwordLength) Constructs a new time-based one-time password generator with the given time-step and password length and a default HMAC algorithm ("HmacSHA1").
TimeBasedOneTimePasswordGenerator(long timeStep, TimeUnit timeStepUnit, int passwordLength, String algorithm) Constructs a new time-based one-time password generator with the given time-step, password length, and HMAC algorithm.

Method Summary

Modifier and Type	Method and Description
int	generateOneTimePassword(Key key, Date timestamp) Generates a one-time password using the given key and timestamp.
long	getTimeStep(TimeUnit timeUnit) Returns the time step used by this generator.

Methods inherited from class com.eatthepath.otp.HmacOneTimePasswordGenerator

generateOneTimePassword, getAlgorithm, getPasswordLength

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

TOTP_ALGORITHM_HMAC_SHA1

public static final String TOTP_ALGORITHM_HMAC_SHA1

A string identifier for the HMAC-SHA1 algorithm (required by HOTP and allowed by TOTP). HMAC-SHA1 is the default algorithm for TOTP.

See Also:

Constant Field Values

TOTP_ALGORITHM_HMAC_SHA256

public static final String TOTP_ALGORITHM_HMAC_SHA256

A string identifier for the HMAC-SHA256 algorithm (allowed by TOTP).

See Also:

Constant Field Values

TOTP_ALGORITHM_HMAC_SHA512

public static final String TOTP_ALGORITHM_HMAC_SHA512

A string identifier for the HMAC-SHA512 algorithm (allowed by TOTP).

See Also:

Constant Field Values

Constructor Detail

TimeBasedOneTimePasswordGenerator

public TimeBasedOneTimePasswordGenerator()
                                  throws NoSuchAlgorithmException

Constructs a new time-based one-time password generator with a default time-step (30 seconds), password length (6 decimal digits), and HMAC algorithm ("HmacSHA1").

Throws:

NoSuchAlgorithmException - if the underlying JRE doesn't support the "HmacSHA1" algorithm, which should never happen except in cases of serious misconfiguration

TimeBasedOneTimePasswordGenerator

public TimeBasedOneTimePasswordGenerator(long timeStep,
                                         TimeUnit timeStepUnit)
                                  throws NoSuchAlgorithmException

Constructs a new time-based one-time password generator with the given time-step and a default password length (6 decimal digits) and HMAC algorithm ("HmacSHA1").

Parameters:

timeStep - the magnitude of the time-step for this generator

timeStepUnit - the units for the the given time step

Throws:

NoSuchAlgorithmException - if the underlying JRE doesn't support the "HmacSHA1" algorithm, which should never happen except in cases of serious misconfiguration

TimeBasedOneTimePasswordGenerator

public TimeBasedOneTimePasswordGenerator(long timeStep,
                                         TimeUnit timeStepUnit,
                                         int passwordLength)
                                  throws NoSuchAlgorithmException

Constructs a new time-based one-time password generator with the given time-step and password length and a default HMAC algorithm ("HmacSHA1").

Parameters:

timeStep - the magnitude of the time-step for this generator

timeStepUnit - the units for the the given time step

passwordLength - the length, in decimal digits, of the one-time passwords to be generated; must be between 6 and 8, inclusive

Throws:

NoSuchAlgorithmException - if the underlying JRE doesn't support the "HmacSHA1" algorithm, which should never happen except in cases of serious misconfiguration

TimeBasedOneTimePasswordGenerator

public TimeBasedOneTimePasswordGenerator(long timeStep,
                                         TimeUnit timeStepUnit,
                                         int passwordLength,
                                         String algorithm)
                                  throws NoSuchAlgorithmException

Constructs a new time-based one-time password generator with the given time-step, password length, and HMAC algorithm.

Parameters:

timeStep - the magnitude of the time-step for this generator

timeStepUnit - the units for the the given time step

passwordLength - the length, in decimal digits, of the one-time passwords to be generated; must be between 6 and 8, inclusive

algorithm - the name of the Mac algorithm to use when generating passwords; TOTP allows for "HmacSHA1", "HmacSHA256", and "HmacSHA512"

Throws:

NoSuchAlgorithmException - if the underlying JRE doesn't support the given algorithm

See Also:

TOTP_ALGORITHM_HMAC_SHA1, TOTP_ALGORITHM_HMAC_SHA256, TOTP_ALGORITHM_HMAC_SHA512

Method Detail

generateOneTimePassword

public int generateOneTimePassword(Key key,
                                   Date timestamp)
                            throws InvalidKeyException

Generates a one-time password using the given key and timestamp.

Parameters:

key - a secret key to be used to generate the password

timestamp - the timestamp for which to generate the password

Returns:

an integer representation of a one-time password; callers will need to format the password for display on their own

Throws:

InvalidKeyException - if the given key is inappropriate for initializing the Mac for this generator

getTimeStep

public long getTimeStep(TimeUnit timeUnit)

Returns the time step used by this generator.

Parameters:

timeUnit - the units of time in which to return the time step

Returns:

the time step used by this generator in the given units of time