Package com.eatthepath.otp

Class TimeBasedOneTimePasswordGenerator

  • public class TimeBasedOneTimePasswordGenerator
extends HmacOneTimePasswordGenerator

    Generates time-based one-time passwords (TOTP) as specified in RFC 6238.

    TimeBasedOneTimePasswordGenerator instances are thread-safe and may be shared between threads.

    Author:
    Jon Chambers

    • Field Detail

      • DEFAULT_TIME_STEP

        public static final Duration DEFAULT_TIME_STEP
        The default time-step for a time-based one-time password generator (30 seconds).

      • TOTP_ALGORITHM_HMAC_SHA1

        public static final String TOTP_ALGORITHM_HMAC_SHA1
        A string identifier for the HMAC-SHA1 algorithm (required by HOTP and allowed by TOTP). HMAC-SHA1 is the default algorithm for TOTP.
        See Also:
        Constant Field Values

      • TOTP_ALGORITHM_HMAC_SHA256

        public static final String TOTP_ALGORITHM_HMAC_SHA256
        A string identifier for the HMAC-SHA256 algorithm (allowed by TOTP).
        See Also:
        Constant Field Values

      • TOTP_ALGORITHM_HMAC_SHA512

        public static final String TOTP_ALGORITHM_HMAC_SHA512
        A string identifier for the HMAC-SHA512 algorithm (allowed by TOTP).
        See Also:
        Constant Field Values

    • Constructor Detail

      • TimeBasedOneTimePasswordGenerator

        public TimeBasedOneTimePasswordGenerator()
                                  throws NoSuchAlgorithmException
        Constructs a new time-based one-time password generator with a default time-step (30 seconds), password length (6 decimal digits), and HMAC algorithm ("HmacSHA1").
        Throws:
        NoSuchAlgorithmException - if the underlying JRE doesn't support the "HmacSHA1" algorithm, which should never happen except in cases of serious misconfiguration

      • TimeBasedOneTimePasswordGenerator

        public TimeBasedOneTimePasswordGenerator​(Duration timeStep)
                                  throws NoSuchAlgorithmException
        Constructs a new time-based one-time password generator with the given time-step and a default password length (6 decimal digits) and HMAC algorithm ("HmacSHA1").
        Parameters:
        timeStep - the time-step for this generator
        Throws:
        NoSuchAlgorithmException - if the underlying JRE doesn't support the "HmacSHA1" algorithm, which should never happen except in cases of serious misconfiguration

      • TimeBasedOneTimePasswordGenerator

        public TimeBasedOneTimePasswordGenerator​(Duration timeStep,
                                         int passwordLength)
                                  throws NoSuchAlgorithmException
        Constructs a new time-based one-time password generator with the given time-step and password length and a default HMAC algorithm ("HmacSHA1").
        Parameters:
        timeStep - the time-step for this generator
        passwordLength - the length, in decimal digits, of the one-time passwords to be generated; must be between 6 and 8, inclusive
        Throws:
        NoSuchAlgorithmException - if the underlying JRE doesn't support the "HmacSHA1" algorithm, which should never happen except in cases of serious misconfiguration

    • Method Detail

      • generateOneTimePassword

        public int generateOneTimePassword​(Key key,
                                   Instant timestamp)
                            throws InvalidKeyException
        Generates a one-time password using the given key and timestamp.
        Parameters:
        key - the key to be used to generate the password
        timestamp - the timestamp for which to generate the password
        Returns:
        an integer representation of a one-time password; callers will need to format the password for display on their own
        Throws:
        InvalidKeyException - if the given key is inappropriate for initializing the Mac for this generator

      • getTimeStep

        public Duration getTimeStep()
        Returns the time step used by this generator.
        Returns:
        the time step used by this generator