#include <otp.h>
|
| uint32_t | generate_hotp (uint64_t counter) |
| |
| | HOTP (const SymmetricKey &key, std::string_view hash_algo="SHA-1", size_t digits=6) |
| |
| | HOTP (const uint8_t key[], size_t key_len, std::string_view hash_algo="SHA-1", size_t digits=6) |
| |
| std::pair< bool, uint64_t > | verify_hotp (uint32_t otp, uint64_t starting_counter, size_t resync_range=0) |
| |
HOTP one time passwords (RFC 4226)
Definition at line 19 of file otp.h.
◆ HOTP() [1/2]
| Botan::HOTP::HOTP |
( |
const SymmetricKey & | key, |
|
|
std::string_view | hash_algo = "SHA-1", |
|
|
size_t | digits = 6 ) |
|
inline |
- Parameters
-
| key | the secret key shared between client and server |
| hash_algo | the hash algorithm to use, should be SHA-1 or SHA-256 |
| digits | the number of digits in the OTP (must be 6, 7, or 8) |
Definition at line 26 of file otp.h.
26 :
27 HOTP(key.begin(), key.size(), hash_algo, digits) {}
HOTP(const SymmetricKey &key, std::string_view hash_algo="SHA-1", size_t digits=6)
◆ HOTP() [2/2]
| Botan::HOTP::HOTP |
( |
const uint8_t | key[], |
|
|
size_t | key_len, |
|
|
std::string_view | hash_algo = "SHA-1", |
|
|
size_t | digits = 6 ) |
- Parameters
-
| key | the secret key shared between client and server |
| key_len | length of key param |
| hash_algo | the hash algorithm to use, should be SHA-1 or SHA-256 |
| digits | the number of digits in the OTP (must be 6, 7, or 8) |
Definition at line 15 of file hotp.cpp.
15 {
16 BOTAN_ARG_CHECK(digits == 6 || digits == 7 || digits == 8,
"Invalid HOTP digits");
17
18 if(digits == 6) {
19 m_digit_mod = 1000000;
20 } else if(digits == 7) {
21 m_digit_mod = 10000000;
22 } else if(digits == 8) {
23 m_digit_mod = 100000000;
24 }
25
26
27
28
29
30 if(hash_algo == "SHA-1") {
32 } else if(hash_algo == "SHA-256") {
34 } else if(hash_algo == "SHA-512") {
36 } else {
37 throw Invalid_Argument("Unsupported HOTP hash function");
38 }
39
40 m_mac->set_key(key, key_len);
41}
#define BOTAN_ARG_CHECK(expr, msg)
static std::unique_ptr< MessageAuthenticationCode > create_or_throw(std::string_view algo_spec, std::string_view provider="")
References BOTAN_ARG_CHECK, and Botan::MessageAuthenticationCode::create_or_throw().
◆ generate_hotp()
| uint32_t Botan::HOTP::generate_hotp |
( |
uint64_t | counter | ) |
|
Generate the HOTP for a particular counter value
- Warning
- if the counter value is repeated the OTP ceases to be one-time
Definition at line 43 of file hotp.cpp.
43 {
44 m_mac->update_be(counter);
45 const secure_vector<uint8_t> mac = m_mac->final();
46
47 const size_t offset = mac[mac.size() - 1] & 0x0F;
48 const uint32_t code = load_be<uint32_t>(mac.data() + offset, 0) & 0x7FFFFFFF;
49 return code % m_digit_mod;
50}
Referenced by Botan::TOTP::generate_totp(), verify_hotp(), and Botan::TOTP::verify_totp().
◆ verify_hotp()
| std::pair< bool, uint64_t > Botan::HOTP::verify_hotp |
( |
uint32_t | otp, |
|
|
uint64_t | starting_counter, |
|
|
size_t | resync_range = 0 ) |
Check an OTP value using a starting counter and a resync range
- Parameters
-
| otp | the client provided OTP |
| starting_counter | the server's guess as to the current counter state |
| resync_range | if 0 then only HOTP(starting_counter) is accepted If larger than 0, up to resync_range values after HOTP are also checked. |
- Returns
- (valid,next_counter). If the OTP does not validate, always returns (false,starting_counter). Otherwise returns (true,next_counter) where next_counter is at most starting_counter + resync_range + 1
Definition at line 52 of file hotp.cpp.
52 {
53 for(size_t i = 0; i <= resync_range; ++i) {
55 return std::make_pair(true, starting_counter + i + 1);
56 }
57 }
58 return std::make_pair(false, starting_counter);
59}
uint32_t generate_hotp(uint64_t counter)
References generate_hotp().
The documentation for this class was generated from the following files:
