Botan::HOTP Class Referencefinal
#include <otp.h>
Public Member Functions | |
| uint32_t | generate_hotp (uint64_t counter) |
| HOTP (const SymmetricKey &key, std::string_view hash_algo="SHA-1", size_t digits=6) | |
| HOTP (const uint8_t key[], size_t key_len, std::string_view hash_algo="SHA-1", size_t digits=6) | |
| std::pair< bool, uint64_t > | verify_hotp (uint32_t otp, uint64_t starting_counter, size_t resync_range=0) |
Detailed Description
Constructor & Destructor Documentation
◆ HOTP() [1/2]
|
inline |
- Parameters
-
key the secret key shared between client and server hash_algo the hash algorithm to use, should be SHA-1 or SHA-256 digits the number of digits in the OTP (must be 6, 7, or 8)
◆ HOTP() [2/2]
| Botan::HOTP::HOTP | ( | const uint8_t | key[], |
| size_t | key_len, | ||
| std::string_view | hash_algo = "SHA-1", | ||
| size_t | digits = 6 ) |
- Parameters
-
key the secret key shared between client and server key_len length of key param hash_algo the hash algorithm to use, should be SHA-1 or SHA-256 digits the number of digits in the OTP (must be 6, 7, or 8)
Definition at line 15 of file hotp.cpp.
15 {
17
18 if(digits == 6) {
19 m_digit_mod = 1000000;
20 } else if(digits == 7) {
21 m_digit_mod = 10000000;
22 } else if(digits == 8) {
23 m_digit_mod = 100000000;
24 }
25
26 /*
27 RFC 4228 only supports SHA-1 but TOTP allows SHA-256 and SHA-512
28 and some HOTP libs support one or both as extensions
29 */
30 if(hash_algo == "SHA-1") {
32 } else if(hash_algo == "SHA-256") {
34 } else if(hash_algo == "SHA-512") {
36 } else {
37 throw Invalid_Argument("Unsupported HOTP hash function");
38 }
39
40 m_mac->set_key(key, key_len);
41}
static std::unique_ptr< MessageAuthenticationCode > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition mac.cpp:148
References BOTAN_ARG_CHECK, and Botan::MessageAuthenticationCode::create_or_throw().
Member Function Documentation
◆ generate_hotp()
| uint32_t Botan::HOTP::generate_hotp | ( | uint64_t | counter | ) |
Generate the HOTP for a particular counter value
- Warning
- if the counter value is repeated the OTP ceases to be one-time
Definition at line 43 of file hotp.cpp.
43 {
44 m_mac->update_be(counter);
46
47 const size_t offset = mac[mac.size() - 1] & 0x0F;
49 return code % m_digit_mod;
50}
References Botan::load_be().
Referenced by Botan::TOTP::generate_totp(), verify_hotp(), and Botan::TOTP::verify_totp().
◆ verify_hotp()
| std::pair< bool, uint64_t > Botan::HOTP::verify_hotp | ( | uint32_t | otp, |
| uint64_t | starting_counter, | ||
| size_t | resync_range = 0 ) |
Check an OTP value using a starting counter and a resync range
- Parameters
-
otp the client provided OTP starting_counter the server's guess as to the current counter state resync_range if 0 then only HOTP(starting_counter) is accepted If larger than 0, up to resync_range values after HOTP are also checked.
- Returns
- (valid,next_counter). If the OTP does not validate, always returns (false,starting_counter). Otherwise returns (true,next_counter) where next_counter is at most starting_counter + resync_range + 1
Definition at line 52 of file hotp.cpp.
52 {
53 for(size_t i = 0; i <= resync_range; ++i) {
55 return std::make_pair(true, starting_counter + i + 1);
56 }
57 }
58 return std::make_pair(false, starting_counter);
59}
References generate_hotp().
The documentation for this class was generated from the following files:
Generated by
1.12.0