Botan  2.8.0
Crypto and TLS for C++11
hotp.h
Go to the documentation of this file.
1 /*
2 * HOTP
3 * (C) 2017 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_HOTP_H_
9 #define BOTAN_HOTP_H_
10 
11 #include <botan/mac.h>
12 
13 namespace Botan {
14 
15 /**
16 * HOTP one time passwords (RFC 4226)
17 */
19  {
20  public:
21  /**
22  * @param key the secret key shared between client and server
23  * @param hash_algo the hash algorithm to use, should be SHA-1 or SHA-256
24  * @param digits the number of digits in the OTP (must be 6, 7, or 8)
25  */
26  HOTP(const SymmetricKey& key, const std::string& hash_algo = "SHA-1", size_t digits = 6) :
27  HOTP(key.begin(), key.size(), hash_algo, digits) {}
28 
29  /**
30  * @param key the secret key shared between client and server
31  * @param key_len length of key param
32  * @param hash_algo the hash algorithm to use, should be SHA-1 or SHA-256
33  * @param digits the number of digits in the OTP (must be 6, 7, or 8)
34  */
35  HOTP(const uint8_t key[], size_t key_len,
36  const std::string& hash_algo = "SHA-1",
37  size_t digits = 6);
38 
39  /**
40  * Generate the HOTP for a particular counter value
41  * @warning if the counter value is repeated the OTP ceases to be one-time
42  */
43  uint32_t generate_hotp(uint64_t counter);
44 
45  /**
46  * Check an OTP value using a starting counter and a resync range
47  * @param otp the client provided OTP
48  * @param starting_counter the server's guess as to the current counter state
49  * @param resync_range if 0 then only HOTP(starting_counter) is accepted
50  * If larger than 0, up to resync_range values after HOTP are also checked.
51  * @return (valid,next_counter). If the OTP does not validate, always
52  * returns (false,starting_counter). Otherwise returns (true,next_counter)
53  * where next_counter is at most starting_counter + resync_range + 1
54  */
55  std::pair<bool,uint64_t> verify_hotp(uint32_t otp, uint64_t starting_counter, size_t resync_range = 0);
56  private:
57  std::unique_ptr<MessageAuthenticationCode> m_mac;
58  uint32_t m_digit_mod;
59  };
60 
61 }
62 
63 #endif
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
Definition: alg_id.cpp:13
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:23
HOTP(const SymmetricKey &key, const std::string &hash_algo="SHA-1", size_t digits=6)
Definition: hotp.h:26