Class OneTimePassword


  • @ThreadSafety(level=COMPLETELY_THREADSAFE)
    public final class OneTimePassword
    extends java.lang.Object
    This class provides support for a number of one-time password algorithms.
    NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

    Supported algorithms include:
    • HOTP -- The HMAC-based one-time password algorithm described in RFC 4226.
    • TOTP -- The time-based one-time password algorithm described in RFC 6238.
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String hotp​(byte[] sharedSecret, long counter)
      Generates a six-digit HMAC-based one-time-password using the provided information.
      static java.lang.String hotp​(byte[] sharedSecret, long counter, int numDigits)
      Generates an HMAC-based one-time-password using the provided information.
      static java.lang.String totp​(byte[] sharedSecret)
      Generates a six-digit time-based one-time-password using the provided information and a 30-second time interval.
      static java.lang.String totp​(byte[] sharedSecret, long authTime, int intervalDurationSeconds, int numDigits)
      Generates a six-digit time-based one-time-password using the provided information.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • hotp

        @NotNull
        public static java.lang.String hotp​(@NotNull
                                            byte[] sharedSecret,
                                            long counter)
                                     throws LDAPException
        Generates a six-digit HMAC-based one-time-password using the provided information.
        Parameters:
        sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
        counter - The counter value that will be used in the course of generating the one-time password.
        Returns:
        The zero-padded string representation of the resulting HMAC-based one-time password.
        Throws:
        LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.
      • hotp

        @NotNull
        public static java.lang.String hotp​(@NotNull
                                            byte[] sharedSecret,
                                            long counter,
                                            int numDigits)
                                     throws LDAPException
        Generates an HMAC-based one-time-password using the provided information.
        Parameters:
        sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
        counter - The counter value that will be used in the course of generating the one-time password.
        numDigits - The number of digits that should be included in the generated one-time password. It must be greater than or equal to six and less than or equal to eight.
        Returns:
        The zero-padded string representation of the resulting HMAC-based one-time password.
        Throws:
        LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.
      • totp

        @NotNull
        public static java.lang.String totp​(@NotNull
                                            byte[] sharedSecret)
                                     throws LDAPException
        Generates a six-digit time-based one-time-password using the provided information and a 30-second time interval.
        Parameters:
        sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
        Returns:
        The zero-padded string representation of the resulting time-based one-time password.
        Throws:
        LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.
      • totp

        @NotNull
        public static java.lang.String totp​(@NotNull
                                            byte[] sharedSecret,
                                            long authTime,
                                            int intervalDurationSeconds,
                                            int numDigits)
                                     throws LDAPException
        Generates a six-digit time-based one-time-password using the provided information.
        Parameters:
        sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
        authTime - The time (in milliseconds since the epoch, as reported by System.currentTimeMillis or Date.getTime) at which the authentication attempt occurred.
        intervalDurationSeconds - The duration of the time interval, in seconds, that should be used when performing the computation.
        numDigits - The number of digits that should be included in the generated one-time password. It must be greater than or equal to six and less than or equal to eight.
        Returns:
        The zero-padded string representation of the resulting time-based one-time password.
        Throws:
        LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.