Package com.unboundid.ldap.sdk.unboundidds

Class OneTimePassword

java.lang.Object
com.unboundid.ldap.sdk.unboundidds.OneTimePassword
@ThreadSafety(level=COMPLETELY_THREADSAFE) public final class OneTimePassword extends Object
This class provides support for a number of one-time password algorithms.
NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

Supported algorithms include:
  • HOTP -- The HMAC-based one-time password algorithm described in RFC 4226.
  • TOTP -- The time-based one-time password algorithm described in RFC 6238.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    DEFAULT_HOTP_NUM_DIGITS
    The default number of digits to include in generated HOTP passwords.
    static final int
    DEFAULT_TOTP_INTERVAL_DURATION_SECONDS
    The default time interval (in seconds) to use when generating TOTP passwords.
    static final int
    DEFAULT_TOTP_NUM_DIGITS
    The default number of digits to include in generated TOTP passwords.

  • Method Summary

    Modifier and Type
    Method
    Description
    static String
    hotp(byte[] sharedSecret, long counter)
    Generates a six-digit HMAC-based one-time-password using the provided information.
    static String
    hotp(byte[] sharedSecret, long counter, int numDigits)
    Generates an HMAC-based one-time-password using the provided information.
    static String
    totp(byte[] sharedSecret)
    Generates a six-digit time-based one-time-password using the provided information and a 30-second time interval.
    static String
    totp(byte[] sharedSecret, long authTime, int intervalDurationSeconds, int numDigits)
    Generates a six-digit time-based one-time-password using the provided information.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Method Details

    • hotp

      @NotNull public static String hotp(@NotNull byte[] sharedSecret, long counter) throws LDAPException
      Generates a six-digit HMAC-based one-time-password using the provided information.
      Parameters:
      sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
      counter - The counter value that will be used in the course of generating the one-time password.
      Returns:
      The zero-padded string representation of the resulting HMAC-based one-time password.
      Throws:
      LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.

    • hotp

      @NotNull public static String hotp(@NotNull byte[] sharedSecret, long counter, int numDigits) throws LDAPException
      Generates an HMAC-based one-time-password using the provided information.
      Parameters:
      sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
      counter - The counter value that will be used in the course of generating the one-time password.
      numDigits - The number of digits that should be included in the generated one-time password. It must be greater than or equal to six and less than or equal to eight.
      Returns:
      The zero-padded string representation of the resulting HMAC-based one-time password.
      Throws:
      LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.

    • totp

      @NotNull public static String totp(@NotNull byte[] sharedSecret) throws LDAPException
      Generates a six-digit time-based one-time-password using the provided information and a 30-second time interval.
      Parameters:
      sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
      Returns:
      The zero-padded string representation of the resulting time-based one-time password.
      Throws:
      LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.

    • totp

      @NotNull public static String totp(@NotNull byte[] sharedSecret, long authTime, int intervalDurationSeconds, int numDigits) throws LDAPException
      Generates a six-digit time-based one-time-password using the provided information.
      Parameters:
      sharedSecret - The secret key shared by both parties that will be using the generated one-time password.
      authTime - The time (in milliseconds since the epoch, as reported by System.currentTimeMillis or Date.getTime) at which the authentication attempt occurred.
      intervalDurationSeconds - The duration of the time interval, in seconds, that should be used when performing the computation.
      numDigits - The number of digits that should be included in the generated one-time password. It must be greater than or equal to six and less than or equal to eight.
      Returns:
      The zero-padded string representation of the resulting time-based one-time password.
      Throws:
      LDAPException - If an unexpected problem is encountered while attempting to generate the one-time password.