use of com.predic8.membrane.core.interceptor.authentication.session.totp.PasscodeGenerator.Signer in project service-proxy by membrane.
the class OtpProvider method computePin.
/**
* Computes the one-time PIN given the secret key.
*
* @param secret
* the secret key
* @param otp_state
* current token state (counter or time-interval)
* @param challenge
* optional challenge bytes to include when computing passcode.
* @return the PIN
*/
private String computePin(String secret, long otp_state) {
if (secret == null || secret.length() == 0) {
throw new RuntimeException("Null or empty secret");
}
try {
Signer signer = getSigningOracle(secret);
PasscodeGenerator pcg = new PasscodeGenerator(signer, PIN_LENGTH);
return pcg.generateResponseCode(otp_state);
} catch (GeneralSecurityException e) {
throw new RuntimeException("Crypto failure", e);
}
}
use of com.predic8.membrane.core.interceptor.authentication.session.totp.PasscodeGenerator.Signer in project service-proxy by membrane.
the class OtpProvider method getSigningOracle.
static Signer getSigningOracle(String secret) {
try {
byte[] keyBytes = decodeKey(secret);
final Mac mac = Mac.getInstance("HMACSHA1");
mac.init(new SecretKeySpec(keyBytes, ""));
// implementation.
return new Signer() {
@Override
public byte[] sign(byte[] data) {
return mac.doFinal(data);
}
};
} catch (NoSuchAlgorithmException error) {
log.error("", error);
} catch (InvalidKeyException error) {
log.error("", error);
}
return null;
}
Aggregations