/**
* This method calculates the secret key given a random byte buffer.
*
* @param secretKey a random byte buffer.
* @return the secret key.
*/
private String calculateSecretKey(byte[] secretKey) {
Base32 codec = new Base32();
byte[] encodedKey = codec.encode(secretKey);
// Creating a string with the Base32 encoded bytes.
return new String(encodedKey);
}
/**
* This method implements the algorithm specified in RFC 6238 to check if a validation code is
* valid in a given instant of time for the given secret key.
*
* @param secret the Base32 encoded secret key.
* @param code the code to validate.
* @param tm the instant of time to use during the validation process.
* @param window the window size to use during the validation process.
* @return <code>true</code> if the validation code is valid, <code>false</code> otherwise.
*/
public static boolean checkCode(String secret, long code, long tm, int window) {
// Decoding the secret key to get its raw byte representation.
Base32 codec = new Base32();
byte[] decodedKey = codec.decode(secret);
// convert unix time into a 30 second "window" as specified by the
// TOTP specification. Using Google's default interval of 30 seconds.
final long timeWindow = tm / KEY_VALIDATION_INTERVAL_MS;
System.out.println(tm);
// Calculating the verification code of the given key in each of the
// time intervals and returning true if the provided code is equal to
// one of them.
for (int i = -((window - 1) / 2); i <= window / 2; ++i) {
// Calculating the verification code for the current time interval.
long hash = calculateCode(decodedKey, timeWindow + i);
System.out.println(hash);
// Checking if the provided code is equal to the calculated one.
if (hash == code) {
// The verification code is valid.
return true;
}
}
// The verification code is invalid.
return false;
}
public static void main(String[] args) {
GoogleAuthenticator gAuth = new GoogleAuthenticator();
final GoogleAuthenticatorKey key = gAuth.createCredentials();
// System.out.println(key.getKey());
Base32 codec = new Base32();
byte[] decodedKey = codec.decode("Z34IRC2NUA6DLT2C");
long tm = new Date().getTime() / 30000;
int code = gAuth.calculateCode(decodedKey, tm);
System.out.println("Newly Generated Code : " + code);
}
public static String generateSecret() {
// Allocating the buffer
byte[] buffer = new byte[SECRET_SIZE];
// Filling the buffer with random numbers.
rand.nextBytes(buffer);
// Getting the key and converting it to Base32
Base32 codec = new Base32();
byte[] secretKey = Arrays.copyOf(buffer, SECRET_SIZE);
byte[] encodedKey = codec.encode(secretKey);
return new String(encodedKey);
}
public static boolean checkCode(String secret, long code, int interval, int window)
throws NoSuchAlgorithmException, InvalidKeyException {
Base32 codec = new Base32();
byte[] decodedKey = codec.decode(secret);
// Window is used to check codes generated in the near past.
// You can use this value to tune how far you're willing to go.
// int window = WINDOW;
long currentInterval = getCurrentInterval(interval);
for (int i = -window; i <= window; ++i) {
long hash = Totp.generateTotp(decodedKey, currentInterval + i, PASS_CODE_LENGTH, CRYPTO);
if (hash == code) {
return true;
}
}
// The validation code is invalid.
return false;
}
public static String encryptUserInfo(String userInfo) {
byte[] bytes = Base32DecEnc.encode(userInfo.getBytes(UTF8));
return ENCRYPTED_PREFIX.concat(new String(bytes, UTF8));
}
public static String unencryptUserInfo(String userInfo) {
if (!isEncryptedUserInfo(userInfo)) return userInfo;
String encrypted = userInfo.replaceAll(Pattern.quote(ENCRYPTED_PREFIX), "");
byte[] unencryptedBytes = Base32DecEnc.decode(encrypted.toUpperCase());
return new String(unencryptedBytes, UTF8);
}