Пример #1
0
  /**
   * This method calculates the secret key given a random byte buffer.
   *
   * @param secretKey a random byte buffer.
   * @return the secret key.
   */
  private String calculateSecretKey(byte[] secretKey) {
    Base32 codec = new Base32();
    byte[] encodedKey = codec.encode(secretKey);

    // Creating a string with the Base32 encoded bytes.
    return new String(encodedKey);
  }
Пример #2
0
  /**
   * This method implements the algorithm specified in RFC 6238 to check if a validation code is
   * valid in a given instant of time for the given secret key.
   *
   * @param secret the Base32 encoded secret key.
   * @param code the code to validate.
   * @param tm the instant of time to use during the validation process.
   * @param window the window size to use during the validation process.
   * @return <code>true</code> if the validation code is valid, <code>false</code> otherwise.
   */
  public static boolean checkCode(String secret, long code, long tm, int window) {
    // Decoding the secret key to get its raw byte representation.
    Base32 codec = new Base32();
    byte[] decodedKey = codec.decode(secret);

    // convert unix time into a 30 second "window" as specified by the
    // TOTP specification. Using Google's default interval of 30 seconds.
    final long timeWindow = tm / KEY_VALIDATION_INTERVAL_MS;
    System.out.println(tm);

    // Calculating the verification code of the given key in each of the
    // time intervals and returning true if the provided code is equal to
    // one of them.
    for (int i = -((window - 1) / 2); i <= window / 2; ++i) {
      // Calculating the verification code for the current time interval.
      long hash = calculateCode(decodedKey, timeWindow + i);
      System.out.println(hash);

      // Checking if the provided code is equal to the calculated one.
      if (hash == code) {
        // The verification code is valid.
        return true;
      }
    }

    // The verification code is invalid.
    return false;
  }
Пример #3
0
 public static void main(String[] args) {
   GoogleAuthenticator gAuth = new GoogleAuthenticator();
   final GoogleAuthenticatorKey key = gAuth.createCredentials();
   //		System.out.println(key.getKey());
   Base32 codec = new Base32();
   byte[] decodedKey = codec.decode("Z34IRC2NUA6DLT2C");
   long tm = new Date().getTime() / 30000;
   int code = gAuth.calculateCode(decodedKey, tm);
   System.out.println("Newly Generated Code : " + code);
 }
Пример #4
0
  public static String generateSecret() {

    // Allocating the buffer
    byte[] buffer = new byte[SECRET_SIZE];

    // Filling the buffer with random numbers.
    rand.nextBytes(buffer);

    // Getting the key and converting it to Base32
    Base32 codec = new Base32();
    byte[] secretKey = Arrays.copyOf(buffer, SECRET_SIZE);
    byte[] encodedKey = codec.encode(secretKey);
    return new String(encodedKey);
  }
Пример #5
0
  public static boolean checkCode(String secret, long code, int interval, int window)
      throws NoSuchAlgorithmException, InvalidKeyException {
    Base32 codec = new Base32();
    byte[] decodedKey = codec.decode(secret);

    // Window is used to check codes generated in the near past.
    // You can use this value to tune how far you're willing to go.
    // int window = WINDOW;
    long currentInterval = getCurrentInterval(interval);

    for (int i = -window; i <= window; ++i) {
      long hash = Totp.generateTotp(decodedKey, currentInterval + i, PASS_CODE_LENGTH, CRYPTO);

      if (hash == code) {
        return true;
      }
    }

    // The validation code is invalid.
    return false;
  }
Пример #6
0
 public static String encryptUserInfo(String userInfo) {
   byte[] bytes = Base32DecEnc.encode(userInfo.getBytes(UTF8));
   return ENCRYPTED_PREFIX.concat(new String(bytes, UTF8));
 }
Пример #7
0
 public static String unencryptUserInfo(String userInfo) {
   if (!isEncryptedUserInfo(userInfo)) return userInfo;
   String encrypted = userInfo.replaceAll(Pattern.quote(ENCRYPTED_PREFIX), "");
   byte[] unencryptedBytes = Base32DecEnc.decode(encrypted.toUpperCase());
   return new String(unencryptedBytes, UTF8);
 }