Java API
HSM Dinamo
Loading...
Looking for...
No entries found
OcraGen.java

Example of OTP generation using the OCRA (OATH Algorithm) as specified in RFC 6287.

See Note on examples.
package doxy.examples;
import java.math.BigInteger;
import java.security.MessageDigest;
import com.dinamonetworks.Dinamo;
import br.com.trueaccess.TacException;
import br.com.trueaccess.TacNDJavaLib;
public class OcraGen {
private static final byte[] QN08_12345678 = hexToBytes("BC614E");
private static final byte[] QN08_99999999 = hexToBytes("5f5e0ff0");
public static void main(String[] args) throws Exception {
String ip = "127.0.0.1";
String user = "master";
String password = "12345678";
System.out.println("Connecting to Dinamo at " + ip + " with user " + user);
Dinamo api = new Dinamo();
api.openSession(ip, user, password);
// RFC 6287 Appendix B.1 key: "12345678901234567890" (20 bytes, SHA-1)
byte[] keyMaterial = "12345678901234567890".getBytes("US-ASCII");
String skId = "ocra_sha1_example";
try {
// Importa a chave HMAC-SHA1 no HSM
api.importKey(skId, TacNDJavaLib.PLAINTEXTKEY_BLOB,
TacNDJavaLib.ALG_HMAC_SHA1, keyMaterial, false);
// --- Exemplo 1: OCRA-1:HOTP-SHA1-6:QN08 (sem contador, sem PIN) ---
// Suite: SHA-1, 6 dígitos, desafio numérico de 8 dígitos
String suite = "OCRA-1:HOTP-SHA1-6:QN08";
byte[] question = QN08_99999999;
String otp = api.oathOcraGen(
0, // sem flags opcionais
6, // 6 dígitos
skId,
suite,
null, // sem contador
question,
null, // sem PIN hash
null, // sem sessão
null); // sem timestamp
System.out.printf("Suite : %s%n", suite);
System.out.printf("Desafio : %d%n", 99999999);
System.out.printf("OTP : %s%n%n", otp);
// --- Exemplo 2: OCRA-1:HOTP-SHA256-8:C-QN08-PSHA1 (com contador e PIN) ---
// Reimporta como SHA-256
api.deleteKey(skId);
byte[] k32 = hexToBytes(
"3132333435363738393031323334353637383930" +
"313233343536373839303132");
api.importKey(skId, TacNDJavaLib.PLAINTEXTKEY_BLOB,
TacNDJavaLib.ALG_HMAC_SHA2_256, k32, false);
suite = "OCRA-1:HOTP-SHA256-8:C-QN08-PSHA1";
byte[] counter = hexToBytes("0000000000000000");
byte[] pinHash = MessageDigest.getInstance("SHA-1").digest("1234".getBytes("US-ASCII"));
question = QN08_12345678;
int setup = TacNDJavaLib.DN_OATH_OCRA_USE_CTR | TacNDJavaLib.DN_OATH_OCRA_USE_PH20;
otp = api.oathOcraGen(
setup,
8,
skId,
suite,
counter,
question,
pinHash,
null,
null);
System.out.printf("Suite : %s%n", suite);
System.out.printf("Contador: %d%n", 0);
System.out.printf("Desafio : %d%n", 12345678);
System.out.printf("OTP : %s%n", otp);
} finally {
try { api.deleteKey(skId); } catch (TacException ignore) {}
api.closeSession();
}
}
private static byte[] hexToBytes(String hex) {
int len = hex.length();
byte[] out = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
out[i / 2] = (byte) new BigInteger(hex.substring(i, i + 2), 16).intValue();
}
return out;
}
}
Generated by Doxygen / Doxygen Awesome