aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/misc/hotp/totp.h
blob: 4ef74d363bc48f39055e5ffb9c089b98deb4b232 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
/*
* (C) 2017 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_TOTP_H_
#define BOTAN_TOTP_H_

#include <botan/hotp.h>
#include <chrono>

namespace Botan {

/**
* TOTP (time based) one time passwords (RFC 6238)
*/
class BOTAN_PUBLIC_API(2,2) TOTP final
   {
   public:
      /**
      * @param key the secret key shared between client and server
      * @param hash_algo the hash algorithm to use, should be SHA-1, SHA-256 or SHA-512
      * @param digits the number of digits in the OTP (must be 6, 7, or 8)
      * @param time_step granularity of OTP in seconds
      */
      TOTP(const SymmetricKey& key, const std::string& hash_algo = "SHA-1",
           size_t digits = 6, size_t time_step = 30);

      /**
      * Convert the provided time_point to a Unix timestamp and call generate_totp
      */
      uint32_t generate_totp(std::chrono::system_clock::time_point time_point);

      /**
      * Generate the OTP cooresponding the the provided "Unix timestamp" (ie
      * number of seconds since midnight Jan 1, 1970)
      */
      uint32_t generate_totp(uint64_t unix_time);

      bool verify_totp(uint32_t otp,
                       std::chrono::system_clock::time_point time,
                       size_t clock_drift_accepted = 0);

      bool verify_totp(uint32_t otp, uint64_t unix_time,
                       size_t clock_drift_accepted = 0);

   private:
      HOTP m_hotp;
      size_t m_time_step;
      std::chrono::system_clock::time_point m_unix_epoch;
   };

}

#endif