FRAOathMechanism.h revision 465ea459a87d4605e145d8f45b6a9c104b696e3b
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2016 ForgeRock AS.
*
* Portions Copyright 2014 Nathaniel McCallum, Red Hat
*/
@class FRAIdentity;
@class FRAOathCode;
#import "FRAMechanism.h"
#include <CommonCrypto/CommonHMAC.h>
/*!
* An OATH authentication mechanism capable of generating HMAC- and Time-based One-Time Passwords.
*/
@interface FRAOathMechanism : FRAMechanism
/*!
* The version number of this OATH mechanism.
*/
@property (nonatomic, readonly) NSInteger version;
/*!
* The type of this OATH mechanism (totp or hotp).
*/
@property (nonatomic, readonly) NSString* type;
/*!
* The length of the OATH code generated by this mechanism. Always 6 or 8; defaults to 6.
*/
@property (nonatomic, readonly) NSUInteger digits;
/*!
* The current login code for this OATH mechanism.
*/
@property (nonatomic, readonly) FRAOathCode* code;
/*!
* The secret key bytes used by the Oath Mechanism.
*/
@property (nonatomic, readonly) NSData* secretKey;
/*!
* The algorithm used for generating the next hash code.
*/
@property (nonatomic, readonly) CCHmacAlgorithm algorithm;
/*!
* The time period to be used when generating the next code in TOTP mode.
*/
@property (nonatomic, readonly) u_int32_t period;
/*!
* The HMAC counter which is is used to generate the next hash code in HOTP mode.
*/
@property (nonatomic, readonly) u_int64_t counter;
#pragma mark -
#pragma mark Lifecyle
/*!
* Initialize an OATH Mechanism with all required field to describe either
* a HOTP or a TOTP mechanism.
*
* @param database The database to which this mechanism can be persisted.
* @param type The OTP type (either "hotp" or "totp").
* @param secretKey The secret key bytes used to generate HMAC.
* @param algorithm The HMAC algorithm to use. Currently only MD5, SHA256, SHA512 and SHA1 are supported.
* @param digits The length of the key.
* @param period TOTP based refresh period.
* @param counter HOTP hash counter.
*
* @return The initialized mechanism or nil if initialization failed.
*/
- (instancetype)initWithDatabase:(FRAIdentityDatabase *)database type:(NSString *)type usingSecretKey:(NSData *)secretKey andHMACAlgorithm:(CCHmacAlgorithm)algorithm withKeyLength:(NSUInteger)digits andEitherPeriod:(u_int32_t)period orCounter:(u_int64_t)counter;
/*!
* Allocate and initialize an OATH Mechanism with all required field to describe either
* a HOTP or a TOTP mechanism.
*
* @param database The database to which this mechanism can be persisted.
* @param type The OTP type (either "hotp" or "totp").
* @param secretKey The secret key bytes used to generate HMAC.
* @param algorithm The HMAC algorithm to use. Currently only MD5, SHA256, SHA512 and SHA1 are supported.
* @param digits The length of the key.
* @param period TOTP based refresh period.
* @param counter HOTP hash counter.
*
* @return The initialized mechanism or nil if initialization failed.
*/
+ (instancetype)oathMechanismWithDatabase:(FRAIdentityDatabase *)database type:(NSString *)type usingSecretKey:(NSData *)secretKey andHMACAlgorithm:(CCHmacAlgorithm)algorithm withKeyLength:(NSUInteger)digits andEitherPeriod:(u_int32_t)period orCounter:(u_int64_t)counter;
/*!
* Generates the next code for this OATH mechanism.
*/
- (void)generateNextCodeWithError:(NSError *__autoreleasing*)error;
@end