OATH (YubiHSM-java-api 1.0 API)

java.lang.Object
- org.unitedid.yhsm.internal.OATH

```
public class OATH
extends Object
```
OATH implements OATH HOTP/TOTP validation

Method Summary

Methods
Modifier and Type	Method and Description
`static String`	`HOTP(YubiHSM hsm, int keyHandle, String nonce, String aead, int counter, String otp)` Validate OTP by a token whose seed is available to the YubiHSM through an AEAD.
`static String`	`truncate(String hmac, int otpLength)` Truncate HMAC to an OTP code
`static int`	`validateHOTP(YubiHSM hsm, int keyHandle, String nonce, String aead, int counter, String otp, int lookAhead)` Validate OATH-HOTP OTP by a token whose seed is available to the YubiHSM through an AEAD.
`static boolean`	`validateTOTP(YubiHSM hsm, int keyHandle, String nonce, String aead, String otp, int period, int drift, int backwardDrift, int forwardDrift)` Validate OATH-TOTP OTP by a token whose seed is available to the YubiHSM through an AEAD.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - HOTP
```
public static String HOTP(YubiHSM hsm,
          int keyHandle,
          String nonce,
          String aead,
          int counter,
          String otp)
                   throws YubiHSMInputException,
                          YubiHSMCommandFailedException,
                          YubiHSMErrorException
```
    Validate OTP by a token whose seed is available to the YubiHSM through an AEAD.
    
    Parameters:
    hsm - the current hsm object
    keyHandle - a keyHandle with the permission YSM_TEMP_KEY_LOAD enabled
    nonce - the nonce used to generate the AEAD
    aead - the AEAD based on the token seed
    counter - the current OTP counter
    otp - the token OTP
    
    Returns:
    return next counter value on success, 0 if the OTP couldn't be validated
    
    Throws:
    
    YubiHSMInputException - argument exceptions
    
    YubiHSMCommandFailedException - command failed exception
    
    YubiHSMErrorException - error exception
  - validateHOTP
```
public static int validateHOTP(YubiHSM hsm,
               int keyHandle,
               String nonce,
               String aead,
               int counter,
               String otp,
               int lookAhead)
                        throws YubiHSMInputException,
                               YubiHSMCommandFailedException,
                               YubiHSMErrorException
```
    Validate OATH-HOTP OTP by a token whose seed is available to the YubiHSM through an AEAD.
    
    Parameters:
    hsm - the current hsm object
    keyHandle - a keyHandle with the permission YSM_TEMP_KEY_LOAD enabled
    nonce - the nonce used to generate the AEAD
    aead - the AEAD based on the token seed
    counter - the current OTP counter
    otp - the token OTP
    lookAhead - the number of iterations to run to find the current users OTP
    
    Returns:
    return next counter value on success, 0 if the OTP couldn't be validated
    
    Throws:
    
    YubiHSMInputException - argument exceptions
    
    YubiHSMCommandFailedException - command failed exception
    
    YubiHSMErrorException - error exception
  - validateTOTP
```
public static boolean validateTOTP(YubiHSM hsm,
                   int keyHandle,
                   String nonce,
                   String aead,
                   String otp,
                   int period,
                   int drift,
                   int backwardDrift,
                   int forwardDrift)
                            throws YubiHSMInputException,
                                   YubiHSMCommandFailedException,
                                   YubiHSMErrorException
```
    Validate OATH-TOTP OTP by a token whose seed is available to the YubiHSM through an AEAD.
    
    Parameters:
    hsm - the current hsm object
    keyHandle - a keyHandle with the permission YSM_TEMP_KEY_LOAD enabled
    nonce - the nonce used to generate the AEAD
    aead - the AEAD based on the token seed
    otp - the token OTP
    period - an integer giving the period between changes of the OTP value in seconds
    drift - drift of the local clock to the client clock, can be used to adjust the time skew without changing the size of @backwardDrift and @forwardDrift
    backwardDrift - the number of @period's we allow to backstep
    forwardDrift - the number of @period's we allow to look ahead
    
    Returns:
    return boolean, true if the OTP validated, false if the OTP validation failed
    
    Throws:
    
    YubiHSMInputException - argument exceptions
    
    YubiHSMCommandFailedException - command failed exception
    
    YubiHSMErrorException - error exception
  - truncate
```
public static String truncate(String hmac,
              int otpLength)
                       throws YubiHSMInputException
```
    Truncate HMAC to an OTP code
    
    Parameters:
    hmac - the hmac
    otpLength - the length of the OTP (6-8 digits)
    
    Returns:
    the OTP code
    
    Throws:
    
    YubiHSMInputException - argument exceptions

Class OATH

Method Summary

Methods inherited from class java.lang.Object

Method Detail

HOTP

validateHOTP

validateTOTP

truncate