mirror of
https://gitee.com/chinabugotech/hutool.git
synced 2025-07-21 15:09:48 +08:00
add 新增生成共享秘钥的方法 add 新增验证的方法 add 新增生成谷歌验证器扫码字符串生成的方法
This commit is contained in:
张晓雷
@@ -1,8 +1,12 @@
|
||||
package cn.hutool.crypto.digest.otp;
|
||||
|
||||
import cn.hutool.core.codec.Base32;
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import cn.hutool.crypto.digest.HMac;
|
||||
import cn.hutool.crypto.digest.HmacAlgorithm;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
/**
|
||||
* <p>HMAC-based one-time passwords (HOTP) 一次性密码生成器,
|
||||
* 规范见:<a href="https://tools.ietf.org/html/rfc4226">RFC 4226</a>.</p>
|
||||
@@ -86,11 +90,21 @@ public class HOTP {
|
||||
this.buffer[6] = (byte) ((counter & 0x000000000000ff00L) >>> 8);
|
||||
this.buffer[7] = (byte) (counter & 0x00000000000000ffL);
|
||||
|
||||
final byte[] digest = this.mac.digest(this.buffer);
|
||||
final byte[] digest = this.mac.digest(Arrays.copyOfRange(this.buffer,0,8));
|
||||
|
||||
return truncate(digest);
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成共享密钥
|
||||
*
|
||||
* @param numBytes 将生成的种子字节数量。
|
||||
* @return 共享密钥
|
||||
*/
|
||||
public static String generateSecretKey(final int numBytes) {
|
||||
return Base32.encode(RandomUtil.getSHA1PRNGRandom(RandomUtil.randomBytes(256)).generateSeed(numBytes));
|
||||
}
|
||||
|
||||
/**
|
||||
* 截断
|
||||
*
|
||||
@@ -123,4 +137,4 @@ public class HOTP {
|
||||
public String getAlgorithm() {
|
||||
return this.mac.getAlgorithm();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package cn.hutool.crypto.digest.otp;
|
||||
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.crypto.digest.HmacAlgorithm;
|
||||
|
||||
import java.time.Duration;
|
||||
@@ -75,6 +76,37 @@ public class TOTP extends HOTP {
|
||||
return this.generate(timestamp.toEpochMilli() / this.timeStep.toMillis());
|
||||
}
|
||||
|
||||
/**
|
||||
* 用于验证code是否正确
|
||||
* @param timestamp 验证时间戳
|
||||
* @param offsetSize 误差范围
|
||||
* @param code code
|
||||
* @return 是否通过
|
||||
*/
|
||||
public boolean validate(Instant timestamp, final int offsetSize, final int code) {
|
||||
if(offsetSize == 0){
|
||||
return generate(timestamp) == code;
|
||||
}
|
||||
for (int i = -offsetSize; i <= offsetSize; i++) {
|
||||
if(generate(timestamp.plus(getTimeStep().multipliedBy(i))) == code){
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成谷歌认证器的字符串(扫码字符串)
|
||||
* 基于时间的,计数器不适合
|
||||
*
|
||||
* @param account 账户名。
|
||||
* @param numBytes 将生成的种子字节数量。
|
||||
* @return 共享密钥
|
||||
*/
|
||||
public static String generateGoogleSecretKey(final String account,final int numBytes) {
|
||||
return StrUtil.format("otpauth://totp/{}?secret={}",account,generateSecretKey(numBytes));
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取步进
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user