public interface GemaltoOathDevice
Modifier and Type | Method and Description |
---|---|
SecureString |
getHotp(AuthInput authInput)
Gets an event based OTP (HOTP) as defined by the Standard Gemalto OATH
options.
|
int |
getLastOtpLifespan()
Return lifespan of the last OTP computed by this device.
|
SecureString |
getOcraEventChallengeResponse(AuthInput authInput,
SecureString challenge)
Creates an event based OCRA C/R as defined by the Standard Gemalto OATH
options.
|
SecureString |
getOcraEventSignature(AuthInput authInput,
List<SecureString> dataToSign)
Creates an event based OCRA signature as defined by the Standard Gemalto
OATH options.
|
SecureString |
getOcraTimeChallengeResponse(AuthInput authInput,
SecureString challenge)
Creates a time based OCRA C/R as defined by the Standard Gemalto OATH
options.
|
SecureString |
getOcraTimeSignature(AuthInput authInput,
List<SecureString> dataToSign)
Creates a time based OCRA signature as defined by the Standard Gemalto
OATH options.
|
SecureString |
getTotp(AuthInput authInput)
Gets a time based OTP (TOTP) as defined by the Standard Gemalto OATH
options.
|
SecureString getHotp(AuthInput authInput) throws IdpException
authInput
- the AuthInputIllegalStateException
- when the associated token has the
OathToken.TokenCapability.DUAL_SEED
capability because only time based algorithms are supported
for this capability.IdpRuntimeException
- when there is a cryptography operation failure.IdpException
- this is generic exception, you can directly catch this
exception or catch each specific exception below.IdpStorageException
- when there is a database operation failureDeviceFingerprintException
- when the token's fingerprint checksum does not match.PasswordManagerException
- when the TOKEN domain is not logged in (using one of the
password managers).SecureString getTotp(AuthInput authInput) throws IdpException
authInput
- the AuthInputIdpRuntimeException
- when there is a cryptography operation failure.IdpException
- this is generic exception, you can directly catch this
exception or catch each specific exception below.IdpStorageException
- when there is a database operation failure.DeviceFingerprintException
- when the token's fingerprint checksum does not match.PasswordManagerException
- when the TOKEN domain is not logged in (using one of the
password managers).SecureString getOcraEventChallengeResponse(AuthInput authInput, SecureString challenge) throws IdpException
authInput
- the AuthInputchallenge
- the challenge. Must be numeric up to the maximum challenge
length set in
SoftOathSettings.setOcraMaximumChallengeQuestionLength(int)
.IllegalArgumentException
- when the challenge length is out ofIllegalStateException
- when the associated token has the
OathToken.TokenCapability.DUAL_SEED
capability because only time based algorithms are supported
for this capability. range.IdpRuntimeException
- when there is a cryptography operation failure.IdpException
- this is generic exception, you can directly catch this
exception or catch each specific exception below.IdpStorageException
- when there is a database operation failure.DeviceFingerprintException
- when the token's fingerprint checksum does not match.PasswordManagerException
- when the TOKEN domain is not logged in (using one of the
password managers).SecureString getOcraTimeChallengeResponse(AuthInput authInput, SecureString challenge) throws IdpException
authInput
- the AuthInputchallenge
- the challenge. Must be numeric up to the maximum challenge
length set in
SoftOathSettings.setOcraMaximumChallengeQuestionLength(int)
.IllegalArgumentException
- when the challenge length is out of range.IdpRuntimeException
- when there is a cryptography operation failure.IdpException
- this is generic exception, you can directly catch this
exception or catch each specific exception below.IdpStorageException
- when there is a database operation failure.DeviceFingerprintException
- when the token's fingerprint checksum does not match.PasswordManagerException
- when the TOKEN domain is not logged in (using one of the
password managers).SecureString getOcraEventSignature(AuthInput authInput, List<SecureString> dataToSign) throws IdpException
authInput
- the AuthInputdataToSign
- the list of data to be signedIllegalArgumentException
- when dataToSign
contains a '~' (0x7E) byte
value.IllegalStateException
- when the associated token has the
OathToken.TokenCapability.DUAL_SEED
capability because only time based algorithms are supported
for this capability.IdpRuntimeException
- when there is a cryptography operation failure.IdpException
- this is generic exception, you can directly catch this
exception or catch each specific exception below.IdpStorageException
- when there is a database operation failure.DeviceFingerprintException
- when the token's fingerprint checksum does not match.PasswordManagerException
- when the TOKEN domain is not logged in (using one of the
password managers).SecureString getOcraTimeSignature(AuthInput authInput, List<SecureString> dataToSign) throws IdpException
authInput
- the AuthInputdataToSign
- the list of data to be signedIllegalArgumentException
- when dataToSign
contains a '~' (0x7E) byte
value.IdpRuntimeException
- when there is a cryptography operation failure.IdpException
- this is generic exception, you can directly catch this
exception or catch each specific exception below.IdpStorageException
- when there is a database operation failure.DeviceFingerprintException
- when the token's fingerprint checksum does not match.PasswordManagerException
- when the TOKEN domain is not logged in (using one of the
password managers)int getLastOtpLifespan()
The following example illustrates the usage:
// Create OATH settings (seeOathFactory
) SoftGemaltoOathSettings oathSettings = ... // Create a OATH device (seeOathFactory
) GemaltoOathDevice device = ... // Compute a time-based OTP with device device.getOcraTimeChallengeResponse(pin, challengeQuestion); // Each time getLastOtpLifespan is called, it returns the // remaining lifespan in seconds of the last time-based OTP. Lifespan is // computed with respect of device's settings (in this example it returns // the lifespan according to Gemalto device fixed settings, i.e. 30-seconds timestep). int lifespan = device.getLastOtpLifespan();
Integer.MAX_VALUE
.