com.hidglobal.ia.service.otp.AsyncOTPGenerator Interface Reference
Extends the OTP generator to support asynchronous challenge-response generation. (OCRA) More...
Inheritance diagram for com.hidglobal.ia.service.otp.AsyncOTPGenerator:
Public Member Functions | |
| char [] | computeClientResponse (char[] password, char[] clientChallenge, char[] serverChallenge, InputAlgorithmParameters params) throws UnsupportedDeviceException, AuthenticationException, InternalException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException, InvalidParameterException |
| char [] | computeResponse (char[] password, char[] challenge, InputAlgorithmParameters params) throws InvalidParameterException, InternalException, UnsupportedDeviceException, AuthenticationException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException |
| char [] | computeServerResponse (char[] password, char[] clientChallenge, char[] serverChallenge, InputAlgorithmParameters params) throws UnsupportedDeviceException, AuthenticationException, InternalException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException, InvalidParameterException |
| char [] | computeSignature (char[] password, char[] signatureChallenge, char[] clientChallenge, InputAlgorithmParameters params) throws InvalidParameterException, UnsupportedDeviceException, AuthenticationException, InternalException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException |
| char [] | formatSignatureChallenge (char[][] inputData) throws InvalidChallengeException, InvalidParameterException |
| char [] | getChallenge () |
 Public Member Functions inherited from com.hidglobal.ia.service.otp.OTPGenerator | |
| AlgorithmParameters | getAlgorithmParameters () |
| String | getName () |
| String | getStandardVersion () |
| String | getType () |
| String | getVersion () |
Detailed Description
Extends the OTP generator to support asynchronous challenge-response generation. (OCRA)
Computes OTP using externally provided challenge or transaction data.
Member Function Documentation
◆ computeClientResponse()
| char [] com.hidglobal.ia.service.otp.AsyncOTPGenerator.computeClientResponse | ( | char [] | password, |
| char [] | clientChallenge, | ||
| char [] | serverChallenge, | ||
| InputAlgorithmParameters | params | ||
| ) | throws UnsupportedDeviceException, AuthenticationException, InternalException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException, InvalidParameterException |
Compute the client response for one-way challenge-response with optional parameters. If there are no optional parameters, inputs can be omitted.
- Parameters
-
password Password protecting the OTP key clientChallenge Client challenge serverChallenge Server challenge params Additional data
- Returns
- OTP value
- Exceptions
-
LostCredentialsException if key securing the transaction have been wiped InternalException if an unexpected error occurred. AuthenticationException if password is incorrect UnsupportedDeviceException if device is not supported by policy. FingerprintAuthenticationRequiredException if fingerprint authentication is required by policy. FingerprintNotEnrolledException if fingerprint enrollment is required. PasswordRequiredException if required password was not provided. PasswordExpiredException if expired password is given (changePassword required). InvalidParameterException if the given parameters are invalid or required parameters are missing.
◆ computeResponse()
| char [] com.hidglobal.ia.service.otp.AsyncOTPGenerator.computeResponse | ( | char [] | password, |
| char [] | challenge, | ||
| InputAlgorithmParameters | params | ||
| ) | throws InvalidParameterException, InternalException, UnsupportedDeviceException, AuthenticationException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException |
Compute the response for one-way challenge-response. The params allows to pass additional data to compute the OTP. If there are no optional parameters, inputs can be omitted.
- Parameters
-
password Password protecting the OTP key challenge Challenge params Additional data
- Returns
- OTP value
- Exceptions
-
LostCredentialsException if key securing the transaction have been wiped InternalException if an unexpected error occurred. AuthenticationException if password is incorrect UnsupportedDeviceException if device is not supported by policy. FingerprintAuthenticationRequiredException if fingerprint authentication is required by policy. FingerprintNotEnrolledException if fingerprint enrollment is required. PasswordRequiredException if required password was not provided. PasswordExpiredException if expired password is given (changePassword required). InvalidParameterException if the given parameters are invalid or required parameters are missing.
◆ computeServerResponse()
| char [] com.hidglobal.ia.service.otp.AsyncOTPGenerator.computeServerResponse | ( | char [] | password, |
| char [] | clientChallenge, | ||
| char [] | serverChallenge, | ||
| InputAlgorithmParameters | params | ||
| ) | throws UnsupportedDeviceException, AuthenticationException, InternalException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException, InvalidParameterException |
Compute the server response for one-way challenge-response or for two-way signature. If there are no optional parameters, inputs can be omitted.
- Parameters
-
password Password protecting the OTP key clientChallenge Client challenge serverChallenge Server challenge params Additional data
- Returns
- OTP value
- Exceptions
-
LostCredentialsException if key securing the transaction have been wiped InternalException if an unexpected error occurred. AuthenticationException if password is incorrect UnsupportedDeviceException if device is not supported by policy. FingerprintAuthenticationRequiredException if fingerprint authentication is required by policy. FingerprintNotEnrolledException if fingerprint enrollment is required. PasswordRequiredException if required password was not provided. PasswordExpiredException if expired password is given (changePassword required). InvalidParameterException if the given parameters are invalid or required parameters are missing.
◆ computeSignature()
| char [] com.hidglobal.ia.service.otp.AsyncOTPGenerator.computeSignature | ( | char [] | password, |
| char [] | signatureChallenge, | ||
| char [] | clientChallenge, | ||
| InputAlgorithmParameters | params | ||
| ) | throws InvalidParameterException, UnsupportedDeviceException, AuthenticationException, InternalException, LostCredentialsException, FingerprintAuthenticationRequiredException, FingerprintNotEnrolledException, PasswordRequiredException, PasswordExpiredException |
Compute the signature for one-way or two-way signature. For one-way signature, clientChallenge is empty. If there are no optional parameters, inputs can be omitted.
- Parameters
-
password Password protecting the OTP key signatureChallenge Challenge to sign clientChallenge The challenge for the client params The params allow you to pass additional data
- Returns
- OTP value
- Exceptions
-
LostCredentialsException if key securing the transaction have been wiped InternalException if an unexpected error occurred. AuthenticationException if password is incorrect UnsupportedDeviceException if device is not supported by policy. FingerprintAuthenticationRequiredException if fingerprint authentication is required by policy. FingerprintNotEnrolledException if fingerprint enrollment is required. PasswordRequiredException if required password was not provided. PasswordExpiredException if expired password is given (changePassword required). InvalidParameterException if the given parameters are invalid or required parameters are missing.
◆ formatSignatureChallenge()
| char [] com.hidglobal.ia.service.otp.AsyncOTPGenerator.formatSignatureChallenge | ( | char | inputData[][] | ) | throws InvalidChallengeException, InvalidParameterException |
For transaction signing use cases, this method permits a challenge to be formatted according to standard based on several inputs provided by the user. Typically for OCRA see Appendix A of the Certificate profile.
- Parameters
-
inputData Array of input data provided by the user.
- Returns
- the fully formatted challenge to use in computeResponse method.
- Exceptions
-
InvalidChallengeException if input data does not allow to format a valid challenge with respect to the OTP algorithm parameters InvalidParameterException if the given parameters are invalid or required parameters are missing.
◆ getChallenge()
| char [] com.hidglobal.ia.service.otp.AsyncOTPGenerator.getChallenge | ( | ) |
Returns a challenge according to format specified in OCRA suite for one-way use cases (challenge-response and signature). This method can be used by the client to provide the challenge to other parties (typically a server) so that it can authenticate the server using the asynchronous method.
- Returns
- a challenge
