ProjectsFeedback

Structure

Constructors

// TTOTP
constructor Create(Period: Integer = 30; Digits: Integer = 6);
constructor Create(Period: Integer; Digits: Integer; Algorithm: TOTPHashAlgorithm);

// THOTP
constructor Create(Counter: Int64; Digits: Integer = 6);
constructor Create(Counter: Int64; Digits: Integer = 6; Algorithm: TOTPHashAlgorithm = TOTPHashAlgorithm.SHA1);

The constructors provided allow for the initialization of TOTP and HOTP libraries with specific parameters:

  • TTOTP Constructors:

    • There are two constructors available for TOTP.

      • The first one takes a period and digits as parameters, with default values of 30 seconds for the period and 6 digits for the OTP length.

      • The second constructor allows for an additional parameter, OTPHashAlgorithm, enabling the use of a specific hashing algorithm.

  • THOTP Constructors:

    • Similarly, two constructors are available for HOTP.

      • The first constructor initializes the library with a counter and digits, defaulting to an OTP length of 6 digits.

      • The second constructor includes an OTPHashAlgorithm parameter for specifying the hashing algorithm used for generating OTPs.

      These constructors provide flexibility in initializing OTP libraries with various configurations depending on the security requirements and system constraints.

Class Functions

// TTOTP & THOTP
class function CheckValidSecretkey(const SecretKey: string): Boolean;
class function Base32Encode(const Data: TBytes): string;
class function GenerateRandomSecretKey(KeyLength: Integer): string;

Class functions in this context are utility functions that can be called on without having an instance of a class. These functions provide essential operations that are commonly used across TOTP and HOTP implementations:

  • CheckValidSecretkey: Verifies whether the provided secret key is valid.

  • GenerateRandomSecretKey: Generates a random secret key of a specified length, which can be used for creating OTPs.

  • Base32Encode: Encodes a byte array into a Base32 string, which is often used in handling secret keys for OTPs.

Functions

OTP Code Generation

// TTOTP & THOTP
function GenerateOTP(const SecretKey: string): string;
function GenerateOTP(const SecretKey: string; Algorithm: TOTPHashAlgorithm): string;

The GenerateOTP function is used to generate a one-time password (OTP) based on a given secret key. This function can be utilized for both time-based (TOTP) and HMAC-based (HOTP) algorithms.

Function Signatures

  • function GenerateOTP(const SecretKey: string): string : Generates an OTP using the default hash algorithm.

  • function GenerateOTP(const SecretKey: string; Algorithm: TOTPHashAlgorithm): string : Generates an OTP using a specified hash algorithm.

Parameters

  • secretkey: A string containing the secret key used to generate the OTP.

  • algorithm (Optional): An OTPHashAlgorithm that specifies the hash algorithm to be used.

The OTP code generation enables secure authentication by ensuring that each code is valid for a specific time window or counter value, thus enhancing security in user authentication processes.

Verify OTP Code

// TTOTP & THOTP
function Verify(const OTPCode, SecretKey: string): Boolean;
function Verify(const OTPCode, SecretKey: string; Algorithm: TOTPHashAlgorithm): Boolean;

The Verify method is used to validate the given OTP code against a secret key, ensuring that the code is both correct and within the allowed time frame or counter value. This is critical for maintaining secure authentication protocols. The method is overloaded to accommodate different hashing algorithms, providing flexibility in implementation. Here's how the methods work:

  • function Verify(const OTPCode, SecretKey: string): Boolean : This version uses the default hash algorithm to verify the OTP.

  • function Verify(const OTPCode, SecretKey: string; Algorithm: TOTPHashAlgorithm): Boolean : This version allows specifying a custom hash algorithm for verification.

Both methods return a boolean indicating whether the OTP code is valid.

OTP URL Generation

// TTOTP & THOTP
function GetOTPUrl(const Username, ServiceName, SecretKey: string): string;

// TTOTP
function GetOTPUrl(const Username, ServiceName, SecretKey: string; Period, Digits: Integer; Algorithm: TOTPHashAlgorithm): string;

// THOTP
function GetOTPUrl(const Username, ServiceName, SecretKey: string; Counter: Int64; Digits: Integer; Algorithm: TOTPHashAlgorithm): string;

The GetOTPUrl methods facilitate the creation of OTP (One-Time Password) URL strings specifically for use with TOTP (Time-based One-Time Password) and HOTP (HMAC-based One-Time Password) configurations. These URLs include vital parameters such as username, servicename, and secret key, which are essential for setting up the OTP authenticator apps.

  • TOTP & HOTP:

    • function GetOTPUrl(const Username, ServiceName, SecretKey: string): string : Generates a basic OTP URL.

  • TOTP:

    • function GetOTPUrl(const Username, ServiceName, SecretKey: string; Period, Digits: Integer; Algorithm: TOTPHashAlgorithm): string : Generates a TOTP-specific URL, allowing the specification of parameters like the time period, number of digits, and hashing algorithm.

  • HOTP:

    • function GetOTPUrl(const Username, ServiceName, SecretKey: string; Counter: Int64; Digits: Integer; Algorithm: TOTPHashAlgorithm): string : Creates an HOTP-specific URL with customization over the counter, number of digits, and hashing algorithm used.

    These flexible methods enable tailored integration with OTP services and applications.

Class Properties

// TTOTP
function GetPeriod: Integer;
procedure SetPeriod(Period: Integer);

// TTOTP & THOTP
function GetAlgorithm: TOTPHashAlgorithm;
procedure SetAlgorithm(Algorithm: TOTPHashAlgorithm);
function GetDigits: Integer;
procedure SetDigits(Digits: Integer);

// THOTP
function GetCounter: Int64;
procedure SetCounter(Counter: Int64);

The class provides several properties specific to TOTP and HOTP, allowing for detailed configuration:

  • TOTP:

    • GetPeriod() / SetPeriod(Period: Integer): Methods to retrieve and set the time period for TOTP.

  • TOTP & HOTP:

    • GetAlgorithm() / SetAlgorithm(Algorithm: TOTPHashAlgorithm): Fetch or configure the hashing algorithm.

    • GetDigits() / SetDigits(Digits: Integer): Obtain or specify the number of digits for OTP.

  • HOTP:

    • GetCounter() / SetCounter(Counter: Int64): Methods to access and modify the counter setting for HOTP.

    These properties ensure that the OTP generation can be customized to meet specific security and performance requirements.

Other Functions

// TTOTP
function GetRemainingTime: Integer;

The "Other Functions" in this class provide additional utilities for managing and utilizing one-time passwords. The primary function included is:

  • TOTP:

    • GetRemainingTime(): This method returns the remaining time in seconds before the current TOTP expires. It is useful for ensuring tokens are used within their valid period and helps in synchronizing client-server time.

PreviousVersion NotesNextInstallation

Last updated