Question

UnipolTech
IT
Last activity: 21 Jan 2020 15:31 EST
Dynamic length of generated OTPs
Hello to all,
I have a problem on creating OTP.
I would need the length of the OTP generated OOTB from pega to be dynamic and not static from 8 digits.
The generateOTP method has an 8-digit coded parameter (under the code extracted from the Pega API):
*****************************************************************************
private static String generateOTP() {
data = new byte[8];
String result = null;
byte[] decodedKey = null;
Base32 codec32 = new Base32();
decodedKey = codec32.decode(Long.toString(secureRandom.nextLong()) + '\001');
long value = System.currentTimeMillis() - secureRandom.nextInt(1000);
for (i = 8; i-- > 0; value >>>= 8) {
data[i] = (byte)(int)value;
}
try {
Mac mac = Mac.getInstance("HmacSHA512");
SecretKeySpec signKey = new SecretKeySpec(decodedKey, "HmacSHA512");
mac.init(signKey);
byte[] hash = mac.doFinal(data);
int offset = hash[hash.length - 1] & 0xF;
long truncatedHash = 0L;
for (int i = 0; i < 4; i++) {
truncatedHash <<= 8;
truncatedHash |= (hash[offset + i] & 0xFF);
}
Hello to all,
I have a problem on creating OTP.
I would need the length of the OTP generated OOTB from pega to be dynamic and not static from 8 digits.
The generateOTP method has an 8-digit coded parameter (under the code extracted from the Pega API):
*****************************************************************************
private static String generateOTP() {
data = new byte[8];
String result = null;
byte[] decodedKey = null;
Base32 codec32 = new Base32();
decodedKey = codec32.decode(Long.toString(secureRandom.nextLong()) + '\001');
long value = System.currentTimeMillis() - secureRandom.nextInt(1000);
for (i = 8; i-- > 0; value >>>= 8) {
data[i] = (byte)(int)value;
}
try {
Mac mac = Mac.getInstance("HmacSHA512");
SecretKeySpec signKey = new SecretKeySpec(decodedKey, "HmacSHA512");
mac.init(signKey);
byte[] hash = mac.doFinal(data);
int offset = hash[hash.length - 1] & 0xF;
long truncatedHash = 0L;
for (int i = 0; i < 4; i++) {
truncatedHash <<= 8;
truncatedHash |= (hash[offset + i] & 0xFF);
}
truncatedHash &= 0x7FFFFFFFL;
truncatedHash %= (int)Math.pow(10.0D, OTPLENGTH);
result = String.valueOf(truncatedHash);
while (result.length() < OTPLENGTH) {
result = "0" + result;
}
return result;
} catch (NoSuchAlgorithmException|java.security.InvalidKeyException i) {
GeneralSecurityException ex; oLog.debug("Failed to genenrate One time password (OTP)", new Object[] { ex.getMessage() });
return result;
}
}
*****************************************************************************
Could anyone help me with this problem?
Thank you all
Domenico