/// <summary>
/// Takes a time step and computes a TOTP code
/// </summary>
/// <param name="counter">time step</param>
/// <param name="mode">The hash mode to use</param>
/// <returns>TOTP calculated code</returns>
protected override string Compute(long counter, OtpHashMode mode)
{
var data = KeyUtilities.GetBigEndianBytes(counter);
var otp = this.CalculateOtp(data, mode);
return(Digits(otp, this.totpSize));
}
/// <summary>
/// Static method to create a protected key from a plaintext key. It will wipe the reference that was passed in once the protected key instance is initialized
/// </summary>
/// <param name="plaintextKey">The key</param>
/// <returns>A protected key instance from the provided key</returns>
public static InMemoryKey CreateProtectedKeyAndDestroyPlaintextKey(byte[] plaintextKey)
{
var key = new InMemoryKey(plaintextKey);
// the protected key creates a copy of the key and pads it as needed for in memory protection.
// Thus the reference that was passed in isn't needed. Overwrite it with random garbage.
KeyUtilities.Destroy(plaintextKey);
return(key);
}
/// <summary>
/// Uses the key to get an HMAC using the specified algorithm and data
/// </summary>
/// <param name="mode">The HMAC algorithm to use</param>
/// <param name="data">The data used to compute the HMAC</param>
/// <returns>HMAC of the key and data</returns>
public byte[] ComputeHmac(OtpHashMode mode, byte[] data)
{
byte[] hashedValue = null;
using (HMAC hmac = CreateHmacHash(mode))
{
byte[] key = this.GetCopyOfKey();
try
{
hmac.Key = key;
hashedValue = hmac.ComputeHash(data);
}
finally
{
KeyUtilities.Destroy(key);
}
}
return(hashedValue);
}
/// <summary>
/// Uses the procedure defined in RFC 4226 section 7.5 to derive a key from the master key
/// </summary>
/// <param name="masterKey">The master key from which to derive a device specific key</param>
/// <param name="serialNumber">A serial number that is unique to the authenticating device</param>
/// <param name="mode">The hash mode to use. This will determine the resulting key lenght. The default is sha-1 (as per the RFC) which is 20 bytes</param>
/// <returns>Derived key</returns>
public static byte[] DeriveKeyFromMaster(IKeyProvider masterKey, int serialNumber, OtpHashMode mode = OtpHashMode.Sha1)
{
return(DeriveKeyFromMaster(masterKey, KeyUtilities.GetBigEndianBytes(serialNumber), mode));
}
