YubikeyOTP.OTP (YubikeyOTP v0.2.1) View Source
OTP Format
The format of the OTP is documented in:
Link to this section Summary
Functions
Parses an OTP into an OTP struct.
Like parse
, but returns the OTP struct directly, and throws exceptions when
errors are encountered (to permit specific handling, if desired).
Link to this section Types
Specs
Link to this section Functions
Specs
Parses an OTP into an OTP struct.
Without the encryption key, only the public_id
, 'prefix,
serialand
encrypted_otpfields are hydrated. ## Options *
:key- provides the 128 bit AES key to decrypt the OTP and load the remaining fields. As part of decryption, the OTP checksum is verified. *
:skip_checksum- whether to skip verifying the checksum after decrypting the OTP with the provided
key`.
## Examples
iex> YubikeyOTP.OTP.parse("ccccccclulvjbbhccnndrietjjnkeclcvjgrnhcivtgd")
{:ok,
%YubikeyOTP.OTP{
public_id: "ccccccclulvj",
prefix: "cccccc",
serial: 715512,
encrypted_otp: "bbhccnndrietjjnkeclcvjgrnhcivtgd"
}
}
iex> YubikeyOTP.OTP.parse("nope")
:error
Specs
Like parse
, but returns the OTP struct directly, and throws exceptions when
errors are encountered (to permit specific handling, if desired).
Exceptions
OTP.ParseError
- raised when the OTP cannot be successfully parsed with the given options.OTP.InvalidChecksumError
- raised when the checksum of the OTP does not validate.
Examples
Without specifying a decryption key, only the public information can be hydrated.
iex> YubikeyOTP.OTP.parse!("ccccccclulvjbbhccnndrietjjnkeclcvjgrnhcivtgd") %YubikeyOTP.OTP{
public_id: "ccccccclulvj",
prefix: "cccccc",
serial: 715512,
encrypted_otp: "bbhccnndrietjjnkeclcvjgrnhcivtgd"
}
Specifying a decryption key, but skipping the checksum verification will hydrate the data even with a "bad" decryption.
iex> YubikeyOTP.OTP.parse!("ccccccclulvjbbhccnndrietjjnkeclcvjgrnhcivtgd", key: "1111111111111111", skip_checksum: true) %YubikeyOTP.OTP{
public_id: "ccccccclulvj",
prefix: "cccccc",
serial: 715512,
encrypted_otp: "bbhccnndrietjjnkeclcvjgrnhcivtgd",
private_id: <<68, 48, 254, 248, 123, 61>>,
use_counter: 49442,
timestamp: 4703963,
session_counter: 150,
random: "Xn",
checksum: <<1, 15>>
}
Decrypting the token successfully will hydrate all fields.
iex> YubikeyOTP.OTP.parse!("ccccccclulvjhnblleegivrcjlvvtvujejbclrdjdgvk", key: "1111111111111111") %YubikeyOTP.OTP{
public_id: "ccccccclulvj",
prefix: "cccccc",
serial: 715512,
encrypted_otp: "hnblleegivrcjlvvtvujejbclrdjdgvk",
private_id: "111111",
use_counter: 0,
timestamp: 8002816,
session_counter: 0,
random: <<64, 22>>,
checksum: <<44, 51>>
}
Errors will be thrown when the checksum is invalid, an invalid key is provided, or an invalid token is provided.
iex> YubikeyOTP.OTP.parse!("ccccccclulvjbbhccnndrietjjnkeclcvjgrnhcivtgd", key: "1111111111111111") ** (YubikeyOTP.OTP.InvalidChecksumError) OTP checksum is invalid
iex> YubikeyOTP.OTP.parse!("nope") ** (YubikeyOTP.OTP.ParseError) OTP parsing failed