OCRA - OATH Challenge-Response Algorithm
Version 1.01
use Authen::OATH::OCRA; my $key = '7110eda4d09e062aa5e4a390b0a572ac0d2c0220'; my $question = 'This is the challenge'; my $ocrasuite = 'OCRA-1:HOTP-SHA1-6:QA32'; my $ocra = Authen::OATH::OCRA->new( ocrasuite => $ocrasuite, key => $key, # key must be hex encoded question => $question ); my $otp = $ocra->ocra();
Parameters may be set after object instantiation using accesor methods before the ocra() method is called
use Authen::OATH::OCRA; my $ocra = Authen::OATH::OCRA->new(); $ocra->ocrasuite('OCRA-1:HOTP-SHA512-6:C-QA32-PSHA1-S20-T1M'); $ocra->key('7110eda4d09e062aa5e4a390b0a572ac0d2c0220'); $ocra->counter(77777777); $ocra->question("I bet you can't"); $ocra->password('f7c3bc1d808e04732adf679965ccc34ca7ae3441'); $ocra->session_information('Some session info'); $ocra->timestamp(1234567890); my $otp = $ocra->ocra();
Implementation of the OATH Challenge-Response authentication algorithm as defined by The Initiative for Open Authentication OATH (http://www.openauthentication.org) in RFC 6287 (http://tools.ietf.org/html/rfc6287)
Minimum required parameters are: ocrasuite, key and question. Aditional parameters (counter, password or session_information) may be required depending on the specified ocrasuite.
Accesor methods are provided for each parameter
Text string that specifies the operation mode for OCRA. For further information see http://tools.ietf.org/html/rfc6287#section-6
Text string with the shared secret key known to both parties, must be in hexadecimal format
An unsigned integer value, must be sinchronized between both parties
Text string with the challenge question
Text string with the hash (SHA-1 , SHA-256 and SHA-512 are supported) value of PIN/password that is known to both parties, must be in hexadecimal format
Text string that contains information about the current session, must be UTF-8 encoded
Defaults to system time if required by the OCRA Suite and not provided, use only if you need to set the time manually. An unsigned integer value representing the manual Unix Time in the granularity specified in the OCRA Suite
Returns a text string with the One Time Password for the provided parameters
my $otp = $ocra->ocra();
ocra() passed all the test vectors contained in the RFC document.
Pascual De Ruvo, <pderuvo at gmail.com>
<pderuvo at gmail.com>
Please report any bugs or feature requests to bug-authen-oath-ocra at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Authen-OATH-OCRA. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
bug-authen-oath-ocra at rt.cpan.org
You can find documentation for this module with the perldoc command.
perldoc Authen::OATH::OCRA
You can also look for information at:
OATH: Initiative for Open Authentication
http://www.openauthentication.org
OCRA: OATH Challenge-Response Algorithm RFC
http://tools.ietf.org/html/rfc6287
RT: CPAN's request tracker
http://rt.cpan.org/NoAuth/Bugs.html?Dist=Authen-OATH-OCRA
AnnoCPAN: Annotated CPAN documentation
http://annocpan.org/dist/Authen-OATH-OCRA
CPAN Ratings
http://cpanratings.perl.org/d/Authen-OATH-OCRA
Search CPAN
http://search.cpan.org/dist/Authen-OATH-OCRA/
Copyright 2012 Pascual De Ruvo.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.
To install Authen::OATH::OCRA, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Authen::OATH::OCRA
CPAN shell
perl -MCPAN -e shell install Authen::OATH::OCRA
For more information on module installation, please visit the detailed CPAN module installation guide.