OTP routines

otp.go

@@ -0,0 +1,42 @@
+package main
+
+import (
+	"log"
+	"time"
+)
+
+func (s *OpenVpnMgt) GenerateOTP(user string) ([]string, error) {
+	return s.GenerateOTPGeneric(user, 30, "sha1", 10, 6)
+}
+
+// alternative OTP generator, not used at the moment
+func (s *OpenVpnMgt) GenerateSlackOTP(user string) ([]string, error) {
+	return s.GenerateOTPGeneric(user, 60, "sha256", 30, 8)
+}
+
+func (s *OpenVpnMgt) GenerateOTPGeneric(user string, period int, algo string, secretLen int, digits int) ([]string, error) {
+	codes := []string{}
+	now := time.Now()
+
+	secret := encodeSecret(ComputeHmac256(user, s.otpMasterSecrets[0])[:secretLen])
+	code, err := GenericTotpCode(secret, now, algo, digits, period)
+	if err != nil {
+		return codes, err
+	}
+	// the first code is the generic one
+	codes = append(codes, code)
+
+	for i := 1; i < 3; i++ {
+		code, _ = GenericTotpCode(secret, now.Add(-1*time.Second*time.Duration(period*i)), algo, digits, period)
+		codes = append(codes, code)
+	}
+
+	for j := 1; j < len(s.otpMasterSecrets); j++ {
+		secret = encodeSecret(ComputeHmac256(user, s.otpMasterSecrets[j])[:secretLen])
+		for i := 0; i < 3; i++ {
+			code, _ = GenericTotpCode(secret, now.Add(-1*time.Second*time.Duration(period*i)), algo, digits, period)
+			codes = append(codes, code)
+		}
+	}
+	return codes, nil
+}