packageAuthen::OATH;$Authen::OATH::VERSION='2.0.1';usewarnings;usestrict;useDigest::HMAC;useMath::BigInt;useMoo 2.002004;hasdigits=> (is=>'rw',isa=> Int,default=> 6,);hasdigest=> (is=>'rw',isa=> Str,default=>'Digest::SHA',);hastimestep=> (is=>'rw',isa=> Int,default=> 30,);subtotp {my($self,$secret,$manual_time) =@_;$secret=join("",mapchr(hex($_) ),$secret=~ /(..)/g )if$secret=~ /^[a-fA-F0-9]{32,}$/;my$mod=$self->digest;if(eval"require $mod") {$mod->import();}my$time=$manual_time||time();my$T= Math::BigInt->new(int($time/$self->timestep ) );die"Must request at least 6 digits"if$self->digits < 6;(my$hex=$T->as_hex ) =~ s/^0x(.*)/"0"x(16 -length$1) . $1/e;my$bin_code=join("",mapchr(hex($_) ),$hex=~ /(..)/g );my$otp=$self->_process($secret,$bin_code);return$otp;}subhotp {my($self,$secret,$c) =@_;$secret=join("",mapchr(hex($_) ),$secret=~ /(..)/g )if$secret=~ /^[a-fA-F0-9]{32,}$/;my$mod=$self->digest;if(eval"require $mod") {$mod->import();}$c= Math::BigInt->new($c);die"Must request at least 6 digits"if$self->digits < 6;(my$hex=$c->as_hex ) =~ s/^0x(.*)/"0"x(16 -length$1) . $1/e;my$bin_code=join("",mapchr(hex($_) ),$hex=~ /(..)/g );my$otp=$self->_process($secret,$bin_code);return$otp;}sub_process {my($self,$secret,$bin_code) =@_;my$hmac= Digest::HMAC->new($secret,$self->digest );$hmac->add($bin_code);my$hash=$hmac->digest();my$offset=hexsubstrunpack("H*"=>$hash), -1;my$dt=unpack"N"=>substr$hash,$offset, 4;$dt&= 0x7fffffff;$dt= Math::BigInt->new($dt);my$modulus= 10**$self->digits;if($self->digits < 10 ) {returnsprintf("%0$self->{ 'digits' }d",$dt->bmod($modulus) );}else{return$dt->bmod($modulus);}}1;# End of Authen::OATH=pod=encoding UTF-8=head1 NAMEAuthen::OATH - OATH One Time Passwords=head1 VERSIONversion 2.0.1=head1 SYNOPSISuse Authen::OATH;my $oath = Authen::OATH->new();my $totp = $oath->totp( 'MySecretPassword' );my $hotp = $oath->hotp( 'MyOtherSecretPassword' );Parameters may be overridden when creating the new object:my $oath = Authen::OATH->new( digits => 8 );The three parameters are "digits", "digest", and "timestep."Timestep only applies to the totp() function.While strictly speaking this is outside the specifications ofHOTP and TOTP, you can specify digests other than SHA1. For example:my $oath = Authen::OATH->new(digits => 10,digest => 'Digest::MD6',);If you are using Google Authenticator, you'll want to decode your secret*before* passing it to the C<totp> method:use Convert::Base32 qw( decode_base32 );my $oath = Authen::OATH->new;my $secret = 'mySecret';my $otp = $oath->totp( decode_base32( $secret ) );=head1 DESCRIPTIONImplementation of the HOTP and TOTP One Time Password algorithmsas defined by OATH (http://www.openauthentication.org)All necessary parameters are set by default, though these can beoverridden. Both totp() and htop() have passed all of the testvectors defined in the RFC documents for TOTP and HOTP.totp() and hotp() both default to returning 6 digits and using SHA1.As such, both can be called by passing only the secret key and avalid OTP will be returned.=head1 SUBROUTINES/METHODS=head2 totpmy $otp = $oath->totp( $secret [, $manual_time ] );Manual time is an optional parameter. If it is not passed, the currenttime is used. This is useful for testing purposes.=head2 hotpmy $opt = $oath->hotp( $secret, $counter );Both parameters are required.=head2 _processThis is an internal routine and is never called directly.=head1 CAVEATSPlease see the SYNOPSIS for how interaction with Google Authenticator.=head1 AUTHORKurt Kincaid <kurt.kincaid@gmail.com>=head1 COPYRIGHT AND LICENSEThis software is copyright (c) 2010-2017 by Kurt Kincaid.This is free software; you can redistribute it and/or modify it underthe same terms as the Perl 5 programming language system itself.=cut__END__#ABSTRACT: OATH One Time Passwords