OCRA Class
Properties Methods Events Config Settings Errors
The OCRA class implements the OATH Challenge-Response Algorithm.
Syntax
ipworksauth.ocra()
Remarks
The OCRA component provides a simple way to create challenges, calculate responses, and verify responses using the OATH Challenge-Response Algorithm.
The first step to using the class is creating the Challenge and generating the OCRASuite. This is done by calling the CreateChallenge method. After creating the Challenge and OCRASuite these values are sent to the other party.
When receiving a challenge and OCRASuite the class is use to calculate a response. Set OCRASuite, Challenge, and any other required properties and call CalculateResponse to calculate the Response. Send the Response back to the original party for verification.
After receiving the verification set Challenge, OCRASuite, and Response and call VerifyResponse. VerifyResponse returns True if the response is verified, False otherwise.
Creating the Challenge
The CreateChallenge method creates a Challenge. After calling this method the Challenge property will be populated with the created value.
When ChallengeType is set to ctRandom the following properties are applicable:
When ChallengeType is set to ctSignature the following properties are applicable:
In addition to creating the Challenge this method will also create the OCRASuite which defines parameters required by the other party to calculate a response. The following properties are applicable to OCRASuite creation:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
Calculating the Response
CalculateResponse calculates Response to the given Challenge.
Before calling this method set OCRASuite to the suite obtained from the other party and set Challenge to the received challenge.
After setting OCRASuite the following properties are populated, which provide requirements for the response:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
Inspect these properties to determine the requirements and provide any required values such as Counter or Password. Set Key to the key used during the HMAC computation. Set Challenge to the received challenge.
Call this method to calculate the response. After calling this method the Response property is populated. The response may then be transmitted to the other party for verification.
The following properties are applicable when calling this method:
- Challenge
- Counter
- HashAlgorithm
- Key
- OCRASuite
- Password
- ResponseLength
- CurrentTime
- SessionInfo
- TimeStepSize
- TimeStepUnit
- PasswordHashAlgorithm
Verifying the Response
VerifyResponse verifies the response and returns True or False depending on the result.
Before calling this method set OCRASuite, Challenge, and Response.
After setting OCRASuite the following properties are populated, which provide requirements for the response:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
These properties may be inspected to determine the requirements. Provide any required values such as Counter or Password. Set Challenge to the original challenge that was issued. Set Response to the received response. Set Key to the key used during the HMAC computation.
Call this method to verify the response. The method will return True if the verification was successful, False otherwise.
The following properties are applicable when calling this method:
- Challenge
- Response
- Counter
- HashAlgorithm
- Key
- OCRASuite
- Password
- ResponseLength
- CurrentTime
- SessionInfo
- TimeStepSize
- TimeStepUnit
- PasswordHashAlgorithm
Random Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctRandom;
ocra.ChallengeLength = 10;
ocra.ChallengeFormat = OcraChallengeFormats.cfNumeric;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "3891592139"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QN10"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
Signature Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctSignature;
ocra.ChallengeInput = "test input";
ocra.Key = "signature key";
ocra.ChallengeFormat = OcraChallengeFormats.cfHex;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "973131F0"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QH08"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
Challenge | The challenge value. |
ChallengeFormat | The format in which the challenge will be created. |
ChallengeInput | The input for the signature challenge. |
ChallengeLength | The challenge length. |
ChallengeType | The challenge type. |
Counter | The counter. |
HashAlgorithm | The HMAC Hash Algorithm. |
Key | The secret key. |
OCRASuite | The OCRASuite defines parameters about the challenge and response. |
Password | The password. |
RequireCounter | Whether a Counter value is required to create the response. |
RequirePassword | Whether a Password is required to create the response. |
RequireTimeStamp | Whether a TimeStamp is required to create the response. |
Response | The OCRA response. |
ResponseLength | Defines the length of the response. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
CalculateResponse | This method calculates the response to the given challenge. |
Config | Sets or retrieves a configuration setting. |
CreateChallenge | Creates the challenge. |
Reset | Reset the variables to default value. |
VerifyResponse | This method verifies the response. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
Error | Information about errors during data delivery. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
CounterHex | The counter value as a hexadecimal string. |
CurrentTime | The current time in milliseconds. |
PasswordHashAlgorithm | The password hash algorithm. |
RequireSessionInfo | Whether to use session information. |
SessionInfo | The session information. |
SessionInfoLength | The length of the session information. |
TimeStepSize | The time step. |
TimeStepUnit | The time step unit. |
BuildInfo | Information about the product's build. |
CodePage | The system code page used for Unicode to Multibyte translations. |
LicenseInfo | Information about the current license. |
MaskSensitive | Whether sensitive data is masked in log messages. |
UseInternalSecurityAPI | Tells the class whether or not to use the system security libraries or an internal implementation. |
OCRA.Challenge Property
The challenge value.
Syntax
getChallenge(): Uint8Array; setChallenge(challenge: Uint8Array): void;
Default Value
""
Remarks
This property is populated after calling CreateChallenge. The format is specified by the ChallengeFormat property and the length is defined by the ChallengeLength property.
This property must be specified before calling CalculateResponse or VerifyResponse.
OCRA.ChallengeFormat Property
The format in which the challenge will be created.
Syntax
getChallengeFormat(): OcraChallengeFormats; setChallengeFormat(challengeFormat: OcraChallengeFormats): void;
enum OcraChallengeFormats { cfAlphanumeric, cfNumeric, cfHex }
Default Value
0
Remarks
This setting specifies the format of the created challenge. This is applicable when calling CreateChallenge. Possible values are:
0 (cfAlphanumeric - default) | Alphanumeric characters |
1 (cfNumeric) | Digits |
2 (cfHex) | Hex characters |
OCRA.ChallengeInput Property
The input for the signature challenge.
Syntax
getChallengeInput(): Uint8Array; setChallengeInput(challengeInput: Uint8Array): void;
Default Value
""
Remarks
This property specifies the data used when creating the signature challenge. This is only used when calling CreateChallenge when ChallengeType is set to Signature.
OCRA.ChallengeLength Property
The challenge length.
Syntax
getChallengeLength(): number; setChallengeLength(challengeLength: number): void;
Default Value
8
Remarks
This setting specifies the length of the Challenge that is created when calling CreateChallenge. Valid values are from 4 to 64. The default value is 8.
OCRA.ChallengeType Property
The challenge type.
Syntax
getChallengeType(): OcraChallengeTypes; setChallengeType(challengeType: OcraChallengeTypes): void;
enum OcraChallengeTypes { ctRandom, ctSignature }
Default Value
0
Remarks
This property defines the type of challenge created. Possible values are:
0 (ctRandom - default) | A random challenge is created. |
1 (ctSignature) | A signature challenge is created by signing ChallengeInput. |
When setting this property to 0 (ctRandom) and calling CreateChallenge the class will populate Challenge with a randomly generated value.
When setting this property to 1 (ctSignature) and calling CreateChallenge the class creates a Hash-based Message Authentication Code (HMAC) value using the data specified in ChallengeInput and then populate Challenge with the formatted result.
OCRA.Counter Property
The counter.
Syntax
getCounter(): number; setCounter(counter: number): void;
Default Value
0
Remarks
This property specifies the counter.
If a counter is required this must be set before calling CalculateResponse and VerifyResponse. To determine if a counter is required assign OCRASuite to the OCRA suite and check the value of RequireCounter.
The counter value should begin at 0 be incremented until the maximum value is reached. After the maximum is reached the counter value should start again at 0.
OCRA.HashAlgorithm Property
The HMAC Hash Algorithm.
Syntax
getHashAlgorithm(): OcraHashAlgorithms; setHashAlgorithm(hashAlgorithm: OcraHashAlgorithms): void;
enum OcraHashAlgorithms { haSHA1, haSHA256, haSHA512 }
Default Value
0
Remarks
This property specifies the hash algorithm used by the class. Possible values are:
- 0 (SHA-1 - default)
- 1 (SHA-256)
- 2 (SHA-512)
OCRA.Key Property
The secret key.
Syntax
getKey(): Uint8Array; setKey(key: Uint8Array): void;
Default Value
""
Remarks
This property holds the secret key used when calling CalculateResponse and VerifyResponse.
This property is also used when calling CreateChallenge when ChallengeType is set to Signature.
An empty key is valid, however it is recommended to provide a key value.
OCRA.OCRASuite Property
The OCRASuite defines parameters about the challenge and response.
Syntax
getOCRASuite(): string; setOCRASuite(OCRASuite: string): void;
Default Value
""
Remarks
This property holds the OCRASuite value which defines parameters about the challenge and response.
This property will be populated after calling CreateChallenge. This property must be set before calling CalculateResponse or VerifyResponse.
When calling CreateChallenge the following properties will be used to create the OCRASuite:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
When this property is set the value is parsed and the above properties are populated to reflect the requirements defined by the OCRASuite.
OCRA.Password Property
The password.
Syntax
getPassword(): Uint8Array; setPassword(password: Uint8Array): void;
Default Value
""
Remarks
This property specifies the password.
If a password is required this must be set before calling CalculateResponse and VerifyResponse. To determine if a password is required assign OCRASuite to the OCRA suite and check the value of RequirePassword.
OCRA.RequireCounter Property
Whether a Counter value is required to create the response.
Syntax
isRequireCounter(): boolean; setRequireCounter(requireCounter: boolean): void;
Default Value
FALSE
Remarks
This property specifies whether a Counter value is required to create the response.
This may be set before calling CreateChallenge, when the OCRASuite is generated.
When OCRASuite is assigned this value is updated to reflect the options specified in the OCRASuite
OCRA.RequirePassword Property
Whether a Password is required to create the response.
Syntax
isRequirePassword(): boolean; setRequirePassword(requirePassword: boolean): void;
Default Value
FALSE
Remarks
This property specifies whether a Password is required to create the response.
This may be set before calling CreateChallenge, when the OCRASuite is generated.
When OCRASuite is assigned this value is updated to reflect the options specified in the OCRASuite
OCRA.RequireTimeStamp Property
Whether a TimeStamp is required to create the response.
Syntax
isRequireTimeStamp(): boolean; setRequireTimeStamp(requireTimeStamp: boolean): void;
Default Value
FALSE
Remarks
This property specifies whether a TimeStamp is required to create the response.
This may be set before calling CreateChallenge, when the OCRASuite is generated.
When OCRASuite is assigned this value is updated to reflect the options specified in the OCRASuite
The class will automatically use the current system time when calling CalculateResponse and VerifyResponse if this property is True. The CurrentTime setting may be set to specify the time instead of using the system time.
The following settings are also applicable when this value is True:
OCRA.Response Property
The OCRA response.
Syntax
getResponse(): Uint8Array; setResponse(response: Uint8Array): void;
Default Value
""
Remarks
This property holds the challenge response.
This is populated after calling CalculateResponse. This must be set before calling VerifyResponse.
OCRA.ResponseLength Property
Defines the length of the response.
Syntax
getResponseLength(): number; setResponseLength(responseLength: number): void;
Default Value
6
Remarks
This property specifies the desired response length. Valid values are 4-10, and 0. Values 4-10 will result in a numeric value of that length. The value 0 indicates no truncation and the raw HMAC value is returned in the response
This may be set before calling CreateChallenge, when the OCRASuite is generated.
When OCRASuite is assigned this value is updated to reflect the options specified in the OCRASuite. When calling CalculateResponse the calculated Response will be a value with this length.
The default value is 6.
OCRA.calculateResponse Method
This method calculates the response to the given challenge.
Syntax
async ocra.calculateResponse(): Promise<void>
Remarks
This method calculates Response to the given Challenge.
Before calling this method set OCRASuite to the suite obtained from the other party and set Challenge to the received challenge.
After setting OCRASuite the following properties are populated, which provide requirements for the response:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
Inspect these properties to determine the requirements and provide any required values such as Counter or Password. Set Key to the key used during the HMAC computation. Set Challenge to the received challenge.
Call this method to calculate the response. After calling this method the Response property is populated. The response may then be transmitted to the other party for verification.
The following properties are applicable when calling this method:
- Challenge
- Counter
- HashAlgorithm
- Key
- OCRASuite
- Password
- ResponseLength
- CurrentTime
- SessionInfo
- TimeStepSize
- TimeStepUnit
- PasswordHashAlgorithm
Random Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctRandom;
ocra.ChallengeLength = 10;
ocra.ChallengeFormat = OcraChallengeFormats.cfNumeric;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "3891592139"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QN10"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
Signature Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctSignature;
ocra.ChallengeInput = "test input";
ocra.Key = "signature key";
ocra.ChallengeFormat = OcraChallengeFormats.cfHex;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "973131F0"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QH08"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
OCRA.config Method
Sets or retrieves a configuration setting.
Syntax
async ocra.config(configurationString : string): Promise<string>
Remarks
Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
OCRA.createChallenge Method
Creates the challenge.
Syntax
async ocra.createChallenge(): Promise<void>
Remarks
This method creates a Challenge. After calling this method the Challenge property will be populated with the created value.
When ChallengeType is set to ctRandom the following properties are applicable:
When ChallengeType is set to ctSignature the following properties are applicable:
In addition to creating the Challenge this method will also create the OCRASuite which defines parameters required by the other party to calculate a response. The following properties are applicable to OCRASuite creation:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
Random Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctRandom;
ocra.ChallengeLength = 10;
ocra.ChallengeFormat = OcraChallengeFormats.cfNumeric;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "3891592139"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QN10"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
Signature Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctSignature;
ocra.ChallengeInput = "test input";
ocra.Key = "signature key";
ocra.ChallengeFormat = OcraChallengeFormats.cfHex;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "973131F0"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QH08"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
OCRA.reset Method
Reset the variables to default value.
Syntax
async ocra.reset(): Promise<void>
Remarks
This method will reset the variables to default value.
OCRA.verifyResponse Method
This method verifies the response.
Syntax
async ocra.verifyResponse(): Promise<boolean>
Remarks
This method verifies the response and returns True or False depending on the result.
Before calling this method set OCRASuite, Challenge, and Response.
After setting OCRASuite the following properties are populated, which provide requirements for the response:
- ChallengeFormat
- HashAlgorithm
- ResponseLength
- RequireCounter
- RequirePassword
- RequireTimeStamp
- PasswordHashAlgorithm
- RequireSessionInfo
- SessionInfoLength
- TimeStepSize
- TimeStepUnit
These properties may be inspected to determine the requirements. Provide any required values such as Counter or Password. Set Challenge to the original challenge that was issued. Set Response to the received response. Set Key to the key used during the HMAC computation.
Call this method to verify the response. The method will return True if the verification was successful, False otherwise.
The following properties are applicable when calling this method:
- Challenge
- Response
- Counter
- HashAlgorithm
- Key
- OCRASuite
- Password
- ResponseLength
- CurrentTime
- SessionInfo
- TimeStepSize
- TimeStepUnit
- PasswordHashAlgorithm
Random Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctRandom;
ocra.ChallengeLength = 10;
ocra.ChallengeFormat = OcraChallengeFormats.cfNumeric;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "3891592139"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QN10"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
Signature Challenge Example
//First create the challenge on machine A
Ocra ocra = new Ocra();
ocra.ChallengeType = OcraChallengeTypes.ctSignature;
ocra.ChallengeInput = "test input";
ocra.Key = "signature key";
ocra.ChallengeFormat = OcraChallengeFormats.cfHex;
ocra.CreateChallenge();
string challenge = ocra.Challenge; //Value like "973131F0"
string ocraSuite = ocra.OCRASuite; //Value "OCRA-1:HOTP-SHA1-6:QH08"
//Send Challenge and OCRASuite to Machine B
//Upon receiving the challenge on Machine B, calculate a response
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Received from other party
ocra.Challenge = challenge; //Received from other party
ocra.Key = "shared secret key";
ocra.CalculateResponse();
string response = ocra.Response; //Value like "574464"
//Send Response back to Machine A
//Upon receiving the response on Machine A, verify it
ocra = new Ocra();
ocra.OCRASuite = ocraSuite; //Original OCRASuite saved before sending the original challenge
ocra.Challenge = challenge; //Original challenge that was sent
ocra.Response = response; //Received from other party
ocra.Key = "shared secret key";
bool isValid = ocra.VerifyResponse(); //Returns True if verified
OCRA.Error Event
Information about errors during data delivery.
Syntax
ocra.on('Error', listener: (e: {readonly errorCode: number, readonly description: string}) => void )
Remarks
The Error event is fired in case of exceptional conditions during message processing. Normally the class .
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
Config Settings (class ipworksauth.ocra)
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.OCRA Config Settings
0 | SHA1 |
1 (default) | SHA-256 |
2 | SHA-512 |
This may be set before calling CreateChallenge, when the OCRASuite is generated.
When OCRASuite is assigned this value is updated to reflect the options specified in the OCRASuite
This may be set before calling CreateChallenge, when the OCRASuite is generated.
When OCRASuite is assigned this value is updated to reflect the options specified in the OCRASuite
Common values are 64, 128, 256, and 512.
0 | Seconds |
1 (default) | Minutes |
2 | Hours |
Base Config Settings
The following is a list of valid code page identifiers:
Identifier | Name |
037 | IBM EBCDIC - U.S./Canada |
437 | OEM - United States |
500 | IBM EBCDIC - International |
708 | Arabic - ASMO 708 |
709 | Arabic - ASMO 449+, BCON V4 |
710 | Arabic - Transparent Arabic |
720 | Arabic - Transparent ASMO |
737 | OEM - Greek (formerly 437G) |
775 | OEM - Baltic |
850 | OEM - Multilingual Latin I |
852 | OEM - Latin II |
855 | OEM - Cyrillic (primarily Russian) |
857 | OEM - Turkish |
858 | OEM - Multilingual Latin I + Euro symbol |
860 | OEM - Portuguese |
861 | OEM - Icelandic |
862 | OEM - Hebrew |
863 | OEM - Canadian-French |
864 | OEM - Arabic |
865 | OEM - Nordic |
866 | OEM - Russian |
869 | OEM - Modern Greek |
870 | IBM EBCDIC - Multilingual/ROECE (Latin-2) |
874 | ANSI/OEM - Thai (same as 28605, ISO 8859-15) |
875 | IBM EBCDIC - Modern Greek |
932 | ANSI/OEM - Japanese, Shift-JIS |
936 | ANSI/OEM - Simplified Chinese (PRC, Singapore) |
949 | ANSI/OEM - Korean (Unified Hangul Code) |
950 | ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC) |
1026 | IBM EBCDIC - Turkish (Latin-5) |
1047 | IBM EBCDIC - Latin 1/Open System |
1140 | IBM EBCDIC - U.S./Canada (037 + Euro symbol) |
1141 | IBM EBCDIC - Germany (20273 + Euro symbol) |
1142 | IBM EBCDIC - Denmark/Norway (20277 + Euro symbol) |
1143 | IBM EBCDIC - Finland/Sweden (20278 + Euro symbol) |
1144 | IBM EBCDIC - Italy (20280 + Euro symbol) |
1145 | IBM EBCDIC - Latin America/Spain (20284 + Euro symbol) |
1146 | IBM EBCDIC - United Kingdom (20285 + Euro symbol) |
1147 | IBM EBCDIC - France (20297 + Euro symbol) |
1148 | IBM EBCDIC - International (500 + Euro symbol) |
1149 | IBM EBCDIC - Icelandic (20871 + Euro symbol) |
1200 | Unicode UCS-2 Little-Endian (BMP of ISO 10646) |
1201 | Unicode UCS-2 Big-Endian |
1250 | ANSI - Central European |
1251 | ANSI - Cyrillic |
1252 | ANSI - Latin I |
1253 | ANSI - Greek |
1254 | ANSI - Turkish |
1255 | ANSI - Hebrew |
1256 | ANSI - Arabic |
1257 | ANSI - Baltic |
1258 | ANSI/OEM - Vietnamese |
1361 | Korean (Johab) |
10000 | MAC - Roman |
10001 | MAC - Japanese |
10002 | MAC - Traditional Chinese (Big5) |
10003 | MAC - Korean |
10004 | MAC - Arabic |
10005 | MAC - Hebrew |
10006 | MAC - Greek I |
10007 | MAC - Cyrillic |
10008 | MAC - Simplified Chinese (GB 2312) |
10010 | MAC - Romania |
10017 | MAC - Ukraine |
10021 | MAC - Thai |
10029 | MAC - Latin II |
10079 | MAC - Icelandic |
10081 | MAC - Turkish |
10082 | MAC - Croatia |
12000 | Unicode UCS-4 Little-Endian |
12001 | Unicode UCS-4 Big-Endian |
20000 | CNS - Taiwan |
20001 | TCA - Taiwan |
20002 | Eten - Taiwan |
20003 | IBM5550 - Taiwan |
20004 | TeleText - Taiwan |
20005 | Wang - Taiwan |
20105 | IA5 IRV International Alphabet No. 5 (7-bit) |
20106 | IA5 German (7-bit) |
20107 | IA5 Swedish (7-bit) |
20108 | IA5 Norwegian (7-bit) |
20127 | US-ASCII (7-bit) |
20261 | T.61 |
20269 | ISO 6937 Non-Spacing Accent |
20273 | IBM EBCDIC - Germany |
20277 | IBM EBCDIC - Denmark/Norway |
20278 | IBM EBCDIC - Finland/Sweden |
20280 | IBM EBCDIC - Italy |
20284 | IBM EBCDIC - Latin America/Spain |
20285 | IBM EBCDIC - United Kingdom |
20290 | IBM EBCDIC - Japanese Katakana Extended |
20297 | IBM EBCDIC - France |
20420 | IBM EBCDIC - Arabic |
20423 | IBM EBCDIC - Greek |
20424 | IBM EBCDIC - Hebrew |
20833 | IBM EBCDIC - Korean Extended |
20838 | IBM EBCDIC - Thai |
20866 | Russian - KOI8-R |
20871 | IBM EBCDIC - Icelandic |
20880 | IBM EBCDIC - Cyrillic (Russian) |
20905 | IBM EBCDIC - Turkish |
20924 | IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol) |
20932 | JIS X 0208-1990 & 0121-1990 |
20936 | Simplified Chinese (GB2312) |
21025 | IBM EBCDIC - Cyrillic (Serbian, Bulgarian) |
21027 | Extended Alpha Lowercase |
21866 | Ukrainian (KOI8-U) |
28591 | ISO 8859-1 Latin I |
28592 | ISO 8859-2 Central Europe |
28593 | ISO 8859-3 Latin 3 |
28594 | ISO 8859-4 Baltic |
28595 | ISO 8859-5 Cyrillic |
28596 | ISO 8859-6 Arabic |
28597 | ISO 8859-7 Greek |
28598 | ISO 8859-8 Hebrew |
28599 | ISO 8859-9 Latin 5 |
28605 | ISO 8859-15 Latin 9 |
29001 | Europa 3 |
38598 | ISO 8859-8 Hebrew |
50220 | ISO 2022 Japanese with no halfwidth Katakana |
50221 | ISO 2022 Japanese with halfwidth Katakana |
50222 | ISO 2022 Japanese JIS X 0201-1989 |
50225 | ISO 2022 Korean |
50227 | ISO 2022 Simplified Chinese |
50229 | ISO 2022 Traditional Chinese |
50930 | Japanese (Katakana) Extended |
50931 | US/Canada and Japanese |
50933 | Korean Extended and Korean |
50935 | Simplified Chinese Extended and Simplified Chinese |
50936 | Simplified Chinese |
50937 | US/Canada and Traditional Chinese |
50939 | Japanese (Latin) Extended and Japanese |
51932 | EUC - Japanese |
51936 | EUC - Simplified Chinese |
51949 | EUC - Korean |
51950 | EUC - Traditional Chinese |
52936 | HZ-GB2312 Simplified Chinese |
54936 | Windows XP: GB18030 Simplified Chinese (4 Byte) |
57002 | ISCII Devanagari |
57003 | ISCII Bengali |
57004 | ISCII Tamil |
57005 | ISCII Telugu |
57006 | ISCII Assamese |
57007 | ISCII Oriya |
57008 | ISCII Kannada |
57009 | ISCII Malayalam |
57010 | ISCII Gujarati |
57011 | ISCII Punjabi |
65000 | Unicode UTF-7 |
65001 | Unicode UTF-8 |
Identifier | Name |
1 | ASCII |
2 | NEXTSTEP |
3 | JapaneseEUC |
4 | UTF8 |
5 | ISOLatin1 |
6 | Symbol |
7 | NonLossyASCII |
8 | ShiftJIS |
9 | ISOLatin2 |
10 | Unicode |
11 | WindowsCP1251 |
12 | WindowsCP1252 |
13 | WindowsCP1253 |
14 | WindowsCP1254 |
15 | WindowsCP1250 |
21 | ISO2022JP |
30 | MacOSRoman |
10 | UTF16String |
0x90000100 | UTF16BigEndian |
0x94000100 | UTF16LittleEndian |
0x8c000100 | UTF32String |
0x98000100 | UTF32BigEndian |
0x9c000100 | UTF32LittleEndian |
65536 | Proprietary |
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
Setting this configuration setting to true tells the class to use the internal implementation instead of using the system security libraries.
This setting is set to false by default on all platforms.
Trappable Errors (class ipworksauth.ocra)
OCRA Errors
101 Invalid challenge type. | |
102 Invalid challenge length. | |
103 Invalid response length. | |
104 Response must be specified. | |
105 Invalid hash algorithm. | |
106 Invalid challenge format. | |
107 Invalid password hash algorithm. | |
108 Invalid time step unit. | |
109 Invalid OCRASuite. | |
110 OCRASuite must be specified. | |
111 Challenge must be specified. | |
112 ChallengeInput must be specified. | |
113 Password must be specified. |