gchq · n1474335 · Sep 5, 2017 · Sep 5, 2017
diff --git a/package.json b/package.json
@@ -82,6 +82,7 @@
     "lodash": "^4.17.4",
     "moment": "^2.17.1",
     "moment-timezone": "^0.5.11",
+    "otp": "^0.1.3",
     "sladex-blowfish": "^0.8.1",
     "sortablejs": "^1.5.1",
     "split.js": "^1.2.0",

diff --git a/src/core/config/Categories.js b/src/core/config/Categories.js
@@ -300,6 +300,8 @@ const Categories = [
             "Detect File Type",
             "Scan for Embedded Files",
             "Generate UUID",
+            "Generate TOTP",
+            "Generate HOTP",
             "Render Image",
             "Remove EXIF",
             "Extract EXIF",

diff --git a/src/core/config/OperationConfig.js b/src/core/config/OperationConfig.js
@@ -29,6 +29,7 @@ import MS from "../operations/MS.js";
 import NetBIOS from "../operations/NetBIOS.js";
 import Numberwang from "../operations/Numberwang.js";
 import OS from "../operations/OS.js";
+import OTP from "../operations/OTP.js";
 import PublicKey from "../operations/PublicKey.js";
 import Punycode from "../operations/Punycode.js";
 import QuotedPrintable from "../operations/QuotedPrintable.js";
@@ -3635,7 +3636,67 @@ const OperationConfig = {
             }
         ]
     },
-
+    "Generate TOTP": {
+        description: "The Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. It has been adopted as Internet Engineering Task Force standard RFC 6238, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems. A TOTP is an HOTP where the counter is the current time.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated. T0 and T1 are in seconds.",
+        run: OTP.runTOTP,
+        inputType: "byteArray",
+        outputType: "string",
+        args: [
+            {
+                name: "Name",
+                type: "string",
+                value: ""
+            },
+            {
+                name: "Key size",
+                type: "number",
+                value: 32
+            },
+            {
+                name: "Code length",
+                type: "number",
+                value: 6
+            },
+            {
+                name: "Epoch offset (T0)",
+                type: "number",
+                value: 0
+            },
+            {
+                name: "Interval (T1)",
+                type: "number",
+                value: 30
+            }
+        ]
+    },
+    "Generate HOTP": {
+        description: "The HMAC-based One-Time Password algorithm (HOTP) is an algorithm that computes a one-time password from a shared secret key and an incrementing counter. It has been adopted as Internet Engineering Task Force standard RFC 4226, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated.",
+        run: OTP.runHOTP,
+        inputType: "string",
+        outputType: "string",
+        args: [
+            {
+                name: "Name",
+                type: "string",
+                value: ""
+            },
+            {
+                name: "Key size",
+                type: "number",
+                value: 32
+            },
+            {
+                name: "Code length",
+                type: "number",
+                value: 6
+            },
+            {
+                name: "Counter",
+                type: "number",
+                value: 0
+            }
+        ]
+    },
 };
 
 export default OperationConfig;
diff --git a/src/core/operations/OTP.js b/src/core/operations/OTP.js
@@ -0,0 +1,55 @@
+import otp from "otp";
+import Base64 from "./Base64.js";
+
+/**
+ * One-Time Password operations.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2017
+ * @license Apache-2.0
+ *
+ * @namespace
+ */
+const OTP = {
+
+    /**
+     * Generate TOTP operation.
+     *
+     * @param {byteArray} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    runTOTP: function(input, args) {
+        const otpObj = otp({
+            name: args[0],
+            keySize: args[1],
+            codeLength: args[2],
+            secret: Base64.runTo32(input, []),
+            epoch: args[3],
+            timeSlice: args[4]
+        });
+        return `URI: ${otpObj.totpURL}\n\nPassword: ${otpObj.totp()}`;
+    },
+
+
+    /**
+     * Generate HOTP operation.
+     *
+     * @param {byteArray} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    runHOTP: function(input, args) {
+        const otpObj = otp({
+            name: args[0],
+            keySize: args[1],
+            codeLength: args[2],
+            secret: Base64.runTo32(input, []),
+        });
+        const counter = args[3];
+        return `URI: ${otpObj.hotpURL}\n\nPassword: ${otpObj.hotp(counter)}`;
+    },
+
+};
+
+export default OTP;