HOTP on Android

I have updated the Android mOTP application to support the HOTP algorithm for One-Time Passwords.  This involved implementing HOTP in Java.  This was not such a chore thanks to Java's easy to use security tools.  However, after writing this from scratch, I realized at the end of the RFC was example source code in Java!  I used this reference implementation for the android app.  I did have to make a minor change to the reference implementation to support more than 10 digits of output for the generated password.

After this step was done, all that was required was to add an option to make a profile either a HOTP profile or a mOTP type, edit some database fields, and generate a new layout for the HOTP generation page.  The Mobile-OTP application is translated into three languages, English, Traditional Chinese, and Simplified Chinese.  A goal of mine was to have all additional strings required for this update to also be translated.  I have tried very hard to make this happen.

I also wanted to implement this change in such a way that if a third OTP comes around the corner (S/Key), that change wouldn't be so hard.  I didn't implement any design patterns per the Gang of Four, the code would not require that many modifications to support another algorithm.
Some screenshots for the visual people (often the first thing I look for when evaluating software):


    Post a Comment