From 4178a4b8b3f4898db4af9159ea2d3df747a01638 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Mon, 20 Nov 2017 10:37:23 -0800
Subject: [PATCH] GUACAMOLE-96: Include recommended key length for each TOTP
 mode.

---
 .../apache/guacamole/totp/TOTPGenerator.java  | 33 ++++++++++++++++---
 1 file changed, 29 insertions(+), 4 deletions(-)

diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
index b8c0d9561..d075c8afc 100644
--- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
+++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
@@ -124,19 +124,19 @@ public class TOTPGenerator {
          * TOTP mode which generates hashes using SHA1. TOTP in SHA1 mode
          * requires 160-bit keys.
          */
-        SHA1("HmacSHA1"),
+        SHA1("HmacSHA1", 20),
 
         /**
          * TOTP mode which generates hashes using SHA256. TOTP in SHA256 mode
          * requires 256-bit keys.
          */
-        SHA256("HmacSHA256"),
+        SHA256("HmacSHA256", 32),
 
         /**
          * TOTP mode which generates hashes using SHA512. TOTP in SHA512 mode
          * requires 512-bit keys.
          */
-        SHA512("HmacSHA512");
+        SHA512("HmacSHA512", 64);
 
         /**
          * The name of the HMAC algorithm which the TOTP implementation should
@@ -145,6 +145,13 @@ public class TOTPGenerator {
          */
         private final String algorithmName;
 
+        /**
+         * The recommended length of keys generated for TOTP in this mode, in
+         * bytes. Keys are recommended to be the same length as the hash
+         * involved.
+         */
+        private final int recommendedKeyLength;
+
         /**
          * Creates a new TOTP operating mode which is associated with the
          * given HMAC algorithm.
@@ -153,9 +160,14 @@ public class TOTPGenerator {
          *     The name of the HMAC algorithm which the TOTP implementation
          *     should use when operating in this mode, in the format required
          *     by Mac.getInstance().
+         *
+         * @param recommendedKeyLength
+         *     The recommended length of keys generated for TOTP in this mode,
+         *     in bytes.
          */
-        private Mode(String algorithmName) {
+        private Mode(String algorithmName, int recommendedKeyLength) {
             this.algorithmName = algorithmName;
+            this.recommendedKeyLength = recommendedKeyLength;
         }
 
         /**
@@ -171,6 +183,19 @@ public class TOTPGenerator {
             return algorithmName;
         }
 
+        /**
+         * Returns the recommended length of keys generated for TOTP in this
+         * mode, in bytes. Keys are recommended to be the same length as the
+         * hash involved.
+         *
+         * @return
+         *     The recommended length of keys generated for TOTP in this mode,
+         *     in bytes.
+         */
+        public int getRecommendedKeyLength() {
+            return recommendedKeyLength;
+        }
+
     }
 
     /**