E-signature App is a one-time password authentication based software.
It allows users of the ERP of the Helipistas company to digitally sign documents generated by the ERP itself.
It includes implementations for the generation of one-time password authentication codes for the identification and authorization of the documentation generated by the ERP.
One-time codes are generated using open standards developed by The Initiative for Open Authentication (OATH).
These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.
The service provider generates an 80-bit secret key for each user. This is supplied as a 16-character base32 encoded string or as a QR code. The client creates an HMAC-SHA1 message using this secret key. The message thus generated is based on 1 minute periods elapsed since Unix epoch.
A portion of the HMAC is extracted and converted to a 6-digit code.