otp_crypto/otp_crypto_config library

OTP Crypto – Global configuration (Singleton)

Holds protocol settings and keying material shared by both Encryptor/Decryptor. This class does not perform crypto itself; it only centralizes configuration like protocol version, window size, and HKDF inputs.

SECURITY NOTES:

  • masterKey must be at least 32 bytes (AES-256).
  • Provide the key as bytes (never as a UTF-8 string).
  • Time is abstracted with TimeProvider for testability.
  • Re-initialization is intentionally disallowed by default to avoid key swaps at runtime. Use forceReinitialize only in controlled contexts (e.g., tests).

Classes

OtpCryptoConfig
Immutable, process-wide configuration for the OTP crypto protocol.
TimeProvider
Abstraction for providing current time (UNIX epoch seconds). Implementations should return UTC-based seconds.