totp

package module
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 28, 2021 License: MIT Imports: 11 Imported by: 0

README

TOTP

Go Reference

This project is a minimalistic implementation of RFC 4226 and RFC 6238 in Go. SHA1, SHA2-256, and SHA2-512 are currently supported as hash functions.

Only base-32 keys are supported.

Supported hash functions: SHA1, SHA2-256, and SHA2-512.

Usage Overview

package main

import (
	"fmt"
	"log"

	"codeberg.org/w8x0/totp"
)

func main() {
	// Generates a 160-bit secret in base-32-encoding
	base32Secret, err := totp.GenerateSecret(20)
	if err != nil {
		log.Fatalf("main: GenerateSecret returned an error: %v", err)
	}
	fmt.Println(base32Secret) // Prints "4W2X5IJNBME2R3VUMLREVYXP3H2OFKP2"

	totp, err := totp.GenerateDefault(base32Secret)
	if err != nil {
		log.Fatalf("main: GenerateDefault returned an error: %v", err)
	}
	fmt.Println(totp) // Prints "075151" (a 6-digit TOTP)

	totp, err = totp.GenerateVerbose(
		base32Secret,
		"SHA2-512", // Tell Generate to use the SHA2-512 hash function
		8, // Number of digits = 8
		45) // Time-step = 45 seconds
	if err != nil {
		log.Fatalf("main: GenerateVerbose returned an error: %v", err)
	}
	fmt.Println(totp) // Prints "90065898" (an 8-digit TOTP)
}

You can also validate TOTP parameters using ValidateVerbose and Validate:

err := ValidateVerbose("4W2X5IJNBME2R3VUMLREVYXP3H2OFKP2", "SHA1", 12, 30)
if err != nil {
	log.Fatal(err) // "Digits cannot be greater than 10."
}
err = Validate("JBSWY3DPEHPK3PXP1298")
if err != nil {
	log.Fatal(err) // "illegal base32 data at input byte 16"
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateDefault

func GenerateDefault(secretKey string) (string, error)

GenerateDefault computes the time-based one-time password according to RFC 6238, using standard defaults: SHA1 as the hash function, 6 as the number of digits in the TOTP, 30 as the time-step, and 0 as T0, the start time. The secret key should be passed as a base-32-encoded string.

func GenerateSecret

func GenerateSecret(length int) (string, error)

GenerateSecret returns a cryptographically secure base-32-encoded secret key of "length" underlying bytes.

func GenerateVerbose

func GenerateVerbose(secretKey string, hashAlgorithm string, digits byte, timeStep int64) (string, error)

GenerateVerbose computes the time-based one-time password according to RFC 6238. Unlike GenerateDefault, it allows for choosing different hash functions, number of digits, and time-steps. "secretKey" is a base-32-encoded string. "hashAlgorithm" can take the values "SHA1", "SHA2-256", and "SHA2-512". "digits" has to be less than 11, since HOTP theoretically only supports a maximum of 10 digits. Even though T0, the "start time," should also be an input parameter, it seems like virtually no one uses anything other than T0 = 0. Therefore, I omitted it.

func Validate added in v1.0.1

func Validate(secretKey string) error

func ValidateVerbose added in v1.0.1

func ValidateVerbose(secretKey string, hashAlgorithm string, digits byte, timeStep int64) error

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL