README
¶
otputil
Documentation
¶
Overview ¶
TOTP: https://en.wikipedia.org/wiki/One-time_password
https://datatracker.ietf.org/doc/html/rfc6238
HOTP: https://en.wikipedia.org/wiki/HMAC-based_one-time_password
https://datatracker.ietf.org/doc/html/rfc4226
The Google Authenticator: https://github.com/google/google-authenticator/wiki
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CalcTOTPCode ¶
createCode creates a new OTP code based on either a time or counter interval. The time is used for TOTP and the counter is used for HOTP algorithm.
func CreateTOTPURI ¶
CreateURI builds the authentication URI which is used to create a QR code. If the counter is set to 0, the algorithm is assumed to be TOTP, otherwise HOTP. REF: https://github.com/google/google-authenticator/wiki/Key-Uri-Format
func CurrInterval ¶
func CurrInterval() int64
func MustVerifyTOTP ¶
func VerifyTOTP ¶
Depending on the given windows size, we handle clock resynchronisation. If the window size is set to 0, resynchronisation is disabled and we just use the current time. Otherwise, backward and forward window is taken into account as well.
Types ¶
type OTP ¶
type OTP struct {
// Issuer represents the service provider. It is you! e.g. your service,
// your application, your organisation so on.
Issuer string
// Account represents the service user. It is the user! e.g. username, email
// address so on.
Account string
// Secret is an arbitrary key value encoded in Base32 and belongs to the
// service user.
Secret string
// Window is used for time (TOTP) and counter (HOTP) synchronization. Given
// that the possible time and counter drifts between client and server, this
// parameter helps overcome such issue. TOTP uses backward and forward time
// window whereas HOTP uses look-ahead counter window that depends on the
// Counter parameter.
// Resynchronisation is an official recommended practise, however the
// lower the better.
// 0 = not recommended as synchronization is disabled
// TOTP: current time
// HOTP: current counter
// 1 = recommended option
// TOTP: previous - current - next
// HOTP: current counter - next counter
// 2 = being overcautious
// TOTP: previous,previous - current - next,next
// HOTP: current counter - next counter - next counter
// * = Higher numbers may cause denial-of-service attacks.
// REF: https://datatracker.ietf.org/doc/html/rfc6238#page-7
// REF: https://datatracker.ietf.org/doc/html/rfc4226#page-11
Window int
// Counter is required for HOTP only and used for provisioning the code. Set
// it to 0 if you with to use TOTP. Start from 1 for HOTP then fetch and use
// the one in the persistent storage. The server counter is incremented only
// after a successful code verification, however the counter on the code is
// incremented every time a new code is requested by the user which causes
// counters being out of sync. For that reason, time-synchronization should
// be enabled.
// REF: https://datatracker.ietf.org/doc/html/rfc4226#page-11
Counter int
}
Source Files