Expand description
§otp — Rust Implementation of HMAC and Time based one-time passwords.
This crate provides a fully self-contained implementation of the HOTP (HMAC-based One-Time Password) and TOTP (Time-based One-Time Password).
§Features
- HOTP: Counter-based one-time password generator and validator.
- TOTP: Time-based one-time password generator and validator.
- URI generation: Generate otpauth-compatible URIs for use with QR code generation (e.g., Google Authenticator).
§Example (TOTP)
use otp::{Totp, Algorithm, Secret};
let totp = Totp::new(
Algorithm::SHA1,
"example.com".into(),
"user@example.com".into(),
6,
30,
Secret::from_bytes(b"my-secret"),
);
let timestamp = std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.expect("Clock may have gone backwards")
.as_secs();
let otp = totp.generate_at(timestamp);
assert!(totp.verify(otp, timestamp, 1));
println!("{}", totp.to_uri());
// "otpauth://totp/example.com%3Auser%40example.com?secret=NV4S243FMNZGK5A&issuer=example.com&algorithm=SHA1&digits=6&period=30"
§References
- RFC 2104 — HMAC: Keyed-Hashing for Message Authentication
- RFC 4226 — HOTP: An HMAC-Based One-Time Password Algorithm
- RFC 6238 — TOTP: Time-Based One-Time Password Algorithm
- RFC 3174 — US Secure Hash Algorithm 1 (SHA1)
- RFC 6234 — US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
- RFC 2202 — Test Cases for HMAC-MD5 and HMAC-SHA-1
- RFC 4231 — Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
- RFC 4648 — The Base16, Base32, and Base64 Data Encodings
- RFC 3986 — Uniform Resource Identifier (URI): Generic Syntax
- Key URI Format — for QR-compatible URIs
Modules§
- encoding
- Utilities for encoding/decoding text.
Structs§
Enums§
- Algorithm
- Enumeration of supported cryptographic hash algorithms for use with HMAC.
Functions§
- hmac
- Computes the HMAC (Hash-based Message Authentication Code) for a given key and message using the specified hashing algorithm.