1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
use super::hotp;
#[derive(Debug, Eq, PartialEq, Clone)]
pub struct TOTP {
pub secret: String,
}
impl TOTP {
pub fn new<S: Into<String>>(secret: S) -> TOTP {
TOTP {
secret: secret.into(),
}
}
pub fn generate(&self, period: usize, timestamp: usize) -> u32 {
let counter = timestamp / period;
let hotp_auth = hotp::HOTP::new(&self.secret[..]);
hotp_auth.generate(counter)
}
pub fn verify(&self, code: u32, period: usize, timestamp: usize) -> bool {
let code_str = code.to_string();
let code_bytes = code_str.as_bytes();
if code_bytes.len() > 6 {
return false;
}
let valid_code = self.generate(period, timestamp).to_string();
let valid_bytes = valid_code.as_bytes();
if code_bytes.len() != valid_code.len() {
return false;
}
let mut rv = 0;
for (a, b) in code_bytes.iter().zip(valid_bytes.iter()) {
rv |= a ^ b;
}
rv == 0
}
pub fn to_uri<S: AsRef<str>>(&self, label: S, issuer: S) -> String {
use base32::encode;
use base32::Alphabet::RFC4648;
let encoded_secret = encode(RFC4648 { padding: false }, self.secret.as_bytes());
format!("otpauth://totp/{}?secret={}&issuer={}", label.as_ref(), encoded_secret, issuer.as_ref())
}
}