Expand description
Zero-dependency TOTP / HOTP implementation with optional QR code support.
roka-totp is a from-scratch implementation of RFC 6238 (TOTP) and
RFC 4226 (HOTP). It carries its own SHA-1, HMAC, and Base32 — no crypto
crate is pulled in, no unsafe is used.
§Quick start
use roka_totp::{Totp, Secret};
let secret = Secret::from_base32("JBSWY3DPEHPK3PXP")?;
let totp = Totp::builder(secret)
.issuer("Acme")
.account("alice@example.com")
.build();
let code: String = totp.code_at(0); // current 6-digit OTP at UNIX time 0
assert_eq!(code, "282760");
let uri = totp.uri();
assert!(uri.starts_with("otpauth://totp/Acme:alice"));§Highlights
- Zero external crate dependencies —
stdonly. - No
unsafe. - RFC test vectors verified — SHA-1 (RFC 3174), HMAC (RFC 2202), HOTP (RFC 4226 Appendix D), TOTP (RFC 6238 Appendix B).
- otpauth URI build ready for QR pairing.
Structs§
- Hotp
- HOTP — RFC 4226 counter-based one-time password.
- Secret
- A TOTP / HOTP shared secret (raw bytes).
- Totp
- TOTP — RFC 6238 time-based one-time password.
- Totp
Builder - Builder for
Totp.
Enums§
Constants§
- DEFAULT_
DIGITS - Default OTP digit count (6).
- DEFAULT_
STEP - Default time step in seconds (30 — the RFC 6238 standard).