Struct totp_sos::TOTP

pub struct TOTP {
    pub algorithm: Algorithm,
    pub digits: usize,
    pub skew: u8,
    pub step: u64,
    pub secret: Vec<u8>,
    pub account_name: String,
    pub issuer: Option<String>,
}

TOTP holds informations as to how to generate an auth code and validate it. Its secret field is sensitive data, treat it accordingly

Fields

algorithm: Algorithm

SHA-1 is the most widespread algorithm used, and for totp pursposes, SHA-1 hash collisions are not a problem as HMAC-SHA-1 is not impacted. It’s also the main one cited in rfc-6238 even though the reference implementation permits the use of SHA-1, SHA-256 and SHA-512.

Not all clients support other algorithms then SHA-1

digits: usize

The number of digits for the auth code.

Per rfc-4226, this can be in the range between 6 and 8 digits

skew: u8

Number of steps allowed as network delay.

One would mean one step before current step and one step after are valid.

The recommended value per rfc-6238 is 1. Anything more is sketchy and should not be used.

step: u64

Duration in seconds of a step.

The recommended value per rfc-6238 is 30 seconds

secret: Vec<u8>

As per rfc-4226 the secret should come from a strong source, most likely a CSPRNG.

It should be at least 128 bits, but 160 are recommended.

account_name: String

The account name, typically either an email address or username.

The “mock@example.com” part of “Github:mock@example.com”.

Must not contain a colon :.

issuer: Option<String>

The name of your service/website.

The “Github” part of “Github:mock@example.com”.

Must not contain a colon :.

Implementations

impl TOTP

pub fn new(
    algorithm: Algorithm,
    digits: usize,
    skew: u8,
    step: u64,
    secret: Vec<u8>,
    account_name: String,
    issuer: Option<String>
) -> Result<TOTP>

Create a new instance of TOTP with given parameters.

See the doc for reference as to how to choose those values.

• digits: MUST be between 6 & 8
• secret: Must have bitsize of at least 128
• account_name: Must not contain :
• issuer: Must not contain :

pub fn sign(&self, time: u64) -> Vec<u8>

Sign the given timestamp

pub fn generate(&self, time: u64) -> String

Generate a token given the provided timestamp in seconds

pub fn next_step(&self, time: u64) -> u64

Returns the timestamp of the first second for the next step given the provided timestamp in seconds

pub fn next_step_current(&self) -> Result<u64>

Returns the timestamp of the first second of the next step According to system time

pub fn ttl(&self) -> Result<u64>

Give the ttl (in seconds) of the current token

pub fn generate_current(&self) -> Result<String>

Generate a token from the current system time

pub fn check(&self, token: &str, time: u64) -> bool

Check if token is valid given the provided timestamp in seconds, accounting skew

pub fn check_current(&self, token: &str) -> Result<bool>

Check if token is valid by current system time, accounting skew.

pub fn to_secret_base32(&self) -> String

Return the base32 representation of the secret, which might be useful when users want to manually add the secret to their authenticator.

pub fn from_secret_base32<S: AsRef<str>>(secret: S) -> Result<TOTP>

Convert a base32 secret into a TOTP.

The account name is the empty string and the issuer is None; so you should set them explicitly after decoding the secret bytes.

pub fn from_url<S: AsRef<str>>(url: S) -> Result<TOTP>

Generate a TOTP from the standard otpauth URL

pub fn get_url(&self) -> String

Generate a standard URL used to automatically add TOTP auths.

Usually used with a QR code.

Label and issuer will be URL-encoded; the secret will be converted to base32 without padding, as per the RFC.

Trait Implementations

impl Clone for TOTP

fn clone(&self) -> TOTP

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for TOTP

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for TOTP

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
    __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Drop for TOTP

fn drop(&mut self)

Executes the destructor for this type.

impl PartialEq<TOTP> for TOTP

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for TOTP

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>where
    __S: Serializer,

Serialize this value into the given Serde serializer.

impl Zeroize for TOTP

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl ZeroizeOnDrop for TOTP