michael/totp-rs
michael
/
totp-rs
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
70 Commits 1 Branch 0 Tags 252 KiB
Rust 100%
Go to file
ironhaven c30d02b512
Use last byte of HMAC output for truncating 
This is to use the least significant byte of the HMAC regardless of size. RFC 6328 (TOTP) Section 1.2 says you can use SHA-1 SHA-256 or SHA-512 with the same algorithm of RFC 4226 (HTOP). This seems ok until you realize that all the new HMACs have different output sizes and HTOP only expects a 20 byte fixed MAC. It is not completely clear if RFC 4226 Section 5.3 means "get the bottom 4 bits from byte at offset 19" or "get the 4 least significant bits". Other implementations (6568c1a83a/src/pyotp/otp.py (L28)) and Wikipedia read the "Dynamic Truncation" algorithm to be the last 4 bits of the MAC, so I think this implementation should follow the others.
 		2022-03-07 23:10:31 -06:00
.github/workflows Update security.yml 2022-01-13 18:33:33 +01:00
src Use last byte of HMAC output for truncating 2022-03-07 23:10:31 -06:00
.gitignore First commit 2020-04-11 21:24:50 +02:00
Cargo.toml Bump version 2022-02-10 11:25:41 +01:00
LICENSE Changed to 7.0 for 2021 edition 2022-01-13 16:23:07 +01:00
README.md Update README.md 2022-02-10 10:34:28 +01:00

README.md

totp-rs

Build Status docs codecov cargo-audit

This library permits the creation of 2FA authentification tokens per TOTP, the verification of said tokens, with configurable time skew, validity time of each token, algorithm and number of digits! Default features are kept as lightweight as possible to ensure small binaries and short compilation time

Be aware that some authenticator apps will accept the SHA256 and SHA512 algorithms but silently fallback to SHA1 which will make the check() function fail due to mismatched algorithms.

Features

qr

With optional feature "qr", you can use it to generate a base64 png qrcode

serde_support

With optional feature "serde_support", library-defined types will be Deserialize-able and Serialize-able

How to use

Add it to your Cargo.toml:

[dependencies]
totp-rs = "~0.7"

You can then do something like:

use std::time::SystemTime;
use totp_rs::{Algorithm, TOTP};

let totp = TOTP::new(
    Algorithm::SHA1,
    6,
    1,
    30,
    "supersecret",
);
let time = SystemTime::now()
    .duration_since(SystemTime::UNIX_EPOCH).unwrap()
    .as_secs();
let url = totp.get_url("user@example.com", "my-org.com");
println!("{}", url);
let token = totp.generate(time);
println!("{}", token);

With qrcode generation

Add it to your Cargo.toml:

[dependencies.totp-rs]
version = "~0.7"
features = ["qr"]

You can then do something like:

use totp_rs::{Algorithm, TOTP};

let totp = TOTP::new(
    Algorithm::SHA1,
    6,
    1,
    30,
    "supersecret",
);
let code = totp.get_qr("user@example.com", "my-org.com")?;
println!("{}", code);

With serde support

Add it to your Cargo.toml:

[dependencies.totp-rs]
version = "~0.7"
features = ["serde_support"]