otp

package module
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 10, 2020 License: GPL-3.0 Imports: 10 Imported by: 0

README

otp

pipeline status coverage report Contributor Covenant

One-Time Password algorithm implementations of HOTP (RFC 4226) and TOTP (RFC 6238).

Install

go get -u lab.lostb.one/gophers/otp

Examples

// Sorry, missing right now!

Contributing

When contributing to this project, please note our Code of Conduct.

License

The GNU General Public License v3.0 (GPLv3) - see LICENSE for more details

Documentation

Index

Constants

View Source 
const (
	DefaultLength       = 8   // Default digit token length
	MinLength           = 6   // Minimum digit token length
	MaxLength           = 10  // Maximum digit token length
	DefaultStep         = 30  // Default time step for TOTP tokens in seconds
	DefaultSecretLength = 160 // Default length in bits for newly created secrets
	MinSecretLength     = 128 // Minimum length in bits for newly created secrets
)

Variables

View Source 
var (
	ErrMaxLength    = fmt.Errorf("a %d-digit code is the maximum length", MaxLength)
	ErrMinLength    = fmt.Errorf("a %d-digit code is the minimum length", MinLength)
	ErrSecretLength = fmt.Errorf("the Secret's length must be at least %d bits", MinSecretLength)
)

Functions

func GenerateTokenHOTP 

func GenerateTokenHOTP(h *HOTP, unsafe bool) (string, error)

GenerateTokenHOTP uses the passed HOTP struct to generate a HOTP token if no errors occur. See the HOTP struct's documentation for more information. If unsafe is true, it is allowed to create HOTP tokens from secrets which are too short to be considered safe.

func GenerateTokenTOTP 

func GenerateTokenTOTP(t *TOTP, unsafe bool) (string, error)

GenerateTokenTOTP uses the passed TOTP struct to generate a TOTP token if no errors occur. See the TOTP struct's documentation for more information. If unsafe is true, it is allowed to create HOTP tokens from secrets which are too short to be considered safe.

func ValidateTokenHOTP 

func ValidateTokenHOTP(probable string, h *HOTP, unsafe bool) (bool, error)

ValidateTokenHOTP takes a possible token and a HOTP struct to validate the possible token named probable. It uses an implementation of constant time comparison to minimize the timing attack vector. true is only returned in case the probable input and the token generated using the HOTP struct matched in a byte comparison. If unsafe is true, it is allowed to create HOTP tokens from secrets which are too short to be considered safe.

func ValidateTokenTOTP 

func ValidateTokenTOTP(probable string, t *TOTP, unsafe bool) (bool, error)

ValidateTokenTOTP takes a possible token and a TOTP struct to validate the possible token named probable. It uses an implementation of constant time comparison to minimize the timing attack vector. true is only returned in case the probable input and the token generated using the TOTP struct matched in a byte comparison. If unsafe is true, it is allowed to create HOTP tokens from secrets which are too short to be considered safe.

Types

type Algorithm 

type Algorithm int
const (
	AlgorithmSHA1 Algorithm = iota
	AlgorithmSHA256
	AlgorithmSHA512
)

func (Algorithm) New 

func (a Algorithm) New() hash.Hash

type HOTP 

type HOTP struct {
	Algorithm Algorithm // The algorithm used in the HMAC function.
	Secret    string    // The shared secret, MUST be at least 128 bits, RECOMMENDed 160 bits.
	Counter   uint64    // The moving factor, time, or other value that changes on a per use basis.
	Digits    int       // The number of digits in the OTP. The length MUST be at least 6 digits, up to 10.
	// contains filtered or unexported fields
}

HOTP holds all values used in the generation of HOTP tokens

Algorithm 

Supports SHA-1, SHA-256 and SHA-512 as HMAC algorithms represented by
AlgorithmSHA1, AlgorithmSHA256 and AlgorithmSHA512. AlgorithmSHA1 is used
as default value.

Secret 

Must be specified. The length must at least be 128 bits. 160 bits are
recommended.

Counter 

The moving factor. 0 is used as default value.

Digits 

Supports token lengths in the range including MinLength (6) and MaxLength
(10). DefaultLength (8) is used as default value.

The terms used were based on RFC 4226, for section Notation and Symbols see: https://tools.ietf.org/html/rfc4226#section-5.1

type TOTP 

type TOTP struct {
	Algorithm Algorithm // The algorithm used in the HMAC function.
	Secret    string    // The shared secret, MUST be at least 128 bits, RECOMMENDed 160 bits.
	UnixTime  uint64    // Unix time part to calculate Counter.
	Period    uint      // Step in seconds parto to calculate the Counter.
	Digits    int       // The number of digits in the OTP. The length MUST be at least 6 digits, up to 10.
}

TOTP holds all values used in the generation of TOTP tokens

Algorithm 

Supports SHA-1, SHA-256 and SHA-512 as HMAC algorithms represented by
AlgorithmSHA1, AlgorithmSHA256 and AlgorithmSHA512. AlgorithmSHA1 is used
as default value.

Secret 

Must be specified. The length must at least be 128 bits. 160 bits are
recommended.

UnixTime 

The Unix time to start counting time steps. 0 is used as default value.

Period 

The time step in seconds. DefaultStep (30) is used as default value.

Digits 

Supports token lengths in the range including MinLength (6) and MaxLength
(10). DefaultLength (8) is used as default value.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.