#totp #hotp #ocra


An implementation of OATH algorithms in Rust. Includes TOTP, HOTP, and OCRA.

8 releases

Uses old Rust 2015

0.10.2 Jun 4, 2017
0.10.1 May 26, 2017
0.1.4 Nov 28, 2015
0.1.3 Mar 28, 2015
0.0.3 Mar 2, 2015

#1100 in Cryptography

Download history 116/week @ 2023-11-06 74/week @ 2023-11-13 112/week @ 2023-11-20 106/week @ 2023-11-27 75/week @ 2023-12-04 81/week @ 2023-12-11 94/week @ 2023-12-18 89/week @ 2023-12-25 56/week @ 2024-01-01 95/week @ 2024-01-08 82/week @ 2024-01-15 75/week @ 2024-01-22 73/week @ 2024-01-29 68/week @ 2024-02-05 125/week @ 2024-02-12 209/week @ 2024-02-19

476 downloads per month
Used in 6 crates (5 directly)

MIT license

322 lines


Build Status oath on crates.io Documentation MIT license

This library aims to provide implementations of HOTP, TOTP, and OCRA as specified by the RFCs.


WARNING While ieee754 is broken, RAMP fails to compile. OCRA numeric question mode can't use long Int, it is forced to use u64 instead. This data type leads us to question length limitation: 19 symbols. Number must fit u64. For default challenge format (N08) it is more that enough.



extern crate oath;

use oath::hotp;

fn main () {
    assert_eq!(hotp("ff", 23, 6).unwrap(), 330795);


All the times below are in seconds.

extern crate oath;

use oath::{totp_raw_now, HashType};

fn main () {
    // Return value differs every 30 seconds.
    totp_raw_now(b"12345678901234567890", 6, 0, 30, &HashType::SHA1);


extern crate oath;

use oath::ocra;

let NULL: &[u8] = &[];
let STANDARD_KEY_20: &[u8] = &[0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30,
                               0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30];
let STANDARD_KEY_32 = "12345678901234567890123456789012".as_bytes();
let STANDARD_KEY_64 = "1234567890123456789012345678901234567890123456789012345678901234".as_bytes();
let PIN_1234_SHA1: &[u8] = &[0x71, 0x10, 0xed, 0xa4, 0xd0, 0x9e, 0x06, 0x2a, 0xa5, 0xe4,
                             0xa3, 0x90, 0xb0, 0xa5, 0x72, 0xac, 0x0d, 0x2c, 0x02, 0x20];

let suite = "OCRA-1:HOTP-SHA1-6:QN08";
let result = ocra(&suite, &STANDARD_KEY_20, 0, "00000000", NULL, NULL, 0)
assert_eq!(result, Ok(237653));

// Attention! PIN must be already hashed!
let suite_c = "OCRA-1:HOTP-SHA256-8:C-QN08-PSHA1";
let result_c = ocra(&suite_c, &STANDARD_KEY_32, 8, "12345678", PIN_1234_SHA1, NULL, 0);
assert_eq!(result_c, Ok(75011558));

let suite_t = "OCRA-1:HOTP-SHA512-8:QN08-T1M";
let t = 1_206_446_760; // UTC time in seconds
let result_t = ocra(&suite, &STANDARD_KEY_64, 18, "22222222", NULL, NULL, t);
assert_eq!(result_t, Ok(22048402));

Google Authenticator

Keys provided by Google are encoded using base32. You'll need to convert them before passing them to any of the functions in this crate.

A simple way to do this is using the base32 crate.

// assuming AAAAAAAAAAAAAAAA is your key
base32::decode(base32::Alphabet::RFC4648 {padding: false}, "AAAAAAAAAAAAAAAA").unwrap().as_ref()

And pass the result of that as the key parameter to the HOTP and TOTP functions.


If you don't want to use other crates for hex conversion, this library provides a convenient function from_hex(). This helps with the functions that expect byte arrays.

let seed = oath::from_hex("ff").unwrap();
totp_raw(seed.as_slice(), 6, 0, 30);


This library is licensed under the MIT license. If you're a potential user, or a current user, and this license causes an issue for you, I'm willing to consider multi-licensing it.


~13K SLoC