2 unstable releases

0.2.0 Jun 6, 2021
0.1.0 May 25, 2019

#670 in Authentication

MIT/Apache

14KB
140 lines

This crate provides a Rust implementation of RFC 4226, which defines the HMAC-based one-time password (HOTP) algorithm.


lib.rs:

Implementation of IETF RFC 4226, "HOTP: An HMAC-Based One-Time Password Algorithm."

Examples

[The workhorse hotp function][hotp] returns a [Token][Token] of the specified length:

let key = b"ferris23!@#$%^&*()";
let counter = 9001_u64;
let token: Token<6> = hotp(key, counter).unwrap();
assert_eq!(token, Token(852888));

The crate makes extensive use of "const generics" to encode token lengths in all operations, forcing consumers to specify exactly what, for instance, "is the token equal to this number?" means. This explicitness also enables some nice features, such as automatic zero-padding of tokens to the correct length for display to a user:

let key = b"ferris23!@#$%^&*()";
let counter = 292167_u64;
let token: Token<6> = hotp(key, counter).unwrap();
// Equivalent:
let token = hotp::<_, _, 6>(key, counter).unwrap();
assert_eq!(token.to_string(), "000000");

This type-level encoding is also used to ensure that the HOTP spec is followed closely at compile time.

let key = b"ferris23!@#$%^&*()";
let counter = 9001_u64;
// The HOTP spec only allows tokens of length 6–9
let pin: Token<4> = hotp(key, counter).unwrap();

Dependencies

~5.5–7.5MB
~225K SLoC