#otp #totp #hotp #authenticator #thotp


An RFC based implementation of TOTPs and HOTPs

2 releases

Uses new Rust 2021

0.1.11 Oct 3, 2022
0.1.1 Oct 2, 2022
0.1.0 Oct 2, 2022

#280 in Cryptography

MIT license

519 lines

Time and Hmac based One Time Passwords

OTP implementations based on RFC 4226 for Hmac-based OTPs and RFC 6238 for Time-based OTPs.

By default all features are enabled, if you wish only to use the default functionality (no encoding, custom or qr modules), use the flag default-features = false

This module by itself allows you to generate and verify TOTPs and HOTPs using the default algorithm SHA-1, the default digit length of 6 and the default time step of 30 for TOTPs.

The following applies only if you set default-features = false, by default they are included:

If you need finer controls over password generation and verification use the custom_otp feature flag to gain access to the custom module.

The encoding feature flag gives access to the encoding module which provides 2 basic functions to encode and decode the generated keys to an encoding of choice avilable from the data_encoding crate.

The qr feature flag gives access to the qr module and enables QR code generation of the generated secret keys ready to be used by authenticator apps.

Example usage

use thotp::{
    encoding::{encode, decode},
use std::time::{SystemTime, UNIX_EPOCH};

// The default time step used by this module internally
const TIME_STEP: u8 = 30;

// Generate an encoded secret

let secret = generate_secret(80);

// The data_encoding crate is re-exported for convenience
let encoded = encode(&secret, data_encoding::BASE32);
// Store the secret somewhere safe

let qr_code = generate_code(
    // Type of otp
    // The encoded secret
    // Your big corp title
    "Big Corp:john.doe@email.com",
    // Your big corp issuer
    "Big Corp",
    // The qr code width (None defaults to 200)
    // The qr code height (None defaults to 200)
    // Correction level, M is the default
.expect("uh oh");

// Scan qr with some authenticator app

// Verify a password provided from the client, assume this is what they calculated

// When generating an OTP we have to calculate the current time slice
let time_step_now = SystemTime::now()
     / TIME_STEP as u64;

let pw = otp(&secret, time_step_now).unwrap();

// The verify function does this internally
let (result, discrepancy) = verify_totp(&pw, &secret, 0).unwrap();

assert_eq!((true, 0),(result, discrepancy));

There are 3 constants used by this module internally;

The DIGITS_DEFAULT constant is the default password length generated by the otp function as well as when verifying and is equal to 6.

The TIME_STEP is the default and RFC recommended time step used to divide the duration in seconds from now until the unix epoch and is equal to 30.

When TOTPs are generated, there is a chance they will be generated at the end of a time step and by the time they reach the server the password would be invalid because it would fall in the previous time step. This is mitigated by allowing passwords from ALLOWED_DRIFT time steps prior and subsequent to the current to be valid. The value of this is the RFC recommended amount 1, meaning the passwords from the time slice prior and subsequent to the current one are considered valid.

The same drift can happen with HOTPs with the counter, and a lookahead parameter can be used to adjust how many passwords will be considered valid from the current counter.


~40K SLoC