package module
v0.0.4 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Aug 12, 2022 License: BSD-2-Clause Imports: 9 Imported by: 3



GoDoc Issue Tracker

The code.soquee.net/otp package is a Go package used for generating one time passwords via TOTP or HOTP.

import (


The package may be used under the terms of the BSD 2-Clause License a copy of which may be found in the LICENSE file.

Unless you explicitly state otherwise, any contribution submitted for inclusion in the work by you shall be licensed as above, without any additional terms or conditions.



Package otp implemnts HOTP and TOTP one-time passwords.

Example (Totp)
package main

import (


func main() {
	const secret = "12345678901234567890123456789012"

	o := otp.NewOTP([]byte(secret), 8, sha256.New, otp.TOTP(30*time.Second, func() time.Time {
		// You would normally pass in time.Now, or possibly a time function that
		// subtracts some multiple of the period to correct for clock-drift.
		tt, _ := time.Parse("2006-01-02 15:04:05", "1970-01-01 00:00:59")
		return tt
	fmt.Println(o(0, nil))





This section is empty.


This section is empty.


func NewOTP

func NewOTP(key []byte, l int, h func() hash.Hash, c CounterFunc) func(offset int, dst []byte) int32

NewOTP returns a function that generates hmac-based one-time passwords. Each time the returned function is called it calls c and appends the one-time password to dst. It also returns a 31-bit representation of the value. The key is the shared secret, l is the length of the output number (if l is less than or equal to 0, NewOTP panics), h is a function that returns the inner and outer hash mechanisms for the HMAC, and c returns the seed used to generate the key.

func URL

func URL(key []byte, step time.Duration, l int, hash crypto.Hash, domain, email string) *url.URL

URL returns a URL that is compatible with many popular OTP apps such as FreeOTP, Yubico Authenticator, and Google Authenticator.

Supported hashes are SHA1, SHA256, and SHA512. Anything else will default to SHA1.


type CounterFunc

type CounterFunc func(offset int) uint64

CounterFunc is a function that is called when generating a one-time password and returns a seed value. In HOTP this will be an incrementing counter, in TOTP it is a function of the current time. Offset indicates that we want the token relative to the current token by offset (eg. -1 for the previous token).

func TOTP

func TOTP(step time.Duration, t func() time.Time) CounterFunc

TOTP returns a counter function that can be used to generate HOTP tokens compatible with the Time-Based One-Time Password Algorithm (TOTP) defined in RFC 6238.

If a zero duration is provided, a default of 30 seconds is used. If no time function is provided, time.Now is used.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL