otp

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2016 License: BSD-3-Clause Imports: 7 Imported by: 20

README

Build Status

OTP

Package go-otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens and Google Authenticator. Currently this supports both HOTP (RFC-4226) and TOTP (RFC-6238).

Install

$ go get github.com/hgfischer/go-otp

Usage

Check API docs, with examples, at http://godoc.org/github.com/hgfischer/go-otp

License

Copyright (c) 2014, Herbert G. Fischer All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the organization nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL HERBERT G. FISCHER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Documentation

Overview

Package otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens and Google Authenticator. Currently this supports both HOTP (RFC-4226) and TOTP (RFC-6238).

All tests used in this package, uses reference values from both RFCs to ensure compatibility with another OTP implementations.

Index

Constants

View Source 
const (
	DefaultLength             = 6   // Default length of the generated tokens
	DefaultPeriod             = 30  // Default time period for TOTP tokens, in seconds
	DefaultRandomSecretLength = 100 // Default random secret length
	DefaultWindowBack         = 1   // Default TOTP verification window back steps
	DefaultWindowForward      = 1   // Default TOTP verification window forward steps
)

Default settings for all generators

View Source 
const (
	MaxLength = 10 // Maximum token length
)

Maximum values for all generators

Variables

This section is empty.

Functions

This section is empty.

Types

type HOTP 

type HOTP struct {
	Secret         string // The secret used to generate the token
	Length         uint8  // The token size, with a maximum determined by MaxLength
	Counter        uint64 // The counter used as moving factor
	IsBase32Secret bool   // If true, the secret will be used as a Base32 encoded string
}

HOTP is used to generate tokens based on RFC-4226.

Example: 

hotp := &HOTP{Secret: "your-secret", Counter: 1000, Length: 8, IsBase32Secret: true}
token := hotp.Get()

HOTP assumes a set of default values for Secret, Length, Counter, and IsBase32Secret. If no Secret is informed, HOTP will generate a random one that you need to store with the Counter, for future token verifications. Check this package constants to see the current default values.

func (*HOTP) Get 

func (h *HOTP) Get() string

Get a token generated with the current HOTP settings

type TOTP 

type TOTP struct {
	Secret         string    // The secret used to generate a token
	Length         uint8     // The token length
	Time           time.Time // The time used to generate the token
	IsBase32Secret bool      //
	Period         uint8     // The step size to slice time, in seconds
	WindowBack     uint8     // How many steps HOTP will go backwards to validate a token
	WindowForward  uint8     // How many steps HOTP will go forward to validate a token
}

TOTP is used to generate tokens based on RFC-6238.

Example: 

totp := &TOTP{Secret: "your-secret", IsBase32Secret: true}
token := totp.Get()

TOTP assumes a set of default values for Secret, Length, Time, Period, WindowBack, WindowForward and IsBase32Secret

If no Secret is informed, TOTP will generate a random one that you need to store with the Counter, for future token verifications.

Check this package constants to see the current default values.

func (*TOTP) Get 

func (t *TOTP) Get() string

Get a time-based token

func (*TOTP) Now 

func (t *TOTP) Now() *TOTP

Now is a fluent interface to set the TOTP generator's time to the current date/time

func (TOTP) Verify 

func (t TOTP) Verify(token string) bool

Verify a token with the current settings, including the WindowBack and WindowForward

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.