totally
Types
Number of digits in the OTP. The spec allows for 6 to 8 digits.
pub type Digits {
Six
Seven
Eight
}Constructors
-
Six -
Seven -
Eight
Algorithm used for the hash function
pub type TotpAlgorithm {
Sha1
Sha256
Sha512
}Constructors
-
Sha1 -
Sha256 -
Sha512
Configuration for the TOTP.
Create one with new and customize it with the set_* functions.
pub opaque type TotpConfigValues
pub fn is_valid(
secret secret: BitArray,
input totp_input: String,
) -> Result(Bool, TotpError)Checks if the given TOTP input matches the current code for the secret.
Does not check for replay attacks. Use is_valid_with_last_use or
is_valid_from_config with set_last_use for replay protection.
pub fn is_valid_from_config(
config: TotpConfig,
input totp_input: String,
) -> BoolChecks if the given TOTP input matches the current code for the config. Automatically uses the current time for verification.
pub fn is_valid_with_last_use(
secret secret: BitArray,
input totp_input: String,
last_use last_use: timestamp.Timestamp,
) -> Result(Bool, TotpError)Checks if the given TOTP input matches the current code for the secret,
rejecting codes that were already used in the same time window as last_use.
pub fn new(secret: BitArray) -> Result(TotpConfig, TotpError)Creates a TOTP configuration with the given secret and default values: algorithm: Sha1, period: 30, digits: 6. These are the most commonly used TOTP settings. The secret must be at least 16 bytes (128 bits).
pub fn otpauth_uri(
secret secret: BitArray,
issuer issuer: String,
account account_name: String,
) -> Result(String, TotpError)Generates an otpauth URI for the given secret, issuer and account name. The secret must be at least 16 bytes (128 bits). The otpauth URI is used to generate QR codes for TOTP.
pub fn otpauth_uri_from_config(config: TotpConfig) -> StringGenerates an otpauth URI for the given TOTP configuration.
pub fn secret() -> BitArrayGenerates a random 20 byte secret. 20 bytes is the recommended size according to the HOTP RFC4226 (https://tools.ietf.org/html/rfc4226#section-4).
pub fn secret_with_size(size: Int) -> Result(BitArray, TotpError)Generates a random secret with the given size. Must be at least 16 bytes.
pub fn set_account(
config: TotpConfig,
account: String,
) -> TotpConfigSets the account for the TOTP configuration.
pub fn set_algorithm(
config: TotpConfig,
algorithm: TotpAlgorithm,
) -> TotpConfigSets the algorithm for the TOTP configuration. Most commonly used is Sha1.
pub fn set_digits(
config: TotpConfig,
digits: Digits,
) -> TotpConfigSets the digits for the TOTP configuration.
pub fn set_issuer(
config: TotpConfig,
issuer: String,
) -> TotpConfigSets the issuer for the TOTP configuration. Used for the otpauth URI.
pub fn set_last_use(
config: TotpConfig,
last_use: timestamp.Timestamp,
) -> TotpConfigSets the last use time for the TOTP configuration. Used to prevent replay attacks.
pub fn set_last_use_now(config: TotpConfig) -> TotpConfigSets the last use time for the TOTP configuration to the current time.
pub fn set_period(
config: TotpConfig,
period: Int,
) -> Result(TotpConfig, TotpError)Sets the refresh period in seconds for the TOTP configuration. Must be greater than 0.
pub fn set_time(
config: TotpConfig,
time: timestamp.Timestamp,
) -> TotpConfigSets the time for OTP generation.
This is only used by totp_from_config. Verification functions
use the current time automatically.
pub fn set_time_now(config: TotpConfig) -> TotpConfigSets the time for OTP generation to the current time.
This is only used by totp_from_config. Verification functions
use the current time automatically.
pub fn string_to_otp(otp: String) -> Result(Otp, TotpError)Converts a valid OTP string to an OTP type.
pub fn totp(secret: BitArray) -> Result(Otp, TotpError)Generates a TOTP using the given secret and default configuration. The secret must be at least 16 bytes (128 bits).
pub fn totp_from_config(config: TotpConfig) -> OtpGenerates a TOTP using the given TOTP configuration.
Make sure to set the time with set_time or set_time_now first.