nauthy

    Dark Mode
Search:
Group by:

A library for generating and verifying one-time passwords (OTP). nauthy library implements counter-based OTP (RFC4226) and time-based OTP (RFC6238). Various hash modes are supported: MD5, SHA1, SHA256 and SHA512 as well as custom hash functions.

Basic usage

Some examples to get started:

import nauthy

# Construct a new TOTP with a base-32 encoded key.
var totp = initTotp("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ")
# Print out the current totp value
echo totp.now()

# Construct a new TOTP from a URI.
var otp = otpFromUri(
 "otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co"
)
echo otp.totp.now()

# Build a URI from a TOTP
totp.uri = newUri("Example issuer", "accountname@example.com")
echo totp.buildUri()

Types

Bytes = seq[byte]
  Source Edit 
HashFunc = tuple[hash: proc (input: Bytes): Bytes {...}{.nimcall.}, blockSize: int,
                 name: string]
  Source Edit 
Algorithm = enum
  MD5, SHA1, SHA256, SHA512
  Source Edit 
OtpValueLen = range[6 .. 10]
  Source Edit 
TimeInterval = range[1 .. int.high]
  Source Edit 
EpochSecond = BiggestUInt
  Source Edit 
OtpType = enum
  HotpT = "hotp", TotpT = "totp"
  Source Edit 
Uri = ref object
  issuer: string
  accountname: string
  Source Edit 
Hotp = tuple[key: Bytes, length: OtpValueLen, hashFunc: HashFunc,
             initialCounter: int, uri: Uri]
  Source Edit 
Totp = tuple[key: Bytes, length: OtpValueLen, interval: TimeInterval,
             hashFunc: HashFunc, t0: EpochSecond, uri: Uri]
  Source Edit 
Otp = ref object
  case otpType*: OtpType
  of HotpT:
    hotp*: Hotp
  of TotpT:
    totp*: Totp
  Source Edit

Lets

sha1Hash: HashFunc = (hash: sha1Digest, blockSize: 64, name: "SHA1")
  Source Edit 
md5Hash: HashFunc = (hash: md5Digest, blockSize: 64, name: "MD5")
  Source Edit 
sha256Hash: HashFunc = (hash: sha256Digest, blockSize: 64, name: "SHA256")
  Source Edit 
sha512Hash: HashFunc = (hash: sha512Digest, blockSize: 128, name: "SHA512")
  Source Edit

Procs

proc `$`(u: Uri): string {...}{.raises: [ValueError], tags: [].}
  Source Edit 
proc initHotp(key: string | Bytes; b32Decode: bool = false;
              length: OtpValueLen = 6; hashFunc: HashFunc = sha1Hash): Hotp
Constructs a new HOTP. sha1Hash is the default but other hash modes are also available: md5Hash, sha256Hash and sha512Hash. Custom hash functions are also accepted. If the given key is base32-encoded, give the b32Decode argument as true.   Source Edit 
proc initTotp(key: string | Bytes; b32Decode: bool = true;
              length: OtpValueLen = 6; interval: TimeInterval = 30;
              hashFunc: HashFunc = sha1Hash; t0: EpochSecond = 0): Totp
Constructs a new TOTP. sha1Hash is the default but other hash modes are also available: md5Hash, sha256Hash and sha512Hash. Custom hash functions are also accepted. If the given key is base32-encoded, give the b32Decode argument as true.   Source Edit 
proc newUri(issuer: string; accountname: string): Uri {...}{.raises: [], tags: [].}
Constructs a new URI.   Source Edit 
proc getName(uri: Uri): string {...}{.raises: [], tags: [].}
Extract account name from a URI.   Source Edit 
proc getIssuer(uri: Uri): string {...}{.raises: [], tags: [].}
Extract issuer from a URI.   Source Edit 
proc otpFromUri(uri: string): Otp {...}{.raises: [ValueError, KeyError,
    CatchableError], tags: [].}
Initialize HOTP/TOTP from a URI.

Example:

let otp = otpFromUri(
  "otpauth://totp/ACME:john@dot.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME"
  )
var totp = otp.totp
echo totp.now()
  Source Edit 
proc buildUri(hotp: Hotp): string {...}{.raises: [], tags: [].}
Build URI from HOTP.   Source Edit 
proc buildUri(totp: Totp): string {...}{.raises: [], tags: [].}
Build URI from TOTP.   Source Edit 
proc `$`(hotp: Hotp): string {...}{.raises: [], tags: [].}
This is the same as hotp.buildUri().   Source Edit 
proc `$`(totp: Totp): string {...}{.raises: [], tags: [].}
This is the same as totp.buildUri().   Source Edit 
proc at(hotp: Hotp; counter: SomeInteger): string
Get HOTP value at counter.   Source Edit 
proc at(totp: Totp; utime: EpochSecond): string {...}{.raises: [Exception],
    tags: [RootEffect].}
Get TOTP value at time utime.   Source Edit 
proc now(totp: Totp): string {...}{.raises: [Exception],
                               tags: [RootEffect, TimeEffect].}
Get TOTP value at current time.   Source Edit 
proc verify(hotp: Hotp; value: string; counter: SomeInteger): bool
Verify that the given HOTP value is correct.   Source Edit 
proc verify(totp: Totp; value: string; now: EpochSecond = currentTime()): bool {...}{.
    raises: [Exception], tags: [RootEffect].}
Verify that the given TOTP value is correct.   Source Edit 
proc randomBase32(): string {...}{.raises: [], tags: [TimeEffect].}
Generates a random 16-characters Base-32 encoded string. Compatible with other OTP apps such as Google Authenticator and Authy.   Source Edit

Made with Nim. Generated: 2021-07-03 04:22:10 UTC