ns_hotp(n) 5.0.0a naviserver "NaviServer Built-in Commands"

Name

ns_hotp - Returns a decimal-coded one-time password (HOTP)

Table Of Contents

• Table Of Contents
• Synopsis
• Description
• COMMANDS
• OPTIONS
• See Also
• Keywords

Synopsis

Description

The function returns a one-time password based on the HMAC algorithm (HOTP) as described in RFC-4226, allowing the choice of message digest algorithm and the number of digits for the truncated output.

RFC-4226 defines HOTP as:

 HOTP(K,C) = Truncate(HMAC-SHA-1(K,C))
 
 K: key
 C: counter (moving factor for one time passwd)

The implemented function ns_hotp is an extension of the standard RFC by allowing you to specify the message digest algorithm and the number of characters in the truncated output.

The command is available when NaviServer is compiled with OpenSSL support and the nsf package is installed.

COMMANDS

ns_hotp ?-digest digest? ?-digits digits? ?-key key? data

data specifies the moving factor for the one-time password (referred to as "C" in the formula above).

OPTIONS

-digest digest

Specifies the digest algorithm used for the HMAC computation. Available algorithms are provided by OpenSSL and include: "dsa", "dsa-sha", "ecdsa-with-sha1", "md4", "md5", "mdc2", "ripemd160", "sha", "sha1", "sha224", "sha256", "sha384", "sha512", and "whirlpool". The default algorithm is "sha256".

-digits digits

Specifies the number of digits for the resulting one-time password. The default is 6 digits.

-key key

Specifies the secret key used to generate the one-time password (corresponds to "K" in the formula above).

 nscp 2> ns_hotp -key "tweedie123" 1
 763540

See Also

ns_crypt, ns_hmac, ns_md, ns_rand, ns_sha1, ns_totp, nsd

Keywords

HOTP, crypto, encoding, nsf