ns_hotp(n) 4.99.30 naviserver "NaviServer Built-in Commands"

Name

ns_hotp - Returns a decimal-coded one-time password (HOTP)

Table Of Contents

• Table Of Contents
• Synopsis
• Description
• COMMANDS
• OPTIONS
• See Also
• Keywords

Synopsis

Description

The function returns a one time password based on a HMAC algorithm (HOTP) as described in RFC-4226, where the message algorithm can be specified.

RFC-4226 defines HOTP as:

 HOTP(K,C) = Truncate(HMAC-SHA-1(K,C))
 
 K: key
 C: counter (moving factor for one time passwd)

The implemented function ns_hotp is a generalization over RFC by allowing to specify the message digest algorithm and the number of characters of the returned truncated value.

The listed commands is available in installations when NaviServer is compiled with OpenSSL support and where the nsf package is installed.

COMMANDS

ns_hotp ?-digest digest? ?-digits digits? ?-key key? data

data is the moving factor for the one time password ("C" in the formula above).

OPTIONS

-digest digest

Digest algorithm for the checksum computation. The available algorithms are implemented in OpenSSL. The current versions of OpenSSL supports the following message digest algorithms: "dsa dsa-sha ecdsa-with-sha1 md4 md5 mdc2 ripemd160 sha sha1 sha224 sha256 sha384 sha512 whirlpool". The default value is "sha256"

-digits digits

specifies the number of digits of the returned one time password. The default value is 6.

-key key

specifies the secret used for creating one time passwords. ("K" in the formula above).

 nscp 2> ns_hotp -key "tweedie123" 1
 763540

See Also

ns_crypt, ns_hmac, ns_md, ns_rand, ns_sha1, ns_totp, nsd

Keywords

HOTP, crypto, encoding, nsf