Otpauth URI parser

Still WIP but seems to work.
Moved digits & period to TOTP / HOTP structs.
TOTP tests currently fails because I haven't wrote the new constructors.
Doc is missing / inaccurate in some parts.

Author: orion78fr

Cargo.toml

@@ -4,14 +4,15 @@ description = "An easy-to-use library for HOTP and TOTP authentication"
 repository = "https://github.com/tmthecoder/xotp"
 readme = "README.md"
 license = "MIT"
-keywords = ["otp", "hotp", "totp"]
+keywords = ["otp", "hotp", "totp", "otpauth"]
 categories = ["cryptography"]
 authors = ["Tejas Mehta <[email protected]>"]
-version = "0.1.0"
+version = "0.2.0"
 edition = "2021"
 
 [dependencies]
 hmac = "0.12.0"
 sha-1 = "0.10.0"
 sha2 = "0.10.1"
-base32 = "0.4.0"
+base32 = "0.4.0"
+url = "2.2.2"

src/hotp.rs

@@ -1,7 +1,6 @@
 // Implementation of the HOTP standard according to RFC4226 by Tejas Mehta
 
-use crate::util::{get_code, hash_generic, MacDigest};
-use base32::Alphabet;
+use crate::util::{base32_decode, get_code, hash_generic, MacDigest};
 
 /// A HOTP Generator
 ///
@@ -24,27 +23,29 @@ pub struct HOTP {
     /// Often given as a Base32 key, which can be conveniently initialize using
     /// the [`HOTP::from_base32`] initializers
     secret: Vec<u8>,
+
+    digits: u32,
 }
 
 /// All initializer implementations for the [`HOTP`] struct.
-
 impl HOTP {
     /// Creates a new HOTP instance with a byte-array representation
     /// of the secret
     ///
     /// Since only SHA1 was specified in the reference implementation and
     /// RFC specification, there's no need to initialize with a digest object
-    pub fn new(secret: &[u8]) -> Self {
+    pub fn new(secret: &[u8], digits: u32) -> Self {
         HOTP {
             secret: secret.to_vec(),
+            digits,
         }
     }
 
     /// Creates a new HOTP instance from a utf8-encoded string secret
     ///
     /// Internally calls [`HOTP::new`] with the string's byte representation
     pub fn from_utf8(secret: &str) -> Self {
-        HOTP::new(secret.as_bytes())
+        HOTP::new(secret.as_bytes(), 6)
     }
 
     /// Creates a new HOTP instance from a base32-encoded string secret
@@ -55,28 +56,32 @@ impl HOTP {
     /// This method panics if the provided string is not correctly base32
     /// encoded.
     pub fn from_base32(secret: &str) -> Self {
-        let decoded = base32::decode(Alphabet::RFC4648 { padding: false }, secret)
-            .expect("Failed to decode base32 string");
-        HOTP::new(&decoded)
+        let decoded = base32_decode(secret).expect("Failed to decode base32 string");
+        HOTP::new(&decoded, 6)
     }
 }
 
-/// All otp generation methods for the [`HOTP`] struct.
+impl HOTP {
+    pub fn get_digits(&self) -> u32 {
+        self.digits
+    }
+}
 
+/// All otp generation methods for the [`HOTP`] struct.
 impl HOTP {
     /// Generates and returns the HOTP value
     ///
     /// Uses the given counter value with the specified digit count
     ///
     /// # Panics
     /// This method panics if the hash's secret is incorrectly given.
-    pub fn get_otp(&self, counter: u64, digits: u32) -> u32 {
+    pub fn get_otp(&self, counter: u64) -> u32 {
         let hash = hash_generic(&counter.to_be_bytes(), &self.secret, &MacDigest::SHA1);
         let offset = (hash[hash.len() - 1] & 0xf) as usize;
         let bytes: [u8; 4] = hash[offset..offset + 4]
             .try_into()
             .expect("Failed byte get");
 
-        get_code(bytes, digits)
+        get_code(bytes, self.digits)
     }
 }

src/lib.rs

@@ -15,14 +15,14 @@
 //!     let counter = 0;
 //!     // Get a HOTP instance with a '&str' secret
 //!     let hotp_str = HOTP::from_utf8(secret);
-//!     // Get an otp with the given counter and digit count
-//!     let otp_from_str = hotp_str.get_otp(counter, 6);
+//!     // Get an otp with the given counter
+//!     let otp_from_str = hotp_str.get_otp(counter);
 //!     println!("The otp from hotp_str: {}", otp_from_str);
 //!
 //!     // Alternatively, get a HOTP instance with a '&[u8]' secret
-//!     let hotp_bytes = HOTP::new(secret.as_bytes());
-//!     // Get an otp with the given counter and digit count
-//!     let otp_from_bytes = hotp_bytes.get_otp(counter, 6);
+//!     let hotp_bytes = HOTP::new(secret.as_bytes(), 6);
+//!     // Get an otp with the given counter
+//!     let otp_from_bytes = hotp_bytes.get_otp(counter);
 //!     println!("The otp from hotp_bytes: {}", otp_from_bytes);
 //! }
 //! ```
@@ -43,21 +43,21 @@
 //!     // Get a TOTP instance with an '&str' secret and default SHA1 Digest
 //!     let totp_sha1_str = TOTP::from_utf8(secret);
 //!     // Get an otp with the given counter and elapsed seconds
-//!     let otp_sha1 = totp_sha1_str.get_otp(elapsed_seconds, 8);
+//!     let otp_sha1 = totp_sha1_str.get_otp(elapsed_seconds);
 //!     println!("The otp from totp_sha1_str: {}", otp_sha1);
 //!
 //!     // Alternatively get a TOTP instance with an '&[u8]' secret
 //!     // and different digest (Sha256 or Sha512)
-//!     let totp_sha256_bytes = TOTP::new_with_digest(
+//!     let totp_sha256_bytes = TOTP::new(
 //!         secret.as_bytes(),
-//!         MacDigest::SHA256
+//!         MacDigest::SHA256, // SHA256 algorithm
+//!         8,  // 8 digits
+//!         60  // 60 seconds interval
 //!     );
 //!     // Get an otp with the given counter, time and other custom params
-//!     let otp_sha256 = totp_sha256_bytes.get_otp_with_custom(
+//!     let otp_sha256 = totp_sha256_bytes.get_otp_with_custom_time_start(
 //!         elapsed_seconds,
-//!         30, // A 60-second time step
 //!         0, // Start time at unix epoch
-//!         6 // 8-digit code
 //!     );
 //!     println!("The otp from totp_sha256_bytes: {}", otp_sha256);
 //! }

src/totp.rs

@@ -1,5 +1,4 @@
-use crate::util::{get_code, hash_generic, MacDigest};
-use base32::Alphabet;
+use crate::util::{base32_decode, get_code, hash_generic, MacDigest};
 
 /// A TOTP generator
 ///
@@ -30,28 +29,38 @@ pub struct TOTP {
     /// Unless an initializer ending in 'with_digest' is used, this value
     /// defaults to [`MacDigest::SHA1`]
     mac_digest: MacDigest,
+
+    digits: u32,
+
+    period: u64,
 }
 
 /// All initializer implementations for the [`TOTP`] struct
 impl TOTP {
+    pub fn new(secret: &[u8], mac_digest: MacDigest, digits: u32, period: u64) -> Self {
+        TOTP {
+            secret: secret.to_vec(),
+            mac_digest,
+            digits,
+            period,
+        }
+    }
+
     /// Creates a new TOTP instance with a byte-array representation
     /// of the secret
     ///
     /// Defaults to using [`MacDigest::SHA1`] as the digest for HMAC
     /// operations.
-    pub fn new(secret: &[u8]) -> Self {
-        TOTP::new_with_digest(secret, MacDigest::SHA1)
+    pub fn from_secret(secret: &[u8]) -> Self {
+        TOTP::from_secret_with_digest(secret, MacDigest::SHA1)
     }
 
     /// Creates a new TOTP instance with a byte-array representation
     /// of the secret and a specific digest for HMAC operations
     ///
     /// Allows for non-SHA1 algorithms to be used with TOTP generation
-    pub fn new_with_digest(secret: &[u8], mac_digest: MacDigest) -> Self {
-        TOTP {
-            secret: secret.to_vec(),
-            mac_digest,
-        }
+    pub fn from_secret_with_digest(secret: &[u8], mac_digest: MacDigest) -> Self {
+        TOTP::new(secret, mac_digest, 6, 30)
     }
 
     /// Creates a new TOTP instance from a utf8-encoded string secret
@@ -67,7 +76,7 @@ impl TOTP {
     /// Like [`TOTP::new_with_digest`], this method allows a digest to be specified
     /// instead of the default SHA1 being used.
     pub fn from_utf8_with_digest(secret: &str, mac_digest: MacDigest) -> Self {
-        TOTP::new_with_digest(secret.as_bytes(), mac_digest)
+        TOTP::from_secret_with_digest(secret.as_bytes(), mac_digest)
     }
 
     /// Creates a new TOTP instance from a base32-encoded string secret
@@ -90,9 +99,22 @@ impl TOTP {
     /// # Panics
     /// This method panics if the provided string is not correctly base32 encoded.
     pub fn from_base32_with_digest(secret: &str, mac_digest: MacDigest) -> Self {
-        let decoded = base32::decode(Alphabet::RFC4648 { padding: false }, secret)
-            .expect("Failed to decode base32 string");
-        TOTP::new_with_digest(&decoded, mac_digest)
+        let decoded = base32_decode(secret).expect("Failed to decode base32 string");
+        TOTP::from_secret_with_digest(&decoded, mac_digest)
+    }
+}
+
+impl TOTP {
+    pub fn get_digest(&self) -> MacDigest {
+        self.mac_digest
+    }
+
+    pub fn get_digits(&self) -> u32 {
+        self.digits
+    }
+
+    pub fn get_period(&self) -> u64 {
+        self.period
     }
 }
 
@@ -111,8 +133,8 @@ impl TOTP {
     /// # Panics
     /// This method panics if the called [`TOTP::get_otp_with_custom`] method
     /// does, which would happen if the hash's secret is incorrectly given.
-    pub fn get_otp(&self, time: u64, digits: u32) -> u32 {
-        self.get_otp_with_custom(time, 30, 0, digits)
+    pub fn get_otp(&self, time: u64) -> u32 {
+        self.get_otp_with_custom_time_start(time, 0)
     }
 
     /// Generates and returns the TOTP value for the time with a provided step,
@@ -125,21 +147,15 @@ impl TOTP {
     ///
     /// # Panics
     /// This method panics if the hash's secret is incorrectly given.
-    pub fn get_otp_with_custom(
-        &self,
-        time: u64,
-        time_step: u64,
-        time_start: u64,
-        digits: u32,
-    ) -> u32 {
-        let time_count = (time - time_start) / time_step;
+    pub fn get_otp_with_custom_time_start(&self, time: u64, time_start: u64) -> u32 {
+        let time_count = (time - time_start) / self.period;
 
         let hash = hash_generic(&time_count.to_be_bytes(), &self.secret, &self.mac_digest);
         let offset = (hash[hash.len() - 1] & 0xf) as usize;
         let bytes: [u8; 4] = hash[offset..offset + 4]
             .try_into()
             .expect("Failed byte get");
 
-        get_code(bytes, digits)
+        get_code(bytes, self.digits)
     }
 }