diff options
| author | Ayrx <terrycwk1994@gmail.com> | 2014-02-13 15:30:20 +0800 |
|---|---|---|
| committer | Ayrx <terrycwk1994@gmail.com> | 2014-02-21 11:13:35 +0800 |
| commit | 25b1d21b40f531450877bcfbee55406b28111dca (patch) | |
| tree | 98e599079f6f18b274d277e3c5ea59313e19262d /docs/hazmat | |
| parent | a7769110ef8f575105847f84cadf6bb5b9aa5fba (diff) | |
| download | cryptography-25b1d21b40f531450877bcfbee55406b28111dca.tar.gz cryptography-25b1d21b40f531450877bcfbee55406b28111dca.tar.bz2 cryptography-25b1d21b40f531450877bcfbee55406b28111dca.zip | |
Updated documentation.
Diffstat (limited to 'docs/hazmat')
| -rw-r--r-- | docs/hazmat/oath/hotp.rst | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/docs/hazmat/oath/hotp.rst b/docs/hazmat/oath/hotp.rst index 1dee26b0..7aff330f 100644 --- a/docs/hazmat/oath/hotp.rst +++ b/docs/hazmat/oath/hotp.rst @@ -8,12 +8,12 @@ HMAC-Based One-Time Password Algorithm This module contains functions for generating and verifying one time password values based on Hash-based message authentication codes (HMAC). -.. class:: HOTP(secret, length, backend) +.. class:: HOTP(key, length, backend) - HOTP objects take a ``secret`` and ``length`` parameter. The ``secret`` + HOTP objects take a ``key`` and ``length`` parameter. The ``key`` should be randomly generated bytes and is recommended to be 160 bits in length. The ``length`` parameter controls the length of the generated - one time password and is recommended to be at least a 6 digit value. + one time password and must be >= 6. This is an implementation of :rfc:`4226`. @@ -23,17 +23,22 @@ values based on Hash-based message authentication codes (HMAC). >>> from cryptography.hazmat.backends import default_backend >>> from cryptography.hazmat.oath.hotp import HOTP - >>> key = "12345678901234567890" + >>> key = b"12345678901234567890" >>> hotp = HOTP(key, 6, backend=default_backend()) >>> hotp.generate(0) '755224' - >>> hotp.verify("755224", 0) + >>> hotp.verify(b"755224", 0) - :param bytes secret: Secret key as ``bytes``. + :param bytes key: Secret key as ``bytes``. This value must be generated in a + cryptographically secure fashion and be at least 128 bits. + It is recommended that the key be 160 bits. :param int length: Length of generated one time password as ``int``. :param backend: A :class:`~cryptography.hazmat.backends.interfaces.HMACBackend` provider. + :raises ValueError: This is raised if the provided ``key`` or ``length`` + parameters are shorter than required. + .. method:: generate(counter) @@ -44,4 +49,5 @@ values based on Hash-based message authentication codes (HMAC). :param bytes hotp: The one time password value to validate. :param bytes counter: The counter value to validate against. - :return: ``True`` if the one time password value is valid. ``False`` if otherwise. + :raises cryptography.exceptions.InvalidToken: This is raised when the supplied HOTP + does not match the expected HOTP. |