diff options
| -rw-r--r-- | docs/hazmat/oath/hotp.rst | 46 | ||||
| -rw-r--r-- | docs/index.rst | 1 | ||||
| -rw-r--r-- | tests/hazmat/oath/test_hotp.py | 2 |
3 files changed, 48 insertions, 1 deletions
diff --git a/docs/hazmat/oath/hotp.rst b/docs/hazmat/oath/hotp.rst new file mode 100644 index 00000000..d84f5bdf --- /dev/null +++ b/docs/hazmat/oath/hotp.rst @@ -0,0 +1,46 @@ +.. hazmat:: + +HMAC-Based One-Time Password Algorithm +====================================== + +.. currentmodule:: cryptography.hazmat.oath.hotp + +This module contains functions for generating and verifying one time password +values based on Hash-based message authentication codes (HMAC). + +.. class:: HOTP(secret, length, backend) + + HOTP objects take a ``secret`` and ``length`` parameter. The ``secret`` + should be randomly generated bytes and is recommended to be 160 bits in + length. The ``length`` parameter controls the length of the generated + one time password and is recommended to be at least a 6 digit value. + + This is an implementation of :rfc:`4226`. + + .. doctest:: + + >>> from cryptography.hazmat.backends import default_backend + >>> from cryptography.hazmat.oath.hotp import HOTP + >>> hotp = HOTP(secret, 6, backend=default_backend) + >>> hotp.generate(0) + 958695 + >>> hotp.verify("958695", 0) + True + + :param secret: Secret key as ``bytes``. + :param length: Length of generated one time password as ``int``. + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.HMACBackend` + provider. + + .. method:: generate(counter) + + :param counter: The counter value used to generate the one time password. + :return: A one time password value. + + .. method:: verify(hotp, counter) + + :param hotp: The one time password value to validate. + :param counter: The counter value to validate against. + :return: ``True`` if the one time password value is valid. ``False`` if otherwise. + diff --git a/docs/index.rst b/docs/index.rst index 176405b5..7d6e618c 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -75,6 +75,7 @@ The hazardous materials layer hazmat/primitives/index hazmat/backends/index hazmat/bindings/index + hazmat/oath/hotp The ``cryptography`` open source project ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/tests/hazmat/oath/test_hotp.py b/tests/hazmat/oath/test_hotp.py index 7df0d4db..d2d3c941 100644 --- a/tests/hazmat/oath/test_hotp.py +++ b/tests/hazmat/oath/test_hotp.py @@ -43,7 +43,7 @@ class TestHOTP(object): assert hotp.generate(counter) == hotp_value @pytest.mark.parametrize("params", vectors) - def test_validate(self, backend, params): + def test_verify(self, backend, params): secret = params["secret"] counter = int(params["counter"]) hotp_value = params["hotp"] |