coolaj86/botp.js
1
0
Fork 0
Code Issues Pull Requests Releases Activity

browser fork

Browse Source
This commit is contained in:
AJ ONeal 2015-10-22 21:22:21 -07:00
parent bbdf82a34e
commit 639bffbd8b
8 changed files with 338 additions and 413 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
.gitignore vendored
View File

@ -1 +1,29 @@
bower_components
# Logs
logs
*.log
# Runtime data
pids
*.pid
*.seed
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# node-waf configuration
.lock-wscript
# Compiled binary addons (http://nodejs.org/api/addons.html)
build/Release
# Dependency directory
# https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git
node_modules node_modules

153
Readme.md
View File

@ -1,135 +1,60 @@
[![Build Status](https://travis-ci.org/guyht/notp.svg)](https://travis-ci.org/guyht/notp) # You might be in the wrong place
# Node One Time Password library You probably want [Authenticator](https://github.com/Daplie/browser-authenticator).
Simple to use, fast, and with zero dependencies. The Node One Time Password library is fully compliant with [HOTP](http://tools.ietf.org/html/rfc4226) (counter based one time passwords) and [TOTP](http://tools.ietf.org/html/rfc6238) (time based one time passwords). It can be used in conjunction with the [Google Authenticator](https://github.com/google/google-authenticator/) which has free apps for iOS, Android and BlackBerry.
# Browser One Time Password library (JavaScript)
(aka botp / totp.js / hotp.js)
(forked from [Node One Time Password](https://github.com/guyht/notp))
Simple to use, fast, and with zero dependencies\*. The Browser One Time Password library is fully compliant with [HOTP](http://tools.ietf.org/html/rfc4226) (counter based one time passwords) and [TOTP](http://tools.ietf.org/html/rfc6238) (time based one time passwords).
\* requires [forge](https://github.com/digitalbazaar/forge) for window.sha1Hmac shim in older browsers and [es6-promise](https://github.com/jakearchibald/es6-promise) for ancient browsers.
It can be used in conjunction with the [Authy](https://www.authy.com/personal/), [Google Authenticator](https://github.com/google/google-authenticator/), and [Microsoft Authenticator](https://www.microsoft.com/en-us/store/apps/authenticator/9wzdncrfj3rj), and [GAuth](https://5apps.com/gbraad/gauth) which have free apps for iOS, Android, BlackBerry, OS X, Linux, Windows, and Chrome.
Browser One Time Password library, supports HOTP, TOTP and works with Google Authenticator • forked from https://github.com/guyht/notp
# Installation # Installation
``` ```
npm install notp bower install botp
``` ```
# Usage # Usage
```javascript ```javascript
var notp = require('notp'); (function () {
'use strict';
//.... some initial login code, that receives the user details and TOTP / HOTP token var botp = window.botp;
var key = 'secret key for user... could be stored in DB'; // this might be used on account creation to create the QR code and verify the token in the browser.
var token = 'user supplied one time use token';
var key = 'secret key for user... could be stored in DB'; // Uint8Array
var token = 'user supplied one time use token'; // 890123
// Check TOTP is correct (HOTP if hotp pass type) // Check TOTP is correct (HOTP if hotp pass type)
var login = notp.totp.verify(token, key); botp.totp.verify(token, key).then(function (login) {
// invalid token if login is null
if (!login) {
console.log('Token invalid');
return;
}
// invalid token if login is null // valid token
if (!login) { console.log('Token valid, sync value is %s', login.delta);
return console.log('Token invalid'); });
}
// valid token }());
console.log('Token valid, sync value is %s', login.delta);
``` ```
## Google Authenticator
[Google authenticator](https://github.com/google/google-authenticator/) requires that keys be base32 encoded before being used. This includes manual entry into the app as well as preparing a QR code URI.
To base32 encode a utf8 key you can use the `thirty-two` module.
```javascript
var base32 = require('thirty-two');
var key = 'secret key for the user';
// encoded will be the secret key, base32 encoded
var encoded = base32.encode(key);
// Google authenticator doesn't like equal signs
var encodedForGoogle = encoded.toString().replace(/=/g,'');
// to create a URI for a qr code (change totp to hotp if using hotp)
var uri = 'otpauth://totp/somelabel?secret=' + encodedForGoogle;
```
Note: If your label has spaces or other invalid uri characters you will need to encode it accordingly using `encodeURIComponent` More details about the uri key format can be found on the [google auth wiki](https://github.com/google/google-authenticator/wiki/Key-Uri-Format)
# API # API
## hotp.verify(token, key, opt)
Check a counter based one time password for validity. See <https://github.com/guyht/notp#api>
Returns null if token is not valid for given key and options.
Returns an object `{delta: #}` if the token is valid. `delta` is the count skew between client and server.
### opt
**window**
> The allowable margin for the counter. The function will check `window` codes in the future against the provided token.
> i.e. if `window = 100` and `counter = 5` all tokens between 5 and 105 will be checked against the supplied token
> Default - 50
**counter**
> Counter value. This should be stored by the application on a per user basis. It is up to the application to track and increment this value as needed. It is also up to the application to increment this value if there is a skew between the client and server (`delta`)
## totp.verify(token, key, opt)
Check a time based one time password for validity
Returns null if token is not valid for given key and options.
Returns an object `{delta: #}` if the token is valid. `delta` is the count skew between client and server.
### opt
**window**
> The allowable margin for the counter. The function will check `window` codes in the future against the provided token.
> i.e. if `window = 5` and `counter = 1000` all tokens between 995 and 1005 will be checked against the supplied token
> Default - 6
**time**
> The time step of the counter. This must be the same for every request and is used to calculate C.
> Default - 30
## hotp.gen(key, opt)
Return a counter based one time password
### opt
**counter**
> Counter value. This should be stored by the application, must be user specific, and be incremented for each request.
## totp.gen(key, opt)
Return a time based one time password
### opt
**time**
> The time step of the counter. This must be the same for every request and is used to calculate C.
> Default - 30
# Migrating from 1.x to 2.x
## Removed
The `encBase32` and `decBase32` methods have been removed. If you wish to encode/decode base32 you should install a module to do so. We recommend the `thirty-two` npm module.
## Changed
All of the APIs have been changed to return values directly instead of using callbacks. This reflects the fact that the functions are actually synchronous and perform no I/O.
Some of the required arguments to the functions have also been removed from the `args` parameter and are passed as separate function parameters. See the above API docs for details.
* `notp.checkHOTP(args, err, cb)` -> `notp.hotp.verify(token, key, opt)`
* `notp.checkTOTP(args, err, cb)` -> `notp.totp.verify(token, key, opt)`
* `notp.getHOTP(args, err, cb)` -> `notp.gotp.gen(key, opt)`
* `notp.getTOTP(args, err, cb)` -> `notp.totp.gen(key, opt)`
## Args
The argument names have also changed to better describe the purpose of the argument.
* `K` -> no longer in args/opt but passed directly as a function argument
* `P` -> no longer in args/opt but passed directly as a function argument
* `W` -> `window`
* `C` -> `counter`
* `T` -> `time`
* botp.totp.gen(keyByteArray) => (promise) tokenArray
* botp.totp.verify(tokenByteArray, keyByteArray) => (promise) delta or null
* botp.hotp.gen(keyByteArray) => (promise) tokenArray
* botp.hotp.verify(tokenByteArray, keyByteArray) => (promise) delta or null

188
index.js
View File

@ -1,6 +1,14 @@
(function (exports, TEST) {
'use strict'; 'use strict';
var crypto = require('crypto'); var crypto;
var sha1Hmac = exports.sha1Hmac || function (key, bytes) {
if (!crypto) { crypto = require('crypto'); }
var hmac = crypto.createHmac('sha1', new Buffer(key));
// Update the HMAC with the byte array
return hmac.update(new Buffer(bytes)).digest('hex');
};
/** /**
* convert an integer to a byte array * convert an integer to a byte array
@ -8,14 +16,14 @@ var crypto = require('crypto');
* @return {Array} bytes * @return {Array} bytes
*/ */
function intToBytes(num) { function intToBytes(num) {
var bytes = []; var bytes = [];
for(var i=7 ; i>=0 ; --i) { for(var i=7 ; i>=0 ; --i) {
bytes[i] = num & (255); bytes[i] = num & (255);
num = num >> 8; num = num >> 8;
} }
return bytes; return bytes;
} }
/** /**
@ -24,11 +32,11 @@ function intToBytes(num) {
* @return {Array} bytes * @return {Array} bytes
*/ */
function hexToBytes(hex) { function hexToBytes(hex) {
var bytes = []; var bytes = [];
for(var c = 0, C = hex.length; c < C; c += 2) { for(var c = 0, C = hex.length; c < C; c += 2) {
bytes.push(parseInt(hex.substr(c, 2), 16)); bytes.push(parseInt(hex.substr(c, 2), 16));
} }
return bytes; return bytes;
} }
var hotp = {}; var hotp = {};
@ -49,33 +57,26 @@ var hotp = {};
* *
*/ */
hotp.gen = function(key, opt) { hotp.gen = function(key, opt) {
key = key || ''; key = key || '';
opt = opt || {}; opt = opt || {};
var counter = opt.counter || 0; var counter = opt.counter || 0;
var p = 6; // Create the byte array
return sha1Hmac(key, intToBytes(counter)).then(function (digest) {
// Get byte array
var h = hexToBytes(digest);
// Create the byte array // Truncate
var b = new Buffer(intToBytes(counter)); var offset = h[19] & 0xf;
var v = (h[offset] & 0x7f) << 24 |
(h[offset + 1] & 0xff) << 16 |
(h[offset + 2] & 0xff) << 8 |
(h[offset + 3] & 0xff);
var hmac = crypto.createHmac('sha1', new Buffer(key)); v = (v % 1000000) + '';
// Update the HMAC with the byte array return new Array(7-v.length).join('0') + v;
var digest = hmac.update(b).digest('hex'); });
// Get byte array
var h = hexToBytes(digest);
// Truncate
var offset = h[19] & 0xf;
var v = (h[offset] & 0x7f) << 24 |
(h[offset + 1] & 0xff) << 16 |
(h[offset + 2] & 0xff) << 8 |
(h[offset + 3] & 0xff);
v = (v % 1000000) + '';
return Array(7-v.length).join('0') + v;
}; };
/** /**
@ -108,23 +109,46 @@ hotp.gen = function(key, opt) {
* *
*/ */
hotp.verify = function(token, key, opt) { hotp.verify = function(token, key, opt) {
opt = opt || {}; opt = opt || {};
var window = opt.window || 50; var window = opt.window || 50;
var counter = opt.counter || 0; var counter = opt.counter || 0;
var i = counter - window;
var len = counter + window;
// Now loop through from C to C + W to determine if there is // Now loop through from C to C + W to determine if there is
// a correct code // a correct code
for(var i = counter - window; i <= counter + window; ++i) { function check(t) {
opt.counter = i; opt.counter = i + 1;
if(this.gen(key, opt) === token) {
// We have found a matching code, trigger callback
// and pass offset
return { delta: i - counter };
}
}
// If we get to here then no codes have matched, return null if (!t) {
return null; return null;
}
if (i > len) {
return null;
}
if(t === token) {
// We have found a matching code, trigger callback
// and pass offset
return i;
}
// TODO count 0, -1, 1, -2, 2, ... instead of -2, -1, 0, 1, ...
i += 1;
return hotp.gen(key, opt).then(check);
}
opt.counter = i;
return hotp.gen(key, opt).then(check).then(function (i) {
if('number' === typeof i) {
return { delta: i - counter };
}
// If we get to here then no codes have matched, return null
return null;
});
}; };
var totp = {}; var totp = {};
@ -147,23 +171,23 @@ var totp = {};
* *
*/ */
totp.gen = function(key, opt) { totp.gen = function(key, opt) {
opt = opt || {}; opt = opt || {};
var time = opt.time || 30; var time = opt.time || 30;
var _t = Date.now(); var _t = Date.now();
// Time has been overwritten. // Time has been overwritten.
if(opt._t) { if(opt._t) {
if(process.env.NODE_ENV != 'test') { if(!TEST) {
throw new Error('cannot overwrite time in non-test environment!'); console.warn('Overwriting time in non-test environment!');
} }
_t = opt._t; _t = opt._t;
} }
// Determine the value of the counter, C // Determine the value of the counter, C
// This is the number of time steps in seconds since T0 // This is the number of time steps in seconds since T0
opt.counter = Math.floor((_t / 1000) / time); opt.counter = Math.floor((_t / 1000) / time);
return hotp.gen(key, opt); return hotp.gen(key, opt);
}; };
/** /**
@ -198,24 +222,28 @@ totp.gen = function(key, opt) {
* *
*/ */
totp.verify = function(token, key, opt) { totp.verify = function(token, key, opt) {
opt = opt || {}; opt = opt || {};
var time = opt.time || 30; var time = opt.time || 30;
var _t = Date.now(); var _t = Date.now();
// Time has been overwritten. // Time has been overwritten.
if(opt._t) { if(opt._t) {
if(process.env.NODE_ENV != 'test') { if(!TEST) {
throw new Error('cannot overwrite time in non-test environment!'); console.warn('Overwriting time in non-test environment!');
} }
_t = opt._t; _t = opt._t;
} }
// Determine the value of the counter, C // Determine the value of the counter, C
// This is the number of time steps in seconds since T0 // This is the number of time steps in seconds since T0
opt.counter = Math.floor((_t / 1000) / time); opt.counter = Math.floor((_t / 1000) / time);
return hotp.verify(token, key, opt); return hotp.verify(token, key, opt);
}; };
module.exports.hotp = hotp; exports.hotp = hotp;
module.exports.totp = totp; exports.totp = totp;
}(
'undefined' !== typeof window ? window : module.exports
, 'undefined' !== typeof process ? process.env.NODE_ENV : false
));

73
sha1-hmac.js Normal file
View File

@ -0,0 +1,73 @@
(function (exports) {
'use strict';
exports.sha1Hmac = function (key, bytes) {
if (!window.Unibabel) {
throw new Error("Unibabel.js is required to convert between buffers and binary strings");
}
if ('string' === typeof key) {
throw new Error("use one of Unibabel.utf8ToBuffer(key), Unibabel.base64ToBuffer(key), or Unibabel.hexToBuffer(key) before passing to sha1Hmac(key, bytes)");
}
var Unibabel = window.Unibabel;
if (window.crypto) {
return window.crypto.subtle.importKey(
"raw"
, key
, { name: "HMAC"
, hash: { name: "SHA-1" }
}
, false
, ["sign", "verify"]
)
/*
return crypto.subtle.importKey(
"jwk", //can be "jwk" or "raw"
{ //this is an example jwk key, "raw" would be an ArrayBuffer
kty: "oct",
k: "Y0zt37HgOx-BY7SQjYVmrqhPkO44Ii2Jcb9yydUDPfE",
alg: "HS256",
ext: true,
},
{ //this is the algorithm options
name: "HMAC",
hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
//length: 256, //optional, if you want your key length to differ from the hash function's block length
},
false, //whether the key is extractable (i.e. can be used in exportKey)
["sign", "verify"] //can be any combination of "sign" and "verify"
)
*/
.then(function (key) {
return window.crypto.subtle.sign(
{ name: "HMAC" }
, key // from generateKey or importKey above
, new Uint8Array(bytes) // ArrayBuffer of data you want to sign
)
.then(function(signature){
// returns an ArrayBuffer containing the signature
return Unibabel.bufferToHex(new Uint8Array(signature));
});
});
}
else if (window.forge) {
var forge = window.forge;
var hmac = forge.hmac.create();
var digest;
hmac.start('sha1', key);
hmac.update(Unibabel.bufferToBinaryString(bytes));
digest = hmac.digest().toHex();
return window.Promise.resolve(digest);
}
else {
throw new Error("WebCrypto or forge.js is required to create a sha1 hmac");
}
};
}(
'undefined' !== typeof window ? window : module.exports
, 'undefined' !== typeof process ? process.env.NODE_ENV : false
));

15
test.html Normal file
View File

@ -0,0 +1,15 @@
<!DOCTYPE html>
<html>
<head>
<title>BOTP Test</title>
<meta charset="UTF-8">
</head>
<body>
<script src="bower_components/unibabel/index.js"></script>
<script src="bower_components/unibabel/unibabel.hex.js"></script>
<script src="bower_components/unibabel/unibabel.base32.js"></script>
<script src="sha1-hmac.js"></script>
<script src="index.js"></script>
<script src="test.js"></script>
</body>
</html>

74
test.js Normal file
View File

@ -0,0 +1,74 @@
(function (exports) {
'use strict';
var Unibabel = exports.Unibabel;
// Generate a key
function generateOtpKey() {
// 20 cryptographically random binary bytes (160-bit key)
var key = window.crypto.getRandomValues(new Uint8Array(20));
return key;
}
// Text-encode the key as base32 (in the style of Google Authenticator - same as Facebook, Microsoft, etc)
function encodeGoogleAuthKey(bin) {
// 32 ascii characters without trailing '='s
var base32 = Unibabel.bufferToBase32(bin).replace(/=/g, '');
// lowercase with a space every 4 characters
var key = base32.toLowerCase().replace(/(\w{4})/g, "$1 ").trim();
return key;
}
function generateGoogleAuthKey() {
return encodeGoogleAuthKey(generateOtpKey());
}
// Binary-decode the key from base32 (Google Authenticator, FB, M$, etc)
function decodeGoogleAuthKey(key) {
// decode base32 google auth key to binary
var unformatted = key.replace(/\W+/g, '').toUpperCase();
var bin = Unibabel.base32ToBuffer(unformatted);
return bin;
}
// Generate a Google Auth Token
function generateGoogleAuthToken(key) {
var bin = decodeGoogleAuthKey(key);
var totp = exports.totp || require('notp').totp;
return totp.gen(bin);
}
// Verify a Google Auth Token
function verifyGoogleAuthToken(key, token) {
var bin = decodeGoogleAuthKey(key);
var totp = exports.totp || require('notp').totp;
token = token.replace(/\W+/g, '');
// window is +/- 1 period of 30 seconds
return totp.verify(token, bin, { window: 1, time: 30 });
}
exports.generateKey = generateGoogleAuthKey;
exports.generateToken = generateGoogleAuthToken;
exports.verifyToken = verifyGoogleAuthToken;
//var key = exports.generateKey();
var key = 'hxdm vjec jjws rb3h wizr 4ifu gftm xboz';
console.log('key', key);
exports.generateToken(key).then(function (token) {
console.log('token', token);
exports.verifyToken(key, token).then(function (result) {
console.log('verify', result);
});
});
}(
'undefined' !== typeof window ? window : module.exports
));

1
test/mocha.opts
View File

@ -1 +0,0 @@
--ui exports

217
test/notp.js
View File

@ -1,217 +0,0 @@
var notp = require('..');
var assert = require('assert');
/*
* Test HOTtoken. Uses test values from RFcounter 4226
*
*
* The following test data uses the AScounterII string
* "12345678901234567890" for the secret:
*
* Secret = 0x3132333435363738393031323334353637383930
*
* Table 1 details for each count, the intermediate HMAcounter value.
*
* counterount Hexadecimal HMAcounter-SHA-1(secret, count)
* 0 cc93cf18508d94934c64b65d8ba7667fb7cde4b0
* 1 75a48a19d4cbe100644e8ac1397eea747a2d33ab
* 2 0bacb7fa082fef30782211938bc1c5e70416ff44
* 3 66c28227d03a2d5529262ff016a1e6ef76557ece
* 4 a904c900a64b35909874b33e61c5938a8e15ed1c
* 5 a37e783d7b7233c083d4f62926c7a25f238d0316
* 6 bc9cd28561042c83f219324d3c607256c03272ae
* 7 a4fb960c0bc06e1eabb804e5b397cdc4b45596fa
* 8 1b3c89f65e6c9e883012052823443f048b4332db
* 9 1637409809a679dc698207310c8c7fc07290d9e5
*
* Table 2 details for each count the truncated values (both in
* hexadecimal and decimal) and then the HOTtoken value.
*
* Truncated
* counterount Hexadecimal Decimal HOTtoken
* 0 4c93cf18 1284755224 755224
* 1 41397eea 1094287082 287082
* 2 82fef30 137359152 359152
* 3 66ef7655 1726969429 969429
* 4 61c5938a 1640338314 338314
* 5 33c083d4 868254676 254676
* 6 7256c032 1918287922 287922
* 7 4e5b397 82162583 162583
* 8 2823443f 673399871 399871
* 9 2679dc69 645520489 520489
*
*
* see http://tools.ietf.org/html/rfc4226
*/
exports.testHOTP = function() {
var key = '12345678901234567890';
var opt = {
window : 0,
};
var HOTP = ['755224', '287082','359152', '969429', '338314', '254676', '287922', '162583', '399871', '520489'];
// make sure we can not pass in opt
notp.hotp.verify('WILL NOT PASS', key);
// counterheck for failure
opt.counter = 0;
assert.ok(!notp.hotp.verify('WILL NOT PASS', key, opt), 'Should not pass');
// counterheck for passes
for(i=0;i<HOTP.length;i++) {
opt.counter = i;
var res = notp.hotp.verify(HOTP[i], key, opt);
assert.ok(res, 'Should pass');
assert.equal(res.delta, 0, 'Should be in sync');
}
};
/*
* Test TOTtoken using test vectors from TOTtoken RFcounter.
*
* see http://tools.ietf.org/id/draft-mraihi-totp-timebased-06.txt
*/
exports.testTOTtoken = function() {
var key = '12345678901234567890';
var opt = {
window : 0,
};
// make sure we can not pass in opt
notp.totp.verify(token, key);
// counterheck for failure
opt.time = 0;
var token = 'windowILLNOTtokenASS';
assert.ok(!notp.totp.verify(token, key, opt), 'Should not pass');
// counterheck for test vector at 59s
opt._t = 59*1000;
var token = '287082';
var res = notp.totp.verify(token, key, opt);
assert.ok(res, 'Should pass');
assert.equal(res.delta, 0, 'Should be in sync');
// counterheck for test vector at 1234567890
opt._t = 1234567890*1000;
var token = '005924';
var res = notp.totp.verify(token, key, opt);
assert.ok(res, 'Should pass');
assert.equal(res.delta, 0, 'Should be in sync');
// counterheck for test vector at 1111111109
opt._t = 1111111109*1000;
var token = '081804';
var res = notp.totp.verify(token, key, opt);
assert.ok(res, 'Should pass');
assert.equal(res.delta, 0, 'Should be in sync');
// counterheck for test vector at 2000000000
opt._t = 2000000000*1000;
var token = '279037';
var res = notp.totp.verify(token, key, opt);
assert.ok(res, 'Should pass');
assert.equal(res.delta, 0, 'Should be in sync');
};
/*
* counterheck for codes that are out of sync
* windowe are going to use a value of counter = 1 and test against
* a code for counter = 9
*/
exports.testHOTPOutOfSync = function() {
var key = '12345678901234567890';
var token = '520489';
var opt = {
counter : 1
};
// counterheck that the test should fail for window < 8
opt.window = 7;
assert.ok(!notp.hotp.verify(token, key, opt), 'Should not pass for value of window < 8');
// counterheck that the test should pass for window >= 9
opt.window = 8;
assert.ok(notp.hotp.verify(token, key, opt), 'Should pass for value of window >= 9');
// counterheck that test should pass for negative counter values
token = '755224';
opt.counter = 7
opt.window = 8;
assert.ok(notp.hotp.verify(token, key, opt), 'Should pass for negative counter values');
};
/*
* counterheck for codes that are out of sync
* windowe are going to use a value of T = 1999999909 (91s behind 2000000000)
*/
exports.testTOTPOutOfSync = function() {
var key = '12345678901234567890';
var token = '279037';
var opt = {
_t : 1999999909*1000
};
// counterheck that the test should fail for window < 2
opt.window = 2;
assert.ok(!notp.totp.verify(token, key, opt), 'Should not pass for value of window < 3');
// counterheck that the test should pass for window >= 3
opt.window = 3;
assert.ok(notp.totp.verify(token, key, opt), 'Should pass for value of window >= 3');
};
exports.hotp_gen = function() {
var key = '12345678901234567890';
var opt = {
window : 0,
};
var HOTP = ['755224', '287082','359152', '969429', '338314', '254676', '287922', '162583', '399871', '520489'];
// make sure we can not pass in opt
notp.hotp.gen(key);
// counterheck for passes
for(i=0;i<HOTP.length;i++) {
opt.counter = i;
assert.equal(notp.hotp.gen(key, opt), HOTP[i], 'HOTP value should be correct');
}
};
exports.totp_gen = function() {
var key = '12345678901234567890';
var opt = {
window : 0,
};
// make sure we can not pass in opt
notp.totp.gen(key);
// counterheck for test vector at 59s
opt._t = 59*1000;
assert.equal(notp.totp.gen(key, opt), '287082', 'TOTtoken values should match');
// counterheck for test vector at 1234567890
opt._t = 1234567890*1000;
assert.equal(notp.totp.gen(key, opt), '005924', 'TOTtoken values should match');
// counterheck for test vector at 1111111109
opt._t = 1111111109*1000;
assert.equal(notp.totp.gen(key, opt), '081804', 'TOTtoken values should match');
// counterheck for test vector at 2000000000
opt._t = 2000000000*1000;
assert.equal(notp.totp.gen(key, opt), '279037', 'TOTtoken values should match');
};