hotp-js/README.md

hotp-js - A JavaScript HOTP implementation
=================================================

A JavaScript HOTP implementation (HMAC-Based One-Time Password Algorithm) as described in [RFC4226](http://tools.ietf.org/html/rfc4226). The library uses on [crypto-js](http://code.google.com/p/crypto-js/) for the javascript HMAC-SHA1 implementation.

How to use it
-------------

Load the htop.js file, set the private key of the token and the count step.

```javascript
otp = hotp("3132333435363738393031323334353637383930","4","dec6");
```

The following output formats are supported:

* hex40 - truncated 10 bytes hexadecimal representation
* dec6  - truncated 6 bytes decimal representation (HOTP)
* dec7  - truncated 7 bytes decimal representation
* dec8  - truncated 8 bytes decimal representation

Example
-------

Check [this web page](http://www.foo.be/hotp/example.html) that will run in your browser htop-js with the RFC4226 test values.

Security recommendations
------------------------

* If you implement software tokens, don't forget to protect the key of the token along with the count value (e.g. local encryption of the software token).
* Code is experimental.

License
-------

```
Copyright (C) 2009 Alexandre Dulaunoy

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.

```
Example website added (and fixed) 2014-01-12 19:16:35 +00:00			`hotp-js - A JavaScript HOTP implementation`
README.md added with a simple description 2014-01-12 19:07:34 +00:00			`=================================================`

Typo fixed 2014-01-12 19:20:57 +00:00			`A JavaScript HOTP implementation (HMAC-Based One-Time Password Algorithm) as described in [RFC4226](http://tools.ietf.org/html/rfc4226). The library uses on [crypto-js](http://code.google.com/p/crypto-js/) for the javascript HMAC-SHA1 implementation.`
README.md added with a simple description 2014-01-12 19:07:34 +00:00
			`How to use it`
			`-------------`

Example website added (and fixed) 2014-01-12 19:16:35 +00:00			`Load the htop.js file, set the private key of the token and the count step.`
README.md added with a simple description 2014-01-12 19:07:34 +00:00
			```javascript
			`otp = hotp("3132333435363738393031323334353637383930","4","dec6");`
			```

			`The following output formats are supported:`

			`* hex40 - truncated 10 bytes hexadecimal representation`
			`* dec6 - truncated 6 bytes decimal representation (HOTP)`
			`* dec7 - truncated 7 bytes decimal representation`
			`* dec8 - truncated 8 bytes decimal representation`

Example website added (and fixed) 2014-01-12 19:16:35 +00:00			`Example`
			`-------`

			`Check [this web page](http://www.foo.be/hotp/example.html) that will run in your browser htop-js with the RFC4226 test values.`

README.md added with a simple description 2014-01-12 19:07:34 +00:00			`Security recommendations`
			`------------------------`

Example website added (and fixed) 2014-01-12 19:16:35 +00:00			`* If you implement software tokens, don't forget to protect the key of the token along with the count value (e.g. local encryption of the software token).`
README.md added with a simple description 2014-01-12 19:07:34 +00:00			`* Code is experimental.`

			`License`
			`-------`

			```
			`Copyright (C) 2009 Alexandre Dulaunoy`

			`This program is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU Affero General Public License as`
			`published by the Free Software Foundation, either version 3 of the`
			`License, or (at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU Affero General Public License for more details.`

			`You should have received a copy of the GNU Affero General Public License`
			`along with this program. If not, see <http://www.gnu.org/licenses/>.`

			```