Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/lachlanbell/SwiftOTP
A Swift library for generating One Time Passwords (OTP)
https://github.com/lachlanbell/SwiftOTP
2fa hotp ios macos swift totp
Last synced: 1 day ago
JSON representation
A Swift library for generating One Time Passwords (OTP)
- Host: GitHub
- URL: https://github.com/lachlanbell/SwiftOTP
- Owner: lachlanbell
- License: mit
- Created: 2018-01-15T05:41:04.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2024-03-20T08:31:11.000Z (8 months ago)
- Last Synced: 2024-11-06T01:16:27.024Z (8 days ago)
- Topics: 2fa, hotp, ios, macos, swift, totp
- Language: Swift
- Homepage:
- Size: 109 KB
- Stars: 283
- Watchers: 12
- Forks: 59
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# SwiftOTP
[![Build Status](https://www.travis-ci.com/lachlanbell/SwiftOTP.svg?branch=master)](https://www.travis-ci.com/lachlanbell/SwiftOTP)
[![Version](https://img.shields.io/cocoapods/v/SwiftOTP.svg?style=flat)](http://cocoapods.org/pods/SwiftOTP)
[![Carthage compatible](https://img.shields.io/badge/Carthage-compatible-4BC51D.svg?style=flat)](https://github.com/Carthage/Carthage)
[![License](https://img.shields.io/cocoapods/l/SwiftOTP.svg?style=flat)](http://cocoapods.org/pods/SwiftOTP)
[![Platform](https://img.shields.io/badge/platform-ios%20%7C%20macos%20%7C%20watchos%20%7C%20tvos%20%7C%20linux-lightgrey)](http://cocoapods.org/pods/SwiftOTP)
![Swift Version](https://img.shields.io/badge/Swift-5.0-orange.svg)SwiftOTP is a Swift library for generating One Time Passwords (OTP) commonly used for two factor authentication. SwiftOTP supports both HMAC-Based One Time Passwords (HOTP) and Time Based One Time Passwords (TOTP) defined in [RFC 4226](https://tools.ietf.org/html/rfc4226) and [RFC 6238](https://tools.ietf.org/html/rfc6238) respectively.
## Installation
### CocoaPods
SwiftOTP is available through [CocoaPods](http://cocoapods.org). To install it, simply add the following line to your Podfile:```ruby
pod 'SwiftOTP'
```
Then run `pod install` in the project directory to install.### Carthage
SwiftOTP is available through [Carthage](https://github.com/Carthage/Carthage). To install it, simply add the following line to your Cartfile:```
github "lachlanbell/SwiftOTP"
```
Then run `carthage update` in the project directory and add the resulting frameworks to your project.### Swift Package Manager
You can use [Swift Package Manager](https://swift.org/package-manager/) and specify dependency in `Package.swift` by adding this:```swift
dependencies: [
.package(url: "https://github.com/lachlanbell/SwiftOTP.git", .upToNextMinor(from: "3.0.0"))
]
```## Usage
### TOTP (Time-Based One Time Password)#### Creation of a TOTP Object:
```swift
let totp = TOTP(secret: data)
```
A TOTP Object can be created with the default settings (6 digits, 30sec time interval and using HMAC-SHA-1) as shown above, or the individual parameters can be set as shown below:
```swift
let totp = TOTP(secret: data, digits: 6, timeInterval: 30, algorithm: .sha1)
```
#### Generating TOTP Passwords
After creating a TOTP object, a password can be generated for a point in time, either by using a `Date` object or a Unix time value using the `generate()` functionFor example, to get a password for the current time using a `TOTP` object named `totp`:
```swift
if let totp = TOTP(secret: data) {
let otpString = totp.generate(time: Date)
}
```Or from Unix time (i.e. seconds elapsed since 01 Jan 1970 00:00 UTC):
```swift
if let totp = TOTP(secret: data) {
let otpString = totp.generate(secondsPast1970: 1234567890)
}
```
Note: only `Int` values are accepted by this function, and must be positive.### HOTP (HMAC-Based One Time Password (counter-based))
In addition to TOTP, SwiftOTP also supports the generation of counter-based HOTP passwords.
#### Creation of an HOTP Object:
```swift
let hotp = HOTP(secret: data)
```
A HOTP Object can be created with the default settings (6 digits, using HMAC-SHA-1) as shown above, or the individual parameters can be set as shown below:
```swift
let hotp = HOTP(secret: data, digits: 6, algorithm: .sha1)
```
#### Generating HOTP Passwords
After creating a HOTP object, a password can be generated for a counter value (`UInt64`) by using the `generate()` function, for example (where `hotp` is a `HOTP` object):
```swift
if let hotp = HOTP(secret: data) {
let otpString = hotp.generate(counter: 42)
}
```### Base32
Most secret keys for generating one time passwords use Base32 encoding. As such, SwiftOTP includes a [Base32 Helper](https://github.com/norio-nomura/Base32) to decode a Base32 string to `Data`.For example:
```swift
base32DecodeToData("ABCDEFGHIJKLMNOP")!
```Or in use:
```swift
guard let data = base32DecodeToData("ABCDEFGHIJKLMNOP") else { return }if let hotp = HOTP(secret: data) {
print(hotp.generate(42))
}
```### Supported parameters
#### Hash Functions
SwiftOTP supports HMAC with SHA1 as specified in [RFC 4226](https://tools.ietf.org/html/rfc4226), as well as SHA256 and SHA512 added in [RFC 6238](https://tools.ietf.org/html/rfc6238). MD5 is **not** supported, due to its insufficient hash length.#### Digit Length
Both the `TOTP` and `HOTP` objects only accept a digit length value between 6 and 8, as specified in [RFC 4226](https://tools.ietf.org/html/rfc4226). Both objects will be `nil` if an invalid digit length value is provided.## Older Swift Versions
Use the corresponding branch for using an older Swift version (4.0 and greater). For example:
```ruby
pod 'SwiftOTP', :git => 'https://github.com/lachlanbell/SwiftOTP.git', :branch => 'swift-4.0'
```## License
SwiftOTP is available under the MIT license. See the LICENSE file for more info.### Acknowledgements
SwiftOTP depends on the following open-source projects:* [CryptoSwift](https://github.com/krzyzanowskim/CryptoSwift) by Marcin Krzyżanowski ([License](https://github.com/krzyzanowskim/CryptoSwift/tree/master/LICENSE))
* [Base32](https://github.com/norio-nomura/Base32) by Norio Nomura ([License](https://github.com/norio-nomura/Base32/blob/master/LICENSE))Some parts of the password generator code were adapted from the [old Google Authenticator source](https://github.com/google/google-authenticator).