(JavaScript) HOTP Algorithm: HMAC-Based One-Time Password Algorithm

Demonstrates how to generate an HMAC one-time password (HOTP) as specified in RFC 4226.

Note: This example requires Chilkat v9.5.0.77 or greater.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var crypt = new CkCrypt2();

// Duplicate the following results from RFC 4226

// Appendix D - HOTP Algorithm: Test Values
// 
//   The following test data uses the ASCII string
//   "12345678901234567890" for the secret:
// 
//   Secret = 0x3132333435363738393031323334353637383930
// 
//                     Truncated
//   Count    Hexadecimal    Decimal        HOTP
//   0        4c93cf18       1284755224     755224
//   1        41397eea       1094287082     287082
//   2         82fef30        137359152     359152
//   3        66ef7655       1726969429     969429
//   4        61c5938a       1640338314     338314
//   5        33c083d4        868254676     254676
//   6        7256c032       1918287922     287922
//   7         4e5b397         82162583     162583
//   8        2823443f        673399871     399871
//   9        2679dc69        645520489     520489

var secret = "12345678901234567890";
var count;
for (count = 0; count <= 9; count++) {
    var counterHex = crypt.EncodeInt(count,8,false,"hex");
    var hotp = crypt.Hotp(secret,"ascii",counterHex,6,-1,"sha1");
    console.log(count + "  HOTP = " + hotp);
}

// Output is:
// 0  HOTP = 755224
// 1  HOTP = 287082
// 2  HOTP = 359152
// 3  HOTP = 969429
// 4  HOTP = 338314
// 5  HOTP = 254676
// 6  HOTP = 287922
// 7  HOTP = 162583
// 8  HOTP = 399871
// 9  HOTP = 520489