Sample code for 30+ languages & platforms
SQL Server

TOTP Authenticator: Duplicate Results of Online Tools

See more Encryption Examples

Duplicates the online tool for the Google 2FA Authenticator online tools at

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.
    -- 
    -- Note: This example was written on 7-March-2020.  If the online tools have since changed, the instructions provided here may no longer be valid.
    -- 

    DECLARE @crypt int
    EXEC @hr = sp_OACreate 'Chilkat.Crypt2', @crypt OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- ---------------------------------------------------------------------------------------------
    -- To duplicate the results of the Authenticator Test at https://rootprojects.org/authenticator/
    -- do the following:
    -- 1) At the bottom of the screen you will see a URI such as:
    -- 
    --    otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA1&digits=6&period=30
    -- 
    --    Use the uppercase secret.  For example:
    DECLARE @secretKey nvarchar(4000)
    SELECT @secretKey = 'HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ'

    -- 2) DO NOT cick the "Regenerate" button.  The regenerate button will generate a new secret.
    -- 
    -- 3) Run the following code to generate your 6-digit token.  Compare with the token shown in the picture of the iPhone at https://rootprojects.org/authenticator/
    --      Note: A new token is generated every 30 seconds.  You must generate within the same 30 second interval to get the same result.

    EXEC sp_OAMethod @crypt, 'Totp', @sTmp0 OUT, @secretKey, 'base32', '0', '', 30, 6, -1, 'sha1'
    PRINT 'Your token is: ' + @sTmp0

    -- ---------------------------------------------------------------------------------------------
    -- To duplicate the results of the Google2FA Playground at https://pragmarx.com/playground/google2fa#/
    -- do the following:

    -- 1) Copy the 64-byte secret key:
    SELECT @secretKey = 'OR2VQTRVHB2HO2LCGVWXQSCDK5ZHQS2D3THQ6UXO57XIE7ZHOWS6HDPQ622GU747'

    -- 2) Run the same code:
    --    (Note: The online tool generates a new result every 30 seconds.  You must generate and compare within the same 30-second interval.)

    EXEC sp_OAMethod @crypt, 'Totp', @sTmp0 OUT, @secretKey, 'base32', '0', '', 30, 6, -1, 'sha1'
    PRINT 'Your token is: ' + @sTmp0

    EXEC @hr = sp_OADestroy @crypt


END
GO