(Tcl) HOTP Algorithm: HMAC-Based One-Time Password Algorithm

Demonstrates how to generate an HMAC one-time password (HOTP) as specified in RFC 4226.

Note: This example requires Chilkat v9.5.0.77 or greater.

Chilkat Tcl Extension Downloads Chilkat Tcl Extension Downloads

load ./chilkat.dll

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set crypt [new_CkCrypt2]

# Duplicate the following results from RFC 4226

# Appendix D - HOTP Algorithm: Test Values
# 
#   The following test data uses the ASCII string
#   "12345678901234567890" for the secret:
# 
#   Secret = 0x3132333435363738393031323334353637383930
# 
#                     Truncated
#   Count    Hexadecimal    Decimal        HOTP
#   0        4c93cf18       1284755224     755224
#   1        41397eea       1094287082     287082
#   2         82fef30        137359152     359152
#   3        66ef7655       1726969429     969429
#   4        61c5938a       1640338314     338314
#   5        33c083d4        868254676     254676
#   6        7256c032       1918287922     287922
#   7         4e5b397         82162583     162583
#   8        2823443f        673399871     399871
#   9        2679dc69        645520489     520489

set secret "12345678901234567890"

for {set count 0} {$count <= 9} {incr count} {
    set counterHex [CkCrypt2_encodeInt $crypt $count 8 0 "hex"]
    set hotp [CkCrypt2_hotp $crypt $secret "ascii" $counterHex 6 -1 "sha1"]
    puts "$count  HOTP = $hotp"
}

# Output is:
# 0  HOTP = 755224
# 1  HOTP = 287082
# 2  HOTP = 359152
# 3  HOTP = 969429
# 4  HOTP = 338314
# 5  HOTP = 254676
# 6  HOTP = 287922
# 7  HOTP = 162583
# 8  HOTP = 399871
# 9  HOTP = 520489

delete_CkCrypt2 $crypt