Skip to content

deatil/zig-totp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.zig
build.zig
 
 
build.zig.zon
build.zig.zon
 
 

Repository files navigation

Zig-totp

A TOTP and HOTP library for zig.

Why One Time Passwords?

One Time Passwords (OTPs) are an mechanism to improve security over passwords alone. When a Time-based OTP (TOTP) is stored on a user's phone, and combined with something the user knows (Password), you have an easy on-ramp to Multi-factor authentication without adding a dependency on a SMS provider. This Password and TOTP combination is used by many popular websites including Google, GitHub, Facebook, Salesforce and many others.

The zig-totp library enables you to easily add TOTPs to your own application, increasing your user's security against mass-password breaches and malware.

Because TOTP is standardized and widely deployed, there are many mobile clients and software implementations.

Env

  • Zig >= 0.15.1

Adding zig-totp as a dependency

Add the dependency to your project:

zig fetch --save=zig-totp git+https://github.com/deatil/zig-totp#main

or use local path to add dependency at build.zig.zon file

.{
    .dependencies = .{
        .@"zig-totp" = .{
            .path = "./lib/zig-totp",
        },
        ...
    }
}

And the following to your build.zig file:

const zig_totp_dep = b.dependency("zig-totp", .{});
exe.root_module.addImport("zig-totp", zig_totp_dep.module("zig-totp"));

The zig-totp structure can be imported in your application with:

const totp = @import("zig-totp");

Get Starting

const std = @import("std");
const totp = @import("zig-totp");

pub fn main() !void {
    const alloc = std.heap.page_allocator;

    const secret = "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ";
    const n = totp.time.now().utc();
    const passcode = try totp.generateCode(alloc, secret, n);

    defer alloc.free(passcode);

    // output: 
    // generateCode: 906939
    std.debug.print("generateCode: {s} \n", .{passcode});

    const valid = totp.validate(alloc, passcode, secret);
    
    // output: 
    // validate: true
    std.debug.print("validate: {} \n", .{valid});
}

Generate Qrcode Url

const std = @import("std");
const totp = @import("zig-totp");

pub fn main() !void {
    const alloc = std.heap.page_allocator;

    const secret = "test-data";

    var key = try totp.generate(alloc, .{
        .issuer = "Example",
        .account_name = "accountName",
        .period = 30,
        // .secret_size = 20,
        // use secret if secret not empty, or use secret_size to generate secret
        .secret = secret,
        .digits = .Six,
        .algorithm = .SHA1,
    });
    defer key.deinit();

    const qrcode_url = key.urlString();
    defer alloc.free(qrcode_url);

    // output: 
    // qrcode_url: otpauth://totp/Example:accountName?issuer=Example&period=30&digits=6&secret=ORSXG5BNMRQXIYI&algorithm=SHA1
    std.debug.print("qrcode_url: {} \n", .{qrcode_url});
}

LICENSE

  • The library LICENSE is Apache2, using the library need keep the LICENSE.

Copyright

About

A TOTP and HOTP library for zig.

github.com/deatil/zig-totp

Topics

otp zig totp hotp otpauth otp-generator otp-verification zig-totp zig-hotp zig-otp

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 20

v1.3.0 Latest
Aug 30, 2025
+ 19 releases

Languages