tinymfa

package module
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2025 License: MIT Imports: 13 Imported by: 0

README

Tiny MFA: A Go package for Time-Based One-Time Password (TOTP) generation and verification

Table of Contents

Overview

The Tiny MFA package is a Go library for generating and verifying Time-Based One-Time Passwords (TOTP) according to the TOTP algorithm specified in RFC 6238. It also includes functionality for encrypting and decrypting data using AES-256-CBC.

Installation

To install the Tiny MFA package, run the following command:

go get github.com/ghmer/go-tiny-mfa

Usage

Generating TOTP Tokens

To generate a TOTP token, you can use the GenerateValidToken method of the TinyMfa struct. This method takes four arguments: the current Unix timestamp, the secret key, the offset type (either present, future, or past), and the desired token length.

package main

import (
    "github.com/ghmer/go-tiny-mfa"
)

func main() {
    tinymfa := tinymfa.NewTinyMfa()
    token, err := tinymfa.GenerateValidToken(1643723905, []byte("your_secret_key"), tinymfa.Present, 6)
    if err != nil {
        panic(err)
    }

    fmt.Println(token)
}
Verifying TOTP Tokens

To verify a TOTP token, you can use the ValidateToken method of the TinyMfa struct. This method takes five arguments: the submitted token, the secret key, the current Unix timestamp, and the desired token length.

package main

import (
    "github.com/ghmer/go-tiny-mfa"
)

func main() {
    tinymfa := tinymfa.NewTinyMfa()
    valid, err := tinymfa.ValidateToken(123456, []byte("your_secret_key"), 1643723905, 6)
    if err != nil {
        panic(err)
    }

    fmt.Println(valid)
}
Generating QR Codes

func main() {
    var issuer string = "tinymfa.parzival.link"
    var user string = "demo"
    var key string = base32.StdEncoding.EncodeToString(Key)
    var digits uint8 = 6

    qrcode, err := tmfa.GenerateQrCode(issuer, user, key, digits)
    if err != nil {
        panic(err)
    }
    // write png to file
    os.WriteFile("./qrcode1.png", qrcode, 0644)

    // shorthand for the above
    tmfa.WriteQrCodeImage(issuer, user, key, digits, "./qrcode2.png")
}
Encrypting and Decrypting Data

To encrypt data using the TinyMfa package, you can use the Encrypt method. This method takes two arguments: the data to be encrypted and the passphrase used for encryption.

package main

import (
    "github.com/ghmer/go-tiny-mfa/utils"
)

func main() {
    data := []byte("Hello, World!")
    passphrase := []byte("your_passphrase")
    encryptedData := utils.Encrypt(data, passphrase)
    fmt.Println(encryptedData)
}

To decrypt data using the TinyMfa package, you can use the Decrypt method. This method takes two arguments: the encrypted data and the passphrase used for decryption.

package main

import (
    "github.com/ghmer/go-tiny-mfa/utils"
)

func main() {
    encryptedData := []byte("your_encrypted_data")
    passphrase := []byte("your_passphrase")
    decryptedData := utils.Decrypt(encryptedData, passphrase)
    fmt.Println(decryptedData)
}

API Documentation

The TinyMfa package includes the following methods:

  • GenerateValidToken: Generates a TOTP token for the given timestamp and secret key.
  • ValidateToken: Verifies whether the submitted token is valid for the given timestamp and secret key.
  • Encrypt: Encrypts data using AES-256-CBC with the given passphrase.
  • Decrypt: Decrypts encrypted data using AES-256-CBC with the given passphrase.

License

The Tiny MFA package is released under the MIT License. See LICENSE for details.

Documentation

Index

Constants

View Source 
const (
	// Present can be used as an Offset Type
	Present uint8 = iota
	// Future can be used as an Offset Type
	Future
	// Past can be used as an Offset Type
	Past
)
View Source 
const (
	// OffsetPresent is the offset to add when the OffsetTypePresent was used
	OffsetPresent int8 = 0

	// OffsetFuture is the offset to add when the OffsetTypeFuture was used
	OffsetFuture int8 = 30

	// OffsetPast is the offset to add when the OffsetTypePast was used
	OffsetPast int8 = -30

	// KeySizeStandard is the default size of the SecretKey (128bit)
	KeySizeStandard int8 = 16

	// KeySizeExtended is the extended size of the SecretKey (256bit)
	KeySizeExtended int8 = 32
)

Variables

This section is empty.

Functions

This section is empty.

Types

type TinyMfa added in v0.3.0 

type TinyMfa struct {
	QRCodeConfig structs.QrCodeConfig
	FormatString string
}

func (*TinyMfa) BuildPayload added in v0.3.0 

func (tinymfa *TinyMfa) BuildPayload(issuer, username string, secret *string, digits uint8) string

builds the payload for the QRCode. In detail, this takes the otpAuthURL Formatstring constant and formats it using the details provided in the method call.

func (*TinyMfa) CalculateHMAC added in v0.3.0 

func (tinymfa *TinyMfa) CalculateHMAC(message []byte, key *[]byte) []byte

CalculateHMAC calculates the hmac-sha1 value for a given message and key (RFC2104)

func (*TinyMfa) ConvertColorSetting added in v0.3.0 

func (tinymfa *TinyMfa) ConvertColorSetting(setting structs.ColorSetting) color.Color

func (*TinyMfa) GenerateExtendedSecretKey added in v0.3.0 

func (tinymfa *TinyMfa) GenerateExtendedSecretKey() (*[]byte, error)

GenerateExtendedSecretKey returns 32bytes to be used as a secret key

func (*TinyMfa) GenerateMessage added in v0.3.0 

func (tinymfa *TinyMfa) GenerateMessage(timestamp int64, offsetType uint8) int64

GenerateMessage takes in a Unix Timestamp and an offsetType of 0,1,2 offsetTypes: 0=No Offset; 1=Future Offset; 2=Past Offset

func (*TinyMfa) GenerateMessageBytes added in v0.3.0 

func (tinymfa *TinyMfa) GenerateMessageBytes(message int64) ([]byte, error)

GenerateMessageBytes takes in a int64 number and turns it to a BigEndian byte array

func (*TinyMfa) GenerateQrCode added in v0.3.0 

func (tinymfa *TinyMfa) GenerateQrCode(issuer, user string, secret *string, digits uint8) ([]byte, error)

GenerateQrCode Generates a QRCode of the totp url

func (*TinyMfa) GenerateSecretKey added in v0.3.0 

func (tinymfa *TinyMfa) GenerateSecretKey(size int8) (*[]byte, error)

generateSecretKey returns size bytes to be used as a secret key

func (*TinyMfa) GenerateStandardSecretKey added in v0.3.0 

func (tinymfa *TinyMfa) GenerateStandardSecretKey() (*[]byte, error)

GenerateStandardSecretKey returns 16bytes to be used as a secret key

func (*TinyMfa) GenerateValidToken added in v0.3.0 

func (tinymfa *TinyMfa) GenerateValidToken(unixTimestamp int64, key *[]byte, offsetType, tokenlength uint8) (int, error)

GenerateValidToken takes a Unix Timestamp and a secret key and calculates a valid TOTP token

func (*TinyMfa) GetFormatString added in v0.3.0 

func (tinymfa *TinyMfa) GetFormatString() string

GetFormatString returns the current FormatString for the QRCode.

func (*TinyMfa) GetQRCodeConfig added in v0.3.0 

func (tinymfa *TinyMfa) GetQRCodeConfig() structs.QrCodeConfig

GetQRCodeConfig returns the current QRCodeConfig for the QRCode.

func (*TinyMfa) SetFormatString added in v0.3.0 

func (tinymfa *TinyMfa) SetFormatString(formatstring string)

SetFormatString sets the FormatString for the QRCode.

func (*TinyMfa) SetQRCodeConfig added in v0.3.0 

func (tinymfa *TinyMfa) SetQRCodeConfig(qrcodeConfig structs.QrCodeConfig)

SetQRCodeConfig sets the QRCodeConfig for the QRCode.

func (*TinyMfa) ValidateToken added in v0.3.0 

func (tinymfa *TinyMfa) ValidateToken(token int, key *[]byte, unixTimestamp int64, tokenlength uint8) (bool, error)

ValidateToken takes a submitted token, a secret key and a Unix Timestamp and validates whether the token is valid

func (*TinyMfa) ValidateTokenCurrentTimestamp added in v0.3.0 

func (tinymfa *TinyMfa) ValidateTokenCurrentTimestamp(token int, key *[]byte, tokenlength uint8) Validation

ValidateTokenCurrentTimestamp takes a submitted token and a secret key and validates against the current Unix Timestamp whether the token is valid

func (*TinyMfa) ValidateTokenWithTimestamp added in v0.3.0 

func (tinymfa *TinyMfa) ValidateTokenWithTimestamp(token int, key *[]byte, timestamp int64, tokenlength uint8) Validation

ValidateTokenWithTimestamp takes a submitted token and a secret key and validates against the current Unix Timestamp whether the token is valid

func (*TinyMfa) WriteQrCodeImage added in v0.3.0 

func (tinymfa *TinyMfa) WriteQrCodeImage(issuer, user string, secret *string, digits uint8, filePath string) error

WriteQrCodeImage writes a png to the filesystem

type TinyMfaInterface added in v0.3.0 

type TinyMfaInterface interface {
	// GenerateStandardSecretKey returns 16bytes to be used as a secret key
	GenerateStandardSecretKey() (*[]byte, error)

	// GenerateExtendedSecretKey returns 32bytes to be used as a secret key
	GenerateExtendedSecretKey() (*[]byte, error)

	// generateSecretKey returns size bytes to be used as a secret key
	GenerateSecretKey(size int8) (*[]byte, error)

	// GenerateMessageBytes takes in a int64 number and turns it to a BigEndian byte array
	GenerateMessageBytes(message int64) ([]byte, error)

	// CalculateHMAC calculates the hmac-sha1 value for a given message and key (RFC2104)
	CalculateHMAC(message []byte, key *[]byte) []byte

	// GenerateMessage takes in a Unix Timestamp and an offsetType of 0,1,2
	// offsetTypes: 0=No Offset; 1=Future Offset; 2=Past Offset
	GenerateMessage(timestamp int64, offsetType uint8) int64

	// GenerateValidToken takes a Unix Timestamp and a secret key and calculates a valid TOTP token
	GenerateValidToken(unixTimestamp int64, key *[]byte, offsetType, tokenlength uint8) (int, error)

	// ValidateTokenCurrentTimestamp takes a submitted token and a secret key and validates against the current Unix Timestamp whether the token is valid
	ValidateTokenCurrentTimestamp(token int, key *[]byte, tokenlength uint8) Validation

	// ValidateTokenWithTimestamp takes a submitted token and a secret key and validates against the current Unix Timestamp whether the token is valid
	ValidateTokenWithTimestamp(token int, key *[]byte, timestamp int64, tokenlength uint8) Validation

	// ValidateToken takes a submitted token, a secret key and a Unix Timestamp and validates whether the token is valid
	ValidateToken(token int, key *[]byte, unixTimestamp int64, tokenlength uint8) (bool, error)

	// GenerateQrCode generates a QRCode for the provided issuer, user and secret. It takes in a color setting and number of digits for the TOTP token.
	GenerateQrCode(issuer, user string, secret *string, digits uint8) ([]byte, error)

	// ConvertColorSetting converts the ColorSetting struct into a color.Color object. This is useful for QRCode generation.
	ConvertColorSetting(setting structs.ColorSetting) color.Color

	// WriteQrCodeImage writes a png to the filesystem
	WriteQrCodeImage(issuer, user string, secret *string, digits uint8, filepath string) error

	// builds the payload for the QRCode. In detail, this takes the otpAuthURL Formatstring constant
	// and formats it using the details provided in the method call.
	BuildPayload(issuer, username string, secret *string, digits uint8) string

	// SetFormatString sets the FormatString for the QRCode.
	SetFormatString(formatstring string)

	// GetFormatString returns the current FormatString for the QRCode.
	GetFormatString() string

	// SetQRCodeConfig sets the QRCodeConfig for the QRCode.
	SetQRCodeConfig(qrcodeConfig structs.QrCodeConfig)

	// GetQRCodeConfig returns the current QRCodeConfig for the QRCode.
	GetQRCodeConfig() structs.QrCodeConfig
	// contains filtered or unexported methods
}

func NewTinyMfa added in v0.3.0 

func NewTinyMfa() TinyMfaInterface

type Validation added in v0.3.0 

type Validation struct {
	Message int64
	Success bool
	Error   error
}

Validation is a struct used to return the result of a token validation

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳