This library ()partially) implements secret generation and passcode verification according to [RFC 6238] (https://tools.ietf.org/html/rfc6238 "RFC 6238"). It was done as an exercise to learn some Rust and is provided as-is, without any guarantees on correctness, functionality and security, but if you find anything wrong with it or know a way to improve it, feel free to make a PR.

• Generating Authentication Secrets
• Calculating passcodes for timestamps
• Verifying passcodes within a time-step-window according to RFC6238
• Defaults matching Google Authenticator

• Scratch codes
• Probably f*ed up on Big Endian architectures, as I didn't really bother with them
• Documentation
• Proper unit tests

use google_auth::Authenticator;

...

// create authenticator with defaults
let authenticator = google_auth::default()

let auth_key = authenticator.create_credentials();

...

let passcode: u32 = ... // read passcode from user
println!("Correct code? : {}", authenticator.validate_code(auth_key, time::get_time(), passcode));

I mostly relied on a Java implementation of TOTP available [here] (https://github.com/wstrange/GoogleAuth)