$totp returns a TOTP (Time-based One-time Password) based on the specified parameters.
See the Wikipedia page for TOTP for details.
$totp(key[, time[, hash[, digits[, timestep]]]]) </pre>
- key - the key is required and can be base16 format of either 40, 64 or 128 chars; or in a mix of spaces and base32 chars of either 16, 24 or 32 length; or a base32 econding string of any multiple of 8 greater than 8; or plain text - see $hotp for more details.
- time - optional, a time in second, default to $ctime ("in seconds" assumes that 'timestep' is also defined in seconds)
- hash - optional, hashing algorithm, default to sha1 (Other possibles: md5, sha256, sha384, sha512 )
- digits - optional, number of digits, default to 6 (Valid: 3 thru 9)
- timestep - optional, number of timestep, default to 30 when parameter is not a number 1-3600
- Note: "Optional" parameters are not allowed to be $null when defining later parameters.
- Output number is the same for all "time" values where $int($calc(time / timestep)) is the same N value. An application allowing a "grace period" for recognizing tokens for multiple intervals must calculate result where time=time+timestep and time=time-timestep.
- $totp is equivalent to $hotp(key , $int(time / $iif(timestep isnum 1-3600,$v1,30)) , hash , digits )
- (See $hotp for more details how $totp and $hotp parse 'key' for hex/base32 encoding vs plaintext.)
Password changing every hour on-the-hour (long intervals are NOT recommended) //echo -a $totp(Secret case-sensitive Pass Key,$ctime,sha512,9,3600) Because password is short, allowed-retries and length of interval should be short enough to deter brute-force attempts. recognize password reply for the current 30-sec interval plus the prior or following intervals. Uses defaults sha1, 6 digits, and 30 sec interval: var %t1 $ctime , %t2 = $ctime + 30 , %t3 = $ctime - 30 var %totp1 $totp(Secret Key,%t1) , %totp2 $totp(Secret Key,%t2) , %totp3 $totp(Secret Key,%t3) if ($istok(%totp1 %totp2 %totp3,%reply,32)) goto Accepted For internal use only because $ticks is different for everyone, password changes every 2 seconds, but not necessarily at :00 seconds. $totp(Secret Key,$ticks,sha256,9,2000) Because timestep outside the range 1-3600 defaults to 30, must calculate interval separately. //echo -a $totp(secret,$ticks,sha256,9,86400) changes every 30 seconds because invalid timestep. //var %interval $int($calc(($ctime - $timezone) / 86400)) | echo -a password for day %interval is $totp(secret,%interval,sha256,9,1) $totp is a specific usage of $hotp, using the number of timestep intervals as the counter. //var %key password , %ctime $ctime , %timestep 30 , %digits 9 , %hash sha256 , %interval $int($calc($ctime / %timestep)) | echo -a interval %interval ctime %ctime $totp(%key,%ctime,%hash,%digits,%timestep) same as $hotp(%key,%interval,%hash,%digits)
Added: mIRC v7.42
Added on: 17 Jul 2015
Note: Unless otherwise stated, this was the date of original functionality.
Further enhancements may have been made in later versions.