totp

totp(time-based one-time password) is an algorithm to generate otp(one-time password) from the unix time.

example

Uint8Array.toTOTP.js

1. import a key from the decoded secret key.
2. generate a counter from divide the unix time by the time step.
3. generate a digital signature from the key and the counter.
4. from the digital signature, use the lowest 4bits as an index to get a 4bytes value.
5. from 4, delete the sign bit to get the lowest 6digits.

3-5 use the same algorithm as hotp(hmac-based one-time password).

crypto.subtle.importKey: import a key
crypto.subtle.sign: generate a digital signature