xfox111/SimpleOTP
1
0
Fork 0
mirror of https://github.com/XFox111/SimpleOTP.git synced 2026-04-22 08:00:45 +03:00
Code Wiki Activity
Page: Implementing custom hashing algorithms
Pages
API reference ASP.NET code validation Basic example Code style Contribution Guidelines Home Implementing custom hashing algorithms Implementing custom secret encoding simpleotp.converters.otpalgorithmjsonconverter simpleotp.converters.otpcodejsonconverter simpleotp.converters.otpconfigjsonconverter simpleotp.converters.otpsecretjsonconverter simpleotp.dependencyinjection.iotpservice simpleotp.dependencyinjection.otpoptions simpleotp.dependencyinjection.otpserviceconfig simpleotp.dependencyinjection.otpserviceextensions simpleotp.dependencyinjection.tolerancespanconfig simpleotp.encoding.base32encoder simpleotp.encoding.iencoder simpleotp.fluent.otpbuilder simpleotp.fluent.otpconfigbuilder simpleotp.fluent.otpconfigfluentextensions simpleotp.fluent.otpfluentextensions simpleotp.hashalgorithmproviders simpleotp.hotp simpleotp.otp simpleotp.otpalgorithm simpleotp.otpcode simpleotp.otpconfig simpleotp.otpsecret simpleotp.otptype simpleotp.otpuriformat simpleotp.tolerancespan simpleotp.totp
Clone
1
Implementing custom hashing algorithms
Eugene Fox edited this page 2024-09-18 16:56:42 +03:00
Table of Contents

Important

This tutorial is made for educational purposes only! Do not use custom algorithms in public authenticator implementations!

Justification

This library is designed to be as flexible as possible to suit everyone's needs. This part is no exception, as it possibly can help to improve your service security.

In the current real-world scenarios it is unlikely that you ever need to implement custom algorithms.

Best practicies

Do

  • Do consider creating custom hashing algorithms only for internal business apps implementations
  • Do consider creating custom hashing algorithms only if you believe that will improve your corporate app's security

Don't

  • Do not ever implement custom algorithms for creating otpauth: URIs in public services.
  • Do not override default algorithm providers.

Creating new algorithms

The library utiliezes abstract KeyedHashAlgorithm class when managing different algorithms. If you need to implement a new one, or use one that is not included in the library by default (e.g. HMAC SHA-384), you can create a new class that inherits KeyedHashAlgorithm and override its methods.

Registering provider

The library has a mechanism that detects hashing algorithms based on OtpAlgorithm value. If you need to implement a new algorithm, you can register it using HashAlgorithmProviders.AddProvider method:

HashAlgorithmProviders.AddProvider<HMACSHA384>((OtpAlgorithm)"SHA384");

Once it has been registered it will be automatically recognized and used by the library.

Providers recognized by default and not required to be registered are:

Example

using SimpleOTP;
using SimpleOTP.Fluent;

HashAlgorithmProviders.AddProvider<HMACSHA384>((OtpAlgorithm)"SHA384");

string uri = "otpauth://totp/user@example.com?secret=KRUGKIDROVUWG2ZAMJZG653OEBTG66BO&algorithm=SHA384&issuer=example.com";

OtpConfig config = OtpConfig.Parse(uri);
Console.WriteLine(config.Algorithm); // SHA384
Console.WriteLine(config.ToUri()); // otpauth://totp/user@example.com?secret=KRUGKIDROVUWG2ZAMJZG653OEBTG66BO&algorithm=SHA384&issuer=example.com

Otp generator = OtpBuilder.FromConfig(config);
generator.Generate();	// Will use HMACSHA384 algorithm

Bluesky GitHub Buy Me a Coffee

©2025 Eugene Fox. Licensed under MIT license