![]() getRandomValues ( secret ) // HMAC-SHA1 with our generated secretĬonst hmac = new jsSHA ( "SHA-1", "HEX" ) hmac. In pseudocode, producing a one-time password looks like this:Ĭonst secret = new Uint8Array ( 20 ) crypto. A secure message authentication codes (MAC) is unforgeable, so producing a valid MAC is proof that you are in possession of the correct secret key. The signature method used is a hash-based message authentication code ( HMAC), specifically HMAC-SHA1. If it matches the value the server produced, then the user has been successfully authenticated.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |