Projects / OATH Toolkit

OATH Toolkit

The OATH Toolkit makes it easy to build one-time password authentication systems. It contains shared libraries, commandline tools, and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open AuTHentication, which is the organization which specifies the algorithms. For managing secret key files, the Portable Symmetric Key Container (PSKC) format described in RFC6030 is supported.

Operating Systems

Recent releases

  •  12 Feb 2014 14:25

    Release Notes: This release fixes a usersfile bug which caused it to update the wrong line, and fixes a security vulnerability (CVE-2013-7322).

    •  21 Jul 2013 21:08

      Release Notes: This release adds new liboath API methods for validating TOTP OTPs. The new methods (oath_totp_validate3 and oath_totp_validate3_callback) introduce a new parameter *otp_counter, which is set to the actual counter used to calculate the OTP (unless it is a NULL pointer).

      •  07 Jul 2013 21:43

        Release Notes: This release adds functions for creating PSKC data to libpskc. In liboath, it permits different passwords for different tokens for the same user. It improves building from git with the most recent automake and gengetopt. Valgrind is not enabled by default. The liboath header file is usable from C++ (extern "C" guard).

        •  30 Jan 2013 19:02

          Release Notes: Base32 decoding of keys is now more liberal in what it accepts. If the password in usersfile is "+", it ignores the supplied password. This release fixes the expiry date of some certificates used in the test suite.

          •  24 Oct 2012 18:31

            Release Notes: Signing and verifying PSKC data using XML Digital Signatures and X.509 certificates are now supported by the library and commandline tool. Validation of PSKC data according to the XML Schema is now complete (previously, the XMLDsig+XMLEncryption parts did not work). The --check parameter to pskctool has been renamed to --info.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.