feat: improve HOTP generation for longer OTPs

- Use BigInt for handling larger number ranges
- Dynamically calculate bytes needed based on digits and character set
- Ensure OTP generation works correctly for more than 6 digits
- Add test to verify OTP generation with extended character set and length

Author: kentcdodds

index.js

@@ -56,17 +56,22 @@ async function generateHOTP(
 	)
 	const signature = await crypto.subtle.sign('HMAC', key, byteCounter)
 	const hashBytes = new Uint8Array(signature)
-	const offset = hashBytes[19] & 0xf
-	let hotpVal =
-		((hashBytes[offset] & 0x7f) << 24) |
-		((hashBytes[offset + 1] & 0xff) << 16) |
-		((hashBytes[offset + 2] & 0xff) << 8) |
-		(hashBytes[offset + 3] & 0xff)
+
+	// Use more bytes for longer OTPs
+	const bytesNeeded = Math.ceil((digits * Math.log2(charSet.length)) / 8)
+	const offset = hashBytes[hashBytes.length - 1] & 0xf
+
+	// Convert bytes to BigInt for larger numbers
+	let hotpVal = 0n
+	for (let i = 0; i < Math.min(bytesNeeded, hashBytes.length - offset); i++) {
+		hotpVal = (hotpVal << 8n) | BigInt(hashBytes[offset + i])
+	}
 
 	let hotp = ''
+	const charSetLength = BigInt(charSet.length)
 	for (let i = 0; i < digits; i++) {
-		hotp = charSet.charAt(hotpVal % charSet.length) + hotp
-		hotpVal = Math.floor(hotpVal / charSet.length)
+		hotp = charSet.charAt(Number(hotpVal % charSetLength)) + hotp
+		hotpVal = hotpVal / charSetLength
 	}
 
 	return hotp

index.test.js

@@ -114,3 +114,34 @@ test('OTP Auth URI can be generated', async () => {
 	})
 	assert.match(uri, /^otpauth:\/\/totp\/(.*)\?/)
 })
+
+test('OTP with digits > 6 should not pad with first character of charSet', async () => {
+	const charSet = 'ABCDEFGHIJKLMNPQRSTUVWXYZ123456789'
+	const iterations = 100
+	let allOtps = []
+
+	for (let i = 0; i < iterations; i++) {
+		const { otp } = await generateTOTP({
+			algorithm: 'SHA-256',
+			charSet,
+			digits: 12,
+			period: 60 * 30,
+		})
+		allOtps.push(otp)
+
+		// Verify the OTP only contains characters from the charSet
+		assert.match(
+			otp,
+			new RegExp(`^[${charSet}]{12}$`),
+			'OTP should be 12 characters from the charSet'
+		)
+
+		// The first 6 characters should not all be 'A' (first char of charSet)
+		const firstSixChars = otp.slice(0, 6)
+		assert.notStrictEqual(
+			firstSixChars,
+			'A'.repeat(6),
+			'First 6 characters should not all be A'
+		)
+	}
+})