Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP


Please add cl-one-time-passwords #480

bhyde opened this Issue · 5 comments

2 participants


It's lives here, and this is it's system file:

Previwe of
"One time passwords provide a way to do authentication based on a shared secret without revealing that secret on the communciation channel.

Two well specified ways of generating OTPs are:

  • HOTP - An HMAC-Based One-Time Password Algorithm, i.e. RFC 4226
  • TOTP - Time-Based One-Time Password Algorithm , i.e. RFC 6238

These are commonly used as one factor in two factor authentication systems. For example Google uses these. For example Google's Authenticator App for most smart phones will generate one time passwords once it has been configured with the shared secret(s) for your account(s).

Cl-one-time-passwords implements HOTP and TOTP in Common Lisp. ..."


Note: This was called cl-otp, but now it's called cl-one-time-passwords. Hopefully, the issue's text has been changed to reflect that.


Your defpackage forms don't include a :use clause - on SBCL that means that the CL package is not used, and that causes compilation failure when looking for functions named e.g. CL-HOTP::MAKE-ARRAY.


Thanks, I've mindlessly pushed a fix.

@bhyde bhyde closed this
@bhyde bhyde reopened this

The package fix looks good, but SBCL now complains about clobbering literal data in HMAC-SHA-N. You want me to open up a separate issue for that?


"clobbering literal data" has been addressed.

@quicklisp quicklisp closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.