10 files changed, 673 insertions, 0 deletions
diff --git a/node_modules/notp/.npmignore b/node_modules/notp/.npmignore
new file mode 100644
index 0000000..3c3629e
--- /dev/null
+++ b/node_modules/notp/.npmignore
@@ -0,0 +1 @@
+node_modules
diff --git a/node_modules/notp/.travis.yml b/node_modules/notp/.travis.yml
new file mode 100644
index 0000000..853e369
--- /dev/null
+++ b/node_modules/notp/.travis.yml
@@ -0,0 +1,6 @@
+language: node_js
+node_js:
+  - "0.6"
+  - "0.8"
+  - "0.10"
+  - "0.11"
diff --git a/node_modules/notp/LICENSE b/node_modules/notp/LICENSE
new file mode 100644
index 0000000..f344640
--- /dev/null
+++ b/node_modules/notp/LICENSE
@@ -0,0 +1,22 @@
+(The MIT License)
+
+Copyright (c) 2011 Guy Halford-Thompson <guy@cach.me>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/node_modules/notp/Readme.md b/node_modules/notp/Readme.md
new file mode 100644
index 0000000..ca2abd6
--- /dev/null
+++ b/node_modules/notp/Readme.md
@@ -0,0 +1,135 @@
+[![Build Status](https://travis-ci.org/guyht/notp.svg)](https://travis-ci.org/guyht/notp)
+
+# Node One Time Password library
+ Simple to use, fast, and with zero dependencies.  The Node One Time Password library is fully compliant with [HOTP](http://tools.ietf.org/html/rfc4226) (counter based one time passwords) and [TOTP](http://tools.ietf.org/html/rfc6238) (time based one time passwords).  It can be used in conjunction with the [Google Authenticator](http://code.google.com/p/google-authenticator/) which has free apps for iOS, Android and BlackBerry.
+
+# Installation
+
+```
+npm install notp
+```
+
+# Usage
+
+```javascript
+var notp = require('notp');
+
+//.... some initial login code, that receives the user details and TOTP / HOTP token
+
+var key = 'secret key for user... could be stored in DB';
+var token = 'user supplied one time use token';
+
+// Check TOTP is correct (HOTP if hotp pass type)
+var login = notp.totp.verify(token, key);
+
+// invalid token if login is null
+if (!login) {
+    return console.log('Token invalid');
+}
+
+// valid token
+console.log('Token valid, sync value is %s', login.delta);
+```
+
+## Google Authenticator
+
+[Google authenticator](https://code.google.com/p/google-authenticator/) requires that keys be base32 encoded before being used. This includes manual entry into the app as well as preparing a QR code URI.
+
+To base32 encode a utf8 key you can use the `thirty-two` module.
+
+```javascript
+var base32 = require('thirty-two');
+
+var key = 'secret key for the user';
+
+// encoded will be the secret key, base32 encoded
+var encoded = base32.encode(key);
+
+// Google authenticator doesn't like equal signs
+var encodedForGoogle = encoded.toString().replace(/=/g,'');
+
+// to create a URI for a qr code (change totp to hotp is using hotp)
+var uri = 'otpauth://totp/somelabel?secret=' + encodedForGoogle;
+```
+
+Note: If your label has spaces or other invalid uri characters you will need to encode it accordingly using `encodeURIComponent` More details about the uri key format can be found on the [google auth wiki](https://code.google.com/p/google-authenticator/wiki/KeyUriFormat)
+
+# API
+##hotp.verify(token, key, opt)
+
+Check a counter based one time password for validity.
+
+Returns null if token is not valid for given key and options.
+
+Returns an object `{delta: #}` if the token is valid. `delta` is the count skew between client and server.
+
+### opt
+**window**
+> The allowable margin for the counter. The function will check `window` codes in the future against the provided token.
+> i.e. if `window = 100` and `counter = 5` all tokens between 5 and 105 will be checked against the supplied token
+> Default - 50
+
+**counter**
+> Counter value. This should be stored by the application on a per user basis. It is up to the application to track and increment this value as needed. It is also up to the application to increment this value if there is a skew between the client and server (`delta`)
+
+##totp.verify(token, key, opt)
+
+Check a time based one time password for validity
+
+Returns null if token is not valid for given key and options.
+
+Returns an object `{delta: #}` if the token is valid. `delta` is the count skew between client and server.
+
+### opt
+**window**
+> The allowable margin for the counter. The function will check `window` codes in the future against the provided token.
+> i.e. if `window = 5` and `counter = 1000` all tokens between 995 and 1005 will be checked against the supplied token
+> Default - 6
+
+**time**
+> The time step of the counter. This must be the same for every request and is used to calculate C.
+> Default - 30
+
+##hotp.gen(key, opt)
+
+Return a counter based one time password
+
+### opt
+**counter**
+> Counter value. This should be stored by the application, must be user specific, and be incremented for each request.
+
+##totp.gen(key, opt)
+
+Return a time based one time password
+
+### opt
+**time**
+> The time step of the counter. This must be the same for every request and is used to calculate C.
+> Default - 30
+
+# Migrating from 1.x to 2.x
+
+## Removed
+The `encBase32` and `decBase32` methods have been removed. If you wish to encode/decode base32 you should install a module to do so. We recommend the `thirty-two` npm module.
+
+## Changed
+
+All of the APIs have been changed to return values directly instead of using callbacks. This reflects the fact that the functions are actually synchronous and perform no I/O.
+
+Some of the required arguments to the functions have also been removed from the `args` parameter and are passed as separate function parameters. See the above API docs for details.
+
+* `notp.checkHOTP(args, err, cb)` -> `notp.hotp.verify(token, key, opt)`
+* `notp.checkTOTP(args, err, cb)` -> `notp.totp.verify(token, key, opt)`
+* `notp.getHOTP(args, err, cb)` -> `notp.gotp.gen(key, opt)`
+* `notp.getTOTP(args, err, cb)` -> `notp.totp.gen(key, opt)`
+
+## Args
+
+The argument names have also changed to better describe the purpose of the argument.
+
+* `K` -> no longer in args/opt but passed directly as a function argument
+* `P` -> no longer in args/opt but passed directly as a function argument
+* `W` -> `window`
+* `C` -> `counter`
+* `T` -> `time`
+
diff --git a/node_modules/notp/examples/TOTP-verify.js b/node_modules/notp/examples/TOTP-verify.js
new file mode 100644
index 0000000..78dedd2
--- /dev/null
+++ b/node_modules/notp/examples/TOTP-verify.js
@@ -0,0 +1,33 @@
+
+var notp = require('../index'),
+    t2 = require('thirty-two'),
+    K = '12345678901234567890',
+	b32 = t2.encode(K);
+
+console.log('Click on this link to gennerate a QR code, and use Google Authenticator on your phone to read it:');
+console.log('http://qrcode.kaywa.com/img.php?s=8&d=' + encodeURIComponent('otpauth://totp/notp@example.com?secret=' + b32));
+verify();
+
+function verify() {
+    ask('Enter a code to verify', function(code) {
+        if(notp.totp.verify(code, K, {})) {
+            console.log('Success!!!');
+        }
+        console.log(notp.totp.verify(code, K, {}));
+        verify();
+    });
+}
+
+
+
+function ask(question, callback) {
+    var stdin = process.stdin, stdout = process.stdout;
+
+    stdin.resume();
+    stdout.write(question + ": ");
+
+    stdin.once('data', function(data) {
+        data = data.toString().trim();
+        callback(data);
+    });
+}
diff --git a/node_modules/notp/examples/TOTP.js b/node_modules/notp/examples/TOTP.js
new file mode 100644
index 0000000..b81a21c
--- /dev/null
+++ b/node_modules/notp/examples/TOTP.js
@@ -0,0 +1,15 @@
+
+var notp = require('../index'),
+    t2 = require('thirty-two'),
+    K = '12345678901234567890',
+	b32 = t2.encode(K);
+
+console.log('Getting current counter value for K = 12345678901234567890');
+console.log('This has a base32 value of ' + b32);
+console.log('The base32 value should be entered in the Google Authenticator App');
+console.log('');
+console.log('Open the following URL for a QR code.  Google Authenticator can read this QR code using your phone\'s camera:');
+console.log('http://qrcode.kaywa.com/img.php?s=8&d=' + encodeURIComponent('otpauth://totp/notp@example.com?secret=' + b32));
+
+console.log('The current TOTP value is ' + notp.totp.gen(K, {}));
+
diff --git a/node_modules/notp/index.js b/node_modules/notp/index.js
new file mode 100644
index 0000000..de0d91f
--- /dev/null
+++ b/node_modules/notp/index.js
@@ -0,0 +1,221 @@
+
+var crypto = require('crypto');
+
+var hotp = {};
+
+/**
+ * Generate a counter based One Time Password
+ *
+ * @return {String} the one time password
+ *
+ * Arguments:
+ *
+ *  args
+ *     key - Key for the one time password.  This should be unique and secret for
+ *         every user as this is the seed that is used to calculate the HMAC
+ *
+ *     counter - Counter value.  This should be stored by the application, must
+ *         be user specific, and be incremented for each request.
+ *
+ */
+hotp.gen = function(key, opt) {
+	key = key || '';
+	opt = opt || {};
+	var counter = opt.counter || 0;
+
+	var p = 6;
+
+	// Create the byte array
+	var b = new Buffer(intToBytes(counter));
+
+	var hmac = crypto.createHmac('sha1', new Buffer(key));
+
+	// Update the HMAC with the byte array
+	var digest = hmac.update(b).digest('hex');
+
+	// Get byte array
+	var h = hexToBytes(digest);
+
+	// Truncate
+	var offset = h[19] & 0xf;
+	var v = (h[offset] & 0x7f) << 24 |
+		(h[offset + 1] & 0xff) << 16 |
+		(h[offset + 2] & 0xff) << 8  |
+		(h[offset + 3] & 0xff);
+
+	v = v + '';
+
+	return v.substr(v.length - p, p);
+};
+
+/**
+ * Check a One Time Password based on a counter.
+ *
+ * @return {Object} null if failure, { delta: # } on success
+ * delta is the time step difference between the client and the server
+ *
+ * Arguments:
+ *
+ *  args
+ *     key - Key for the one time password.  This should be unique and secret for
+ *         every user as it is the seed used to calculate the HMAC
+ *
+ *     token - Passcode to validate.
+ *
+ *     window - The allowable margin for the counter.  The function will check
+ *         'W' codes in the future against the provided passcode.  Note,
+ *         it is the calling applications responsibility to keep track of
+ *         'W' and increment it for each password check, and also to adjust
+ *         it accordingly in the case where the client and server become
+ *         out of sync (second argument returns non zero).
+ *         E.g. if W = 100, and C = 5, this function will check the passcode
+ *         against all One Time Passcodes between 5 and 105.
+ *
+ *         Default - 50
+ *
+ *     counter - Counter value.  This should be stored by the application, must
+ *         be user specific, and be incremented for each request.
+ *
+ */
+hotp.verify = function(token, key, opt) {
+	opt = opt || {};
+	var window = opt.window || 50;
+	var counter = opt.counter || 0;
+
+	// Now loop through from C to C + W to determine if there is
+	// a correct code
+	for(var i = counter - window; i <=  counter + window; ++i) {
+		opt.counter = i;
+		if(this.gen(key, opt) === token) {
+			// We have found a matching code, trigger callback
+			// and pass offset
+			return { delta: i - counter };
+		}
+	}
+
+	// If we get to here then no codes have matched, return null
+	return null;
+};
+
+var totp = {};
+
+/**
+ * Generate a time based One Time Password
+ *
+ * @return {String} the one time password
+ *
+ * Arguments:
+ *
+ *  args
+ *     key - Key for the one time password.  This should be unique and secret for
+ *         every user as it is the seed used to calculate the HMAC
+ *
+ *     time - The time step of the counter.  This must be the same for
+ *         every request and is used to calculat C.
+ *
+ *         Default - 30
+ *
+ */
+totp.gen = function(key, opt) {
+	opt = opt || {};
+	var time = opt.time || 30;
+	var _t = new Date().getTime();;
+
+	// Time has been overwritten.
+	if(opt._t) {
+		if(process.env.NODE_ENV != 'test') {
+			throw new Error('cannot overwrite time in non-test environment!');
+		}
+		_t = opt._t;
+	}
+
+	// Determine the value of the counter, C
+	// This is the number of time steps in seconds since T0
+	opt.counter = Math.floor((_t / 1000) / time);
+
+	return hotp.gen(key, opt);
+};
+
+/**
+ * Check a One Time Password based on a timer.
+ *
+ * @return {Object} null if failure, { delta: # } on success
+ * delta is the time step difference between the client and the server
+ *
+ * Arguments:
+ *
+ *  args
+ *     key - Key for the one time password.  This should be unique and secret for
+ *         every user as it is the seed used to calculate the HMAC
+ *
+ *     token - Passcode to validate.
+ *
+ *     window - The allowable margin for the counter.  The function will check
+ *         'W' codes either side of the provided counter.  Note,
+ *         it is the calling applications responsibility to keep track of
+ *         'W' and increment it for each password check, and also to adjust
+ *         it accordingly in the case where the client and server become
+ *         out of sync (second argument returns non zero).
+ *         E.g. if W = 5, and C = 1000, this function will check the passcode
+ *         against all One Time Passcodes between 995 and 1005.
+ *
+ *         Default - 6
+ *
+ *     time - The time step of the counter.  This must be the same for
+ *         every request and is used to calculate C.
+ *
+ *         Default - 30
+ *
+ */
+totp.verify = function(token, key, opt) {
+	opt = opt || {};
+	var time = opt.time || 30;
+	var _t = new Date().getTime();
+
+	// Time has been overwritten.
+	if(opt._t) {
+		if(process.env.NODE_ENV != 'test') {
+			throw new Error('cannot overwrite time in non-test environment!');
+		}
+		_t = opt._t;
+	}
+
+	// Determine the value of the counter, C
+	// This is the number of time steps in seconds since T0
+	opt.counter = Math.floor((_t / 1000) / time);
+
+	return hotp.verify(token, key, opt);
+};
+
+module.exports.hotp = hotp;
+module.exports.totp = totp;
+
+/**
+ * convert an integer to a byte array
+ * @param {Integer} num
+ * @return {Array} bytes
+ */
+var intToBytes = function(num) {
+	var bytes = [];
+
+	for(var i=7 ; i>=0 ; --i) {
+		bytes[i] = num & (255);
+		num = num >> 8;
+	}
+
+	return bytes;
+};
+
+
+/**
+ * convert a hex value to a byte array
+ * @param {String} hex string of hex to convert to a byte array
+ * @return {Array} bytes
+ */
+var hexToBytes = function(hex) {
+	var bytes = [];
+	for(var c = 0; c < hex.length; c += 2) {
+		bytes.push(parseInt(hex.substr(c, 2), 16));
+	}
+	return bytes;
+};
diff --git a/node_modules/notp/package.json b/node_modules/notp/package.json
new file mode 100644
index 0000000..06b8442
--- /dev/null
+++ b/node_modules/notp/package.json
@@ -0,0 +1,22 @@
+{
+  "author": "Guy Halford-Thompson <guy@guy.ht> (http://guy.ht)",
+  "name": "notp",
+  "description": "Node One Time Password library, supports HOTP, TOTP and works with Google Authenticator",
+  "version": "2.0.3",
+  "homepage": "https://github.com/guyht/notp",
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/guyht/notp.git"
+  },
+  "main": "index.js",
+  "scripts": {
+    "test": "NODE_ENV=test mocha"
+  },
+  "engines": {
+    "node": "> v0.6.0"
+  },
+  "dependencies": {},
+  "devDependencies": {
+    "mocha": "~1.18.2"
+  }
+}
diff --git a/node_modules/notp/test/mocha.opts b/node_modules/notp/test/mocha.opts
new file mode 100644
index 0000000..e3ca00a
--- /dev/null
+++ b/node_modules/notp/test/mocha.opts
@@ -0,0 +1 @@
+--ui exports
diff --git a/node_modules/notp/test/notp.js b/node_modules/notp/test/notp.js
new file mode 100644
index 0000000..cfef9dd
--- /dev/null
+++ b/node_modules/notp/test/notp.js
@@ -0,0 +1,217 @@
+var notp = require('..');
+var assert = require('assert');
+
+/*
+ * Test HOTtoken.  Uses test values from RFcounter 4226
+ *
+ *
+ *    The following test data uses the AScounterII string
+ *    "12345678901234567890" for the secret:
+ *
+ * Secret = 0x3132333435363738393031323334353637383930
+ *
+ * Table 1 details for each count, the intermediate HMAcounter value.
+ *
+ * counterount    Hexadecimal HMAcounter-SHA-1(secret, count)
+ * 0        cc93cf18508d94934c64b65d8ba7667fb7cde4b0
+ * 1        75a48a19d4cbe100644e8ac1397eea747a2d33ab
+ * 2        0bacb7fa082fef30782211938bc1c5e70416ff44
+ * 3        66c28227d03a2d5529262ff016a1e6ef76557ece
+ * 4        a904c900a64b35909874b33e61c5938a8e15ed1c
+ * 5        a37e783d7b7233c083d4f62926c7a25f238d0316
+ * 6        bc9cd28561042c83f219324d3c607256c03272ae
+ * 7        a4fb960c0bc06e1eabb804e5b397cdc4b45596fa
+ * 8        1b3c89f65e6c9e883012052823443f048b4332db
+ * 9        1637409809a679dc698207310c8c7fc07290d9e5
+ *
+ * Table 2 details for each count the truncated values (both in
+ * hexadecimal and decimal) and then the HOTtoken value.
+ *
+ *                   Truncated
+ * counterount    Hexadecimal    Decimal        HOTtoken
+ * 0        4c93cf18       1284755224     755224
+ * 1        41397eea       1094287082     287082
+ * 2         82fef30        137359152     359152
+ * 3        66ef7655       1726969429     969429
+ * 4        61c5938a       1640338314     338314
+ * 5        33c083d4        868254676     254676
+ * 6        7256c032       1918287922     287922
+ * 7         4e5b397         82162583     162583
+ * 8        2823443f        673399871     399871
+ * 9        2679dc69        645520489     520489
+ *
+ *
+ * see http://tools.ietf.org/html/rfc4226
+ */
+exports.testHOTP = function() {
+	var key = '12345678901234567890';
+	var opt = {
+		window : 0,
+	};
+	var HOTP = ['755224', '287082','359152', '969429', '338314', '254676', '287922', '162583', '399871', '520489'];
+
+	// make sure we can not pass in opt
+	notp.hotp.verify('WILL NOT PASS', key);
+
+	// counterheck for failure
+	opt.counter = 0;
+	assert.ok(!notp.hotp.verify('WILL NOT PASS', key, opt), 'Should not pass');
+
+	// counterheck for passes
+	for(i=0;i<HOTP.length;i++) {
+		opt.counter = i;
+		var res = notp.hotp.verify(HOTP[i], key, opt);
+
+		assert.ok(res, 'Should pass');
+		assert.equal(res.delta, 0, 'Should be in sync');
+	}
+};
+
+
+/*
+ * Test TOTtoken using test vectors from TOTtoken RFcounter.
+ *
+ * see http://tools.ietf.org/id/draft-mraihi-totp-timebased-06.txt
+ */
+exports.testTOTtoken = function() {
+	var key = '12345678901234567890';
+	var opt = {
+		window : 0,
+	};
+
+	// make sure we can not pass in opt
+	notp.totp.verify(token, key);
+
+	// counterheck for failure
+	opt.time = 0;
+	var token = 'windowILLNOTtokenASS';
+	assert.ok(!notp.totp.verify(token, key, opt), 'Should not pass');
+
+	// counterheck for test vector at 59s
+	opt._t = 59*1000;
+	var token = '287082';
+	var res = notp.totp.verify(token, key, opt);
+	assert.ok(res, 'Should pass');
+	assert.equal(res.delta, 0, 'Should be in sync');
+
+	// counterheck for test vector at 1234567890
+	opt._t = 1234567890*1000;
+	var token = '005924';
+	var res = notp.totp.verify(token, key, opt);
+	assert.ok(res, 'Should pass');
+	assert.equal(res.delta, 0, 'Should be in sync');
+
+	// counterheck for test vector at 1111111109
+	opt._t = 1111111109*1000;
+	var token = '081804';
+	var res = notp.totp.verify(token, key, opt);
+	assert.ok(res, 'Should pass');
+	assert.equal(res.delta, 0, 'Should be in sync');
+
+	// counterheck for test vector at 2000000000
+	opt._t = 2000000000*1000;
+	var token = '279037';
+	var res = notp.totp.verify(token, key, opt);
+	assert.ok(res, 'Should pass');
+	assert.equal(res.delta, 0, 'Should be in sync');
+};
+
+
+/*
+ * counterheck for codes that are out of sync
+ * windowe are going to use a value of counter = 1 and test against
+ * a code for counter = 9
+ */
+exports.testHOTPOutOfSync = function() {
+
+	var key = '12345678901234567890';
+	var token = '520489';
+
+	var opt = {
+		counter : 1
+	};
+
+	// counterheck that the test should fail for window < 8
+	opt.window = 7;
+	assert.ok(!notp.hotp.verify(token, key, opt), 'Should not pass for value of window < 8');
+
+	// counterheck that the test should pass for window >= 9
+	opt.window = 8;
+	assert.ok(notp.hotp.verify(token, key, opt), 'Should pass for value of window >= 9');
+
+    // counterheck that test should pass for negative counter values
+    token = '755224';
+    opt.counter = 7
+    opt.window = 8;
+    assert.ok(notp.hotp.verify(token, key, opt), 'Should pass for negative counter values');
+};
+
+
+/*
+ * counterheck for codes that are out of sync
+ * windowe are going to use a value of T = 1999999909 (91s behind 2000000000)
+ */
+exports.testTOTPOutOfSync = function() {
+
+	var key = '12345678901234567890';
+	var token = '279037';
+
+	var opt = {
+		_t : 1999999909*1000
+	};
+
+	// counterheck that the test should fail for window < 2
+	opt.window = 2;
+	assert.ok(!notp.totp.verify(token, key, opt), 'Should not pass for value of window < 3');
+
+	// counterheck that the test should pass for window >= 3
+	opt.window = 3;
+	assert.ok(notp.totp.verify(token, key, opt), 'Should pass for value of window >= 3');
+};
+
+
+exports.hotp_gen = function() {
+	var key = '12345678901234567890';
+	var opt = {
+		window : 0,
+	};
+
+	var HOTP = ['755224', '287082','359152', '969429', '338314', '254676', '287922', '162583', '399871', '520489'];
+
+	// make sure we can not pass in opt
+	notp.hotp.gen(key);
+
+	// counterheck for passes
+	for(i=0;i<HOTP.length;i++) {
+		opt.counter = i;
+		assert.equal(notp.hotp.gen(key, opt), HOTP[i], 'HOTP value should be correct');
+	}
+};
+
+
+exports.totp_gen = function() {
+	var key = '12345678901234567890';
+	var opt = {
+		window : 0,
+	};
+
+	// make sure we can not pass in opt
+	notp.totp.gen(key);
+
+	// counterheck for test vector at 59s
+	opt._t = 59*1000;
+	assert.equal(notp.totp.gen(key, opt), '287082', 'TOTtoken values should match');
+
+	// counterheck for test vector at 1234567890
+	opt._t = 1234567890*1000;
+	assert.equal(notp.totp.gen(key, opt), '005924', 'TOTtoken values should match');
+
+	// counterheck for test vector at 1111111109
+	opt._t = 1111111109*1000;
+	assert.equal(notp.totp.gen(key, opt), '081804', 'TOTtoken values should match');
+
+	// counterheck for test vector at 2000000000
+	opt._t = 2000000000*1000;
+	assert.equal(notp.totp.gen(key, opt), '279037', 'TOTtoken values should match');
+};
+