May not work correctly on big endian machines.

--

More like a caveat, the output for SHA1 does not match that expected
by RFC2289; however, it is accepted by the OpenBSD telnet, and is the
same output produced by the otp-sha1 calculator, the only other OTP
implementation I have found that supports SHA1.  The RFC only recommends
supporting SHA1, so this does not prevent otpCalc from being compliant.

I rather think that the RFC is wrong in this case.

If anyone knows of an OTP implementation that matches the output
of the SHA1 section in the RFC, or any bugs in otpCalc, email me at
anthonyu@killa.net.

Thanks,
Anthony

Note: The output for SHA1 has been fixed; it now agrees with RFC 2289
and with S/Key.
 - Ulrich Müller <ulm@gentoo.org>
