I am currently learning rust and really enjoying everything so far Most intriguing are the almost unbelievably fast web servers you are able to build with rust. I am currently interested in a production-ready (meaning battle-tested & correct) One-Time-Password (OTP) library. Security is of the utmost importance, the library should be reliable if I manage yo implement it correctly.
I don't want to sound to all-demanding or arrogant, I am very curious about the current state-of-art in Rust and very happy to contribute to a crate if there is no mature implementation.
Currently I have found out about these three libraries:
Recently I wrote CLI utility to get my OTP password for github from console.
In scope of it I have to create my own crate https://crates.io/crates/otpshka because at the time most libraries were some mess
It is very minimal crate that only implements password generation itself as per RFC.
When it comes to reliable library you have to inspect code itself. rust-otp looks something simple too
Trussed might be something for you.
They say it's "very much WIP" but I guess this statement is only about API-stability as it is actually used in (security-) products.
In the announcement blog post they say that both Solokeys and Nitrokey are invested in this so it seems unlikely that it will be abandoned any time soon.
I do not think you'll be able to find library that is already deployed in production.
OTP is very simple algorithm, it doesn't even require having a separate library so you might as well implement it yourself.
For cryptographic algorithms I suggest to use ring rather than rust-crypto