RubyGems - otp - Versions diffs - 0.0.4 → 0.0.5 - Mend

otp 0.0.4 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f2cff8ad3604a6598f352b74b34c4e9414117a59
-  data.tar.gz: ea8d49ef4dfcf5fd5f0b56864e62c30ada976aac
+  metadata.gz: 950f885b455852f76538a68b7c6fb05b01a467cb
+  data.tar.gz: ff52168dded70e183a28edd3ef1803b9a2fd9ecc
 SHA512:
-  metadata.gz: 6f215a20f4330cad4bea4b5758175784dd9db09f15b417a8db3d1e17386268ee6019dccae63074ddf9ffd6bf9179d4a08700096447c5ef1f42dda2b5128c4617
-  data.tar.gz: 2d18ba3ef5dadff11b78327dae54f2060c4b1b82a2afdbfba9b1de80ddcd92de4e6e92b51c8821022bb2a38627def98121693b8916f400037dc09524c21fc829
+  metadata.gz: 86fbcf11687d81382349e07639c5f70824c00b913040e453bc71e0cccfebad662e377d38a28b2be0667f94ea8d181449f71d75f109bb31a1b01d11b8e3051b95
+  data.tar.gz: 4d004267238bea39655fb54492deb785b818cfcd63eed217c299444e230a60c2fa03a075367e7365cb9a7f96f383cb36660176b4069432d20590b41f1b78d42b

data/lib/otp/base.rb CHANGED

@@ -29,21 +29,23 @@ module OTP
       raise NotImplementedError
     end
-    def otp
+    def otp(generation=0)
       hash = hmac(algorithm, OTP::Base32.decode(secret),
-                  pack_int64(moving_factor))
+                  pack_int64(moving_factor+generation))
       return truncate(hash)
     end
-    def password
-      pw = (otp % (10 ** digits)).to_s
+    def password(generation=0)
+      pw = (otp(generation) % (10 ** digits)).to_s
       pw = "0" + pw while pw.length < digits
       return pw
     end
-    def verify(otp)
-      return false if otp.nil? || otp.empty?
-      return compare(password, otp)
+    def verify(given_pw, last:0, post:0)
+      raise "last must be greater than or equal to 0" if last < 0
+      raise "post must be greater than or equal to 0" if post < 0
+      return false if given_pw.nil? || given_pw.empty?
+      return (-last..post).any?{|i| compare(password(i), given_pw) }
     end
     ## URI related methods

data/lib/otp/version.rb CHANGED

@@ -1,4 +1,4 @@
 module OTP
-  VERSION = "0.0.4"
+  VERSION = "0.0.5"
 end

data/test/test_base32.rb CHANGED

@@ -27,4 +27,15 @@ class TestBase32 < Test::Unit::TestCase
     assert_encode_decode("foobar", "MZXW6YTBOI======")
     assert_encode_decode("\u{3042}\u{3044}\u{3046}\u{3048}\u{304a}", "4OAYFY4BQTRYDBXDQGEOHAMK")
   end
+  def test_truncated_decode
+    assert_decode("f", "MY")
+    assert_decode("fo", "MZXQ")
+    assert_decode("foo", "MZXW6")
+    assert_decode("foob", "MZXW6YQ")
+    assert_decode("f", "my")
+    assert_decode("fo", "mzxq")
+    assert_decode("foo", "mzxw6")
+    assert_decode("foob", "mzxw6yq")
+  end
 end

data/test/test_hotp.rb CHANGED

@@ -23,4 +23,30 @@ class TestHTOP < Test::Unit::TestCase
     assert_hotp(hotp, 8, "399871")
     assert_hotp(hotp, 9, "520489")
   end
+  def test_last_and_post
+    seed = "12345678901234567890"
+    hotp = OTP::HOTP.new(OTP::Base32.encode(seed), "SHA1", 6)
+    hotp.count = 5
+    assert(!hotp.verify("359152", last:2))  # pass for 2
+    assert(hotp.verify("969429", last:2))  # pass for 3
+    assert(hotp.verify("338314", last:2))  # pass for 4
+    assert(hotp.verify("254676", last:2))  # pass for 5
+    assert(!hotp.verify("287922", last:2))  # pass for 6
+    assert(!hotp.verify("338314", post:2))  # pass for 4
+    assert(hotp.verify("254676", post:2))  # pass for 5
+    assert(hotp.verify("287922", post:2))  # pass for 6
+    assert(hotp.verify("162583", post:2))  # pass for 7
+    assert(!hotp.verify("399871", post:2))  # pass for 8
+    assert(!hotp.verify("359152", last:2, post:2))  # pass for 2
+    assert(hotp.verify("969429", last:2, post:2))  # pass for 3
+    assert(hotp.verify("338314", last:2, post:2))  # pass for 4
+    assert(hotp.verify("254676", post:2, post:2))  # pass for 5
+    assert(hotp.verify("287922", post:2, post:2))  # pass for 6
+    assert(hotp.verify("162583", post:2, post:2))  # pass for 7
+    assert(!hotp.verify("399871", post:2, post:2))  # pass for 8
+  end
 end

data/test/test_totp.rb CHANGED

@@ -41,4 +41,34 @@ class TestTOTP < Test::Unit::TestCase
     assert_totp(totp, 2000000000,  "38618901")
     assert_totp(totp, 20000000000, "47863826")
   end
+  def test_last_and_post
+    seed = "12345678901234567890"
+    totp = OTP::TOTP.new(OTP::Base32.encode(seed), "SHA1", 8)
+    totp.time = Time.at(1433502016)
+    assert(!totp.verify("71170909"))
+    assert(totp.verify("50451956"))  # current
+    assert(!totp.verify("36432053"))
+    assert(!totp.verify("79346509", last:2))
+    assert(totp.verify("60048391", last:2))
+    assert(totp.verify("71170909", last:2))
+    assert(totp.verify("50451956", last:2))  # current
+    assert(!totp.verify("36432053", last:2))
+    assert(!totp.verify("71170909", post:2))
+    assert(totp.verify("50451956", post:2))  # current
+    assert(totp.verify("36432053", post:2))
+    assert(totp.verify("78660635", post:2))
+    assert(!totp.verify("97845627", post:2))
+    assert(!totp.verify("79346509", last:2, post:2))
+    assert(totp.verify("60048391", last:2, post:2))
+    assert(totp.verify("71170909", last:2, post:2))
+    assert(totp.verify("50451956", last:2, post:2))  # current
+    assert(totp.verify("36432053", last:2, post:2))
+    assert(totp.verify("78660635", last:2, post:2))
+    assert(!totp.verify("97845627", last:2, post:2))
+  end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: otp
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Yuuzou Gotou
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-06-04 00:00:00.000000000 Z
+date: 2015-06-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler