otp 0.0.10 → 0.0.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 81f98da9bacd6750a761f89590463ed0777b2b1d
-  data.tar.gz: 710bb562bde9f46efcdf89f5e9777839ba8dbf37
+  metadata.gz: f29c79a8ef901714a1cbc348dfbd36c1f47e4e8e
+  data.tar.gz: 6e51d1a7b778f71092637fa5e3b698fc32f892a7
 SHA512:
-  metadata.gz: a5921f7970174fafc13b4ce15de85f94772ae958338bab7645d9a5804e61b45a6e8ef1666e0a18075dfabb47e52d8356f6fe7a03575d6ac472b5471052a7c755
-  data.tar.gz: 85f05deafa16e5232185255572003d7c3c477ada47079dcd393262983694030f24cc7e540e54d503c4f19f132aee103b1cb5c3b277301efd771cb42f56adbd2c
+  metadata.gz: e83401db9e5f49f49f86667091054f27834d273b505bb5918fe8c2c485292d692c420bd2096eed767093c754cf4c978429d233253937555830944211e727ed3b
+  data.tar.gz: 9e0fdec72d1b9701a53d3253b38479060ea6c04af63efc0bd33e0f1b38df5b753a002f74b8245f804305842158c2476c467a72e896491f545d586fc983114ab1

data/Rakefile

@@ -6,4 +6,9 @@ Rake::TestTask.new(:test) do |test|
   test.verbose = true
 end
 
-task :default => :test
+desc "Run rubocop"
+task :rubocop do
+  sh "rubocop lib -f html -o rubocop.html"
+end
+
+task :default => [:test, :rubocop]

data/lib/otp/base.rb

@@ -42,7 +42,7 @@ module OTP
       raise ArgumentError, "last must be greater than or equal to 0" if last < 0
       raise ArgumentError, "post must be greater than or equal to 0" if post < 0
       return false if given_pw.nil? || given_pw.empty?
-      return (-last..post).any?{|i| compare(password(i), given_pw) }
+      return (-last..post).any?{|i| otp_compare(password(i), given_pw) }
     end
 
     def to_uri

data/lib/otp/base32.rb

@@ -10,68 +10,49 @@ module OTP
       "I"=>8,  "J"=>9,  "K"=>10, "L"=>11, "M"=>12, "N"=>13, "O"=>14, "P"=>15,
       "Q"=>16, "R"=>17, "S"=>18, "T"=>19, "U"=>20, "V"=>21, "W"=>22, "X"=>23,
       "Y"=>24, "Z"=>25, "2"=>26, "3"=>27, "4"=>28, "5"=>29, "6"=>30, "7"=>31,
-      "="=>-1,
-    }
-
-    DECODE_LENGTH = {
-      1 => 1,  #  5 bits -> 1 byte (irregular)
-      2 => 1,  # 10 bits -> 1 byte
-      3 => 2,  # 15 bits -> 2 bytes (irregular)
-      4 => 2,  # 20 bits -> 2 bytes
-      5 => 3,  # 25 bits -> 3 bytes
-      6 => 4,  # 30 bits -> 4 bytes (irregular)
-      7 => 4,  # 35 bits -> 4 bytes
-      8 => 5,  # 40 bits -> 5 bytes
+      "0"=>14, "1"=>11, "8"=>1,                        # mistyped chars
+      " "=>-2, "-"=>-2, "\n"=>-2, "\r"=>-2, "\t"=>-2,  # separators
+      "="=>-1,                                         # padding
     }
 
     module_function
 
-    def encode(bytes, padding: true)
+    def encode(bytes)
       return nil unless bytes
-      pad = padding ? "=" : ""
-      ret = ""
       bytes = bytes.dup.force_encoding("binary")
-      off = 0
-      while off < bytes.length
-        n = 0
-        bits = bytes[off, 5]
-        off += 5
-        l = (bits.length * 8.0 / 5.0).ceil
-        bits << "\0" while bits.length < 5
-        bits.each_byte{|b| n = (n << 8) | b }
-        (1..8).each do |i|
-          ret << ((i > l) ? pad : ENCODE_CHARS[(n >> (8-i)*5) & 0x1f])
+      ret = ""
+      offset = buffer = buffered = 0
+      while offset < bytes.length
+        buffer = ((buffer << 8) | bytes[offset].ord)
+        buffered += 8
+        offset += 1
+        while buffered >= 5
+          ret << ENCODE_CHARS[buffer >> (buffered - 5)]
+          buffered -= 5
+          buffer &= (0xff >> (8 - buffered))
         end
       end
+      if buffered > 0
+        ret << ENCODE_CHARS[buffer << (5 - buffered)]
+      end
       return ret
     end
 
     def decode(chars)
       return nil unless chars
-      ret = ""
+      ret = "".force_encoding("binary")
       chars = chars.upcase
-      ret.force_encoding("binary")
-      off = 0
-      while off < chars.length
-        n = l = 0
-        bits = chars[off, 8]
-        off += 8
-        bits << "=" while bits.length < 8
-        bits.each_char.with_index do |c, i|
-          d = DECODE_MAP[c]
-          if d.nil?
-            raise ArgumentError, "invalid char: #{c}"
-          elsif d < 0
-            n <<= 5 * (8-i)
-            off = chars.length
-            break
-          else
-            n <<= 5
-            n |= d
-            l = DECODE_LENGTH[i+1]
-          end
-        end
-        ret << (1..l).map{|i| (n >> 40 - i * 8) & 0xff }.pack("c*")
+      buffer = buffered = 0
+      chars.each_char do |c|
+        d = DECODE_MAP[c]
+        raise ArgumentError, "invalid char: #{c}" if d.nil?
+        next if d == -2
+        break if d == -1
+        buffer = (buffer << 5) | d
+        buffered += 5
+        next if buffered < 8
+        ret << ((buffer >> (buffered - 8)) & 0xff)
+        buffered -= 8
       end
       return ret
     end

data/lib/otp/utils.rb

@@ -5,35 +5,35 @@ module OTP
     private
 
     def otp(algorithm, secret, moving_factor, digits)
-      message = pack_int64(moving_factor)
-      digest = hmac(algorithm, secret, message)
-      num = pickup(digest)
-      return truncate(num, digits)
+      message = otp_pack_int64(moving_factor)
+      digest = otp_hmac(algorithm, secret, message)
+      num = otp_pickup(digest)
+      return otp_truncate(num, digits)
     end
 
-    def pack_int64(i)
+    def otp_pack_int64(i)
       return [i >> 32 & 0xffffffff, i & 0xffffffff].pack("NN")
     end
 
-    def hmac(algorithm, secret, text)
+    def otp_hmac(algorithm, secret, text)
       mac = OpenSSL::HMAC.new(secret, algorithm)
       mac << text
       return mac.digest
     end
 
-    def pickup(digest)
+    def otp_pickup(digest)
       offset = digest[-1].ord & 0xf
       binary = digest[offset, 4]
       return binary.unpack("N")[0] & 0x7fffffff
     end
 
-    def truncate(num, digits)
+    def otp_truncate(num, digits)
       pw = (num % (10 ** digits)).to_s
       pw.prepend("0") while pw.length < digits
       return pw
     end
 
-    def compare(a, b)
+    def otp_compare(a, b)
       return a.to_i == b.to_i
     end
   end

data/lib/otp/version.rb

@@ -1,3 +1,3 @@
 module OTP
-  VERSION = "0.0.10"
+  VERSION = "0.0.11"
 end

data/test/test_base.rb

@@ -24,8 +24,8 @@ class TestBase < Test::Unit::TestCase
     assert_equal("", otp.secret)
     assert_equal("", otp.raw_secret)
 
-    otp.secret = "MZXW6YTBOI======"
-    assert_equal("MZXW6YTBOI======", otp.secret)
+    otp.secret = "MZXW6YTBOI"
+    assert_equal("MZXW6YTBOI", otp.secret)
     assert_equal("foobar", otp.raw_secret)
 
     otp.secret = "MZXW6YTBOI"
@@ -45,10 +45,21 @@ class TestBase < Test::Unit::TestCase
     assert_equal("", otp.raw_secret)
 
     otp.raw_secret = "foobarbaz"
-    assert_equal("MZXW6YTBOJRGC6Q=", otp.secret)
+    assert_equal("MZXW6YTBOJRGC6Q", otp.secret)
     assert_equal("foobarbaz", otp.raw_secret)
   end
 
+  def test_verify
+    otp = OTP::Base.new
+    e = assert_raise(ArgumentError){ otp.verify("0", last:-1) }
+    assert_match(/last must be greater than or equal to 0/, e.message)
+    e = assert_raise(ArgumentError){ otp.verify("0", post:-1) }
+    assert_match(/post must be greater than or equal to 0/, e.message)
+    assert_equal(false, otp.verify(nil))
+    assert_equal(false, otp.verify(""))
+    assert_raise(NotImplementedError){ otp.verify("0") }
+  end
+
   def test_moving_factor
     base = OTP::Base.new
     hotp = OTP::HOTP.new

data/test/test_base32.rb

@@ -1,8 +1,8 @@
 require_relative "helper"
 
 class TestBase32 < Test::Unit::TestCase
-  def assert_encode(encoded, plain, padding: true)
-    assert_equal(encoded, ::OTP::Base32.encode(plain, padding: padding))
+  def assert_encode(encoded, plain)
+    assert_equal(encoded, ::OTP::Base32.encode(plain))
   end
 
   def assert_decode(plain, encoded)
@@ -10,58 +10,50 @@ class TestBase32 < Test::Unit::TestCase
     assert_equal(plain, ::OTP::Base32.decode(encoded))
   end
 
-  def assert_encode_decode(plain, encoded, padding: true)
+  def assert_encode_decode(plain, encoded)
     assert_decode(plain, encoded)
-    assert_encode(encoded, plain, padding: padding)
+    assert_encode(encoded, plain)
   end
 
   def test_base32
     assert_encode_decode(nil, nil)
     assert_encode_decode("", "")
-    assert_encode_decode("f", "MY======")
-    assert_encode_decode("fo", "MZXQ====")
-    assert_encode_decode("foo", "MZXW6===")
-    assert_encode_decode("foob", "MZXW6YQ=")
+    assert_encode_decode("f", "MY")
+    assert_encode_decode("fo", "MZXQ")
+    assert_encode_decode("foo", "MZXW6")
+    assert_encode_decode("foob", "MZXW6YQ")
     assert_encode_decode("fooba", "MZXW6YTB")
-    assert_encode_decode("foobar", "MZXW6YTBOI======")
+    assert_encode_decode("foobar", "MZXW6YTBOI")
     assert_encode_decode("\u{3042}\u{3044}\u{3046}\u{3048}\u{304a}", "4OAYFY4BQTRYDBXDQGEOHAMK")
   end
 
-  def test_base32_without_padding
-    assert_encode_decode(nil, nil, padding: false)
-    assert_encode_decode("", "", padding: false)
-    assert_encode_decode("f", "MY", padding: false)
-    assert_encode_decode("fo", "MZXQ", padding: false)
-    assert_encode_decode("foo", "MZXW6", padding: false)
-    assert_encode_decode("foob", "MZXW6YQ", padding: false)
-    assert_encode_decode("fooba", "MZXW6YTB", padding: false)
-    assert_encode_decode("foobar", "MZXW6YTBOI", padding: false)
-    assert_encode_decode("\u{3042}\u{3044}\u{3046}\u{3048}\u{304a}", "4OAYFY4BQTRYDBXDQGEOHAMK", padding: false)
+  def test_decode_with_mistyped
+    assert_decode(OTP::Base32.decode("AOLB"), "A018")
+    assert_decode(OTP::Base32.decode("aolb"), "A018")
   end
 
-  def test_truncated_decode
-    assert_decode("f", "MY")
-    assert_decode("fo", "MZXQ")
-    assert_decode("foo", "MZXW6")
-    assert_decode("foob", "MZXW6YQ")
-    assert_decode("f", "my")
-    assert_decode("fo", "mzxq")
-    assert_decode("foo", "mzxw6")
-    assert_decode("foob", "mzxw6yq")
+  def test_decode_include_space
+    assert_decode("f", "M Y")
+    assert_decode("fo", "MZ XQ")
+    assert_decode("foo", "M\nZ\rX\tW-6")
+    assert_decode("f", "m y")
+    assert_decode("fo", "mz xq")
+    assert_decode("foo", "m\nz\rx\tw-6")
   end
 
   def test_unspecified
-    assert_raise(ArgumentError){ OTP::Base32.decode("MY0") }
+    e = assert_raise(ArgumentError){ OTP::Base32.decode("MY9") }
+    assert_equal("invalid char: 9", e.message)
     assert_decode("", "=")
-    assert_decode("`", "M=======")
-    assert_decode("fn", "MZX=====")
-    assert_decode("foo`", "MZXW6Y==")
-    assert_decode("`", "M=======G")
-    assert_decode("fn", "MZX=====G")
-    assert_decode("foo`", "MZXW6Y==G")
-    assert_decode("`", "M")
-    assert_decode("fn", "MZX")
-    assert_decode("foo`", "MZXW6Y")
+    assert_decode("", "M=======")
+    assert_decode("f", "MZX=====")
+    assert_decode("foo", "MZXW6Y==")
+    assert_decode("", "M=======G")
+    assert_decode("f", "MZX=====G")
+    assert_decode("foo", "MZXW6Y==G")
+    assert_decode("", "M")
+    assert_decode("f", "MZX")
+    assert_decode("foo", "MZXW6Y")
     assert_decode("fooba", "MZXW6YTB===")
     assert_decode("f", "MY=AAAAA")
     assert_decode("fo", "MZXQ=AAA")

data/test/test_uri.rb

@@ -17,6 +17,11 @@ class TestURI < Test::Unit::TestCase
     assert_equal("account@example.com", otp.accountname)
     assert_equal("My Company", otp.issuer)
 
+    uri = "otpauth://totp/My%20Company%3A%20%20account@example.com?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"
+    otp = OTP::URI.parse(uri)
+    assert_equal("account@example.com", otp.accountname)
+    assert_equal("My Company", otp.issuer)
+
     uri = "otpauth://totp/My%20Company:%20%20account@example.com?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ&issuer=Foo"
     otp = OTP::URI.parse(uri)
     assert_equal("account@example.com", otp.accountname)
@@ -113,6 +118,16 @@ class TestURI < Test::Unit::TestCase
     assert_equal(otp.password, hotp.password)
   end
 
+  def test_format_invalid
+    totp = OTP::TOTP.new
+    e = assert_raise(RuntimeError){ totp.to_uri }
+    assert_match(/secret must be set/, e.message)
+
+    totp.new_secret
+    e = assert_raise(RuntimeError){ totp.to_uri }
+    assert_match(/accountname must be set/, e.message)
+  end
+
   def test_parse_invalid
     e = assert_raise(RuntimeError){ OTP::URI.parse("http://www.netlab.jp") }
     assert_match(/URI scheme not match/, e.message)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: otp
 version: !ruby/object:Gem::Version
-  version: 0.0.10
+  version: 0.0.11
 platform: ruby
 authors:
 - Yuuzou Gotou
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-09 00:00:00.000000000 Z
+date: 2015-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler