otp 0.0.4 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/otp/base.rb +9 -7
- data/lib/otp/version.rb +1 -1
- data/test/test_base32.rb +11 -0
- data/test/test_hotp.rb +26 -0
- data/test/test_totp.rb +30 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 950f885b455852f76538a68b7c6fb05b01a467cb
|
4
|
+
data.tar.gz: ff52168dded70e183a28edd3ef1803b9a2fd9ecc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 86fbcf11687d81382349e07639c5f70824c00b913040e453bc71e0cccfebad662e377d38a28b2be0667f94ea8d181449f71d75f109bb31a1b01d11b8e3051b95
|
7
|
+
data.tar.gz: 4d004267238bea39655fb54492deb785b818cfcd63eed217c299444e230a60c2fa03a075367e7365cb9a7f96f383cb36660176b4069432d20590b41f1b78d42b
|
data/lib/otp/base.rb
CHANGED
@@ -29,21 +29,23 @@ module OTP
|
|
29
29
|
raise NotImplementedError
|
30
30
|
end
|
31
31
|
|
32
|
-
def otp
|
32
|
+
def otp(generation=0)
|
33
33
|
hash = hmac(algorithm, OTP::Base32.decode(secret),
|
34
|
-
pack_int64(moving_factor))
|
34
|
+
pack_int64(moving_factor+generation))
|
35
35
|
return truncate(hash)
|
36
36
|
end
|
37
37
|
|
38
|
-
def password
|
39
|
-
pw = (otp % (10 ** digits)).to_s
|
38
|
+
def password(generation=0)
|
39
|
+
pw = (otp(generation) % (10 ** digits)).to_s
|
40
40
|
pw = "0" + pw while pw.length < digits
|
41
41
|
return pw
|
42
42
|
end
|
43
43
|
|
44
|
-
def verify(
|
45
|
-
|
46
|
-
|
44
|
+
def verify(given_pw, last:0, post:0)
|
45
|
+
raise "last must be greater than or equal to 0" if last < 0
|
46
|
+
raise "post must be greater than or equal to 0" if post < 0
|
47
|
+
return false if given_pw.nil? || given_pw.empty?
|
48
|
+
return (-last..post).any?{|i| compare(password(i), given_pw) }
|
47
49
|
end
|
48
50
|
|
49
51
|
## URI related methods
|
data/lib/otp/version.rb
CHANGED
data/test/test_base32.rb
CHANGED
@@ -27,4 +27,15 @@ class TestBase32 < Test::Unit::TestCase
|
|
27
27
|
assert_encode_decode("foobar", "MZXW6YTBOI======")
|
28
28
|
assert_encode_decode("\u{3042}\u{3044}\u{3046}\u{3048}\u{304a}", "4OAYFY4BQTRYDBXDQGEOHAMK")
|
29
29
|
end
|
30
|
+
|
31
|
+
def test_truncated_decode
|
32
|
+
assert_decode("f", "MY")
|
33
|
+
assert_decode("fo", "MZXQ")
|
34
|
+
assert_decode("foo", "MZXW6")
|
35
|
+
assert_decode("foob", "MZXW6YQ")
|
36
|
+
assert_decode("f", "my")
|
37
|
+
assert_decode("fo", "mzxq")
|
38
|
+
assert_decode("foo", "mzxw6")
|
39
|
+
assert_decode("foob", "mzxw6yq")
|
40
|
+
end
|
30
41
|
end
|
data/test/test_hotp.rb
CHANGED
@@ -23,4 +23,30 @@ class TestHTOP < Test::Unit::TestCase
|
|
23
23
|
assert_hotp(hotp, 8, "399871")
|
24
24
|
assert_hotp(hotp, 9, "520489")
|
25
25
|
end
|
26
|
+
|
27
|
+
def test_last_and_post
|
28
|
+
seed = "12345678901234567890"
|
29
|
+
hotp = OTP::HOTP.new(OTP::Base32.encode(seed), "SHA1", 6)
|
30
|
+
hotp.count = 5
|
31
|
+
|
32
|
+
assert(!hotp.verify("359152", last:2)) # pass for 2
|
33
|
+
assert(hotp.verify("969429", last:2)) # pass for 3
|
34
|
+
assert(hotp.verify("338314", last:2)) # pass for 4
|
35
|
+
assert(hotp.verify("254676", last:2)) # pass for 5
|
36
|
+
assert(!hotp.verify("287922", last:2)) # pass for 6
|
37
|
+
|
38
|
+
assert(!hotp.verify("338314", post:2)) # pass for 4
|
39
|
+
assert(hotp.verify("254676", post:2)) # pass for 5
|
40
|
+
assert(hotp.verify("287922", post:2)) # pass for 6
|
41
|
+
assert(hotp.verify("162583", post:2)) # pass for 7
|
42
|
+
assert(!hotp.verify("399871", post:2)) # pass for 8
|
43
|
+
|
44
|
+
assert(!hotp.verify("359152", last:2, post:2)) # pass for 2
|
45
|
+
assert(hotp.verify("969429", last:2, post:2)) # pass for 3
|
46
|
+
assert(hotp.verify("338314", last:2, post:2)) # pass for 4
|
47
|
+
assert(hotp.verify("254676", post:2, post:2)) # pass for 5
|
48
|
+
assert(hotp.verify("287922", post:2, post:2)) # pass for 6
|
49
|
+
assert(hotp.verify("162583", post:2, post:2)) # pass for 7
|
50
|
+
assert(!hotp.verify("399871", post:2, post:2)) # pass for 8
|
51
|
+
end
|
26
52
|
end
|
data/test/test_totp.rb
CHANGED
@@ -41,4 +41,34 @@ class TestTOTP < Test::Unit::TestCase
|
|
41
41
|
assert_totp(totp, 2000000000, "38618901")
|
42
42
|
assert_totp(totp, 20000000000, "47863826")
|
43
43
|
end
|
44
|
+
|
45
|
+
def test_last_and_post
|
46
|
+
seed = "12345678901234567890"
|
47
|
+
totp = OTP::TOTP.new(OTP::Base32.encode(seed), "SHA1", 8)
|
48
|
+
totp.time = Time.at(1433502016)
|
49
|
+
|
50
|
+
assert(!totp.verify("71170909"))
|
51
|
+
assert(totp.verify("50451956")) # current
|
52
|
+
assert(!totp.verify("36432053"))
|
53
|
+
|
54
|
+
assert(!totp.verify("79346509", last:2))
|
55
|
+
assert(totp.verify("60048391", last:2))
|
56
|
+
assert(totp.verify("71170909", last:2))
|
57
|
+
assert(totp.verify("50451956", last:2)) # current
|
58
|
+
assert(!totp.verify("36432053", last:2))
|
59
|
+
|
60
|
+
assert(!totp.verify("71170909", post:2))
|
61
|
+
assert(totp.verify("50451956", post:2)) # current
|
62
|
+
assert(totp.verify("36432053", post:2))
|
63
|
+
assert(totp.verify("78660635", post:2))
|
64
|
+
assert(!totp.verify("97845627", post:2))
|
65
|
+
|
66
|
+
assert(!totp.verify("79346509", last:2, post:2))
|
67
|
+
assert(totp.verify("60048391", last:2, post:2))
|
68
|
+
assert(totp.verify("71170909", last:2, post:2))
|
69
|
+
assert(totp.verify("50451956", last:2, post:2)) # current
|
70
|
+
assert(totp.verify("36432053", last:2, post:2))
|
71
|
+
assert(totp.verify("78660635", last:2, post:2))
|
72
|
+
assert(!totp.verify("97845627", last:2, post:2))
|
73
|
+
end
|
44
74
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: otp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yuuzou Gotou
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-06-
|
11
|
+
date: 2015-06-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|