otp 0.0.4 → 0.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f2cff8ad3604a6598f352b74b34c4e9414117a59
-  data.tar.gz: ea8d49ef4dfcf5fd5f0b56864e62c30ada976aac
+  metadata.gz: 950f885b455852f76538a68b7c6fb05b01a467cb
+  data.tar.gz: ff52168dded70e183a28edd3ef1803b9a2fd9ecc
 SHA512:
-  metadata.gz: 6f215a20f4330cad4bea4b5758175784dd9db09f15b417a8db3d1e17386268ee6019dccae63074ddf9ffd6bf9179d4a08700096447c5ef1f42dda2b5128c4617
-  data.tar.gz: 2d18ba3ef5dadff11b78327dae54f2060c4b1b82a2afdbfba9b1de80ddcd92de4e6e92b51c8821022bb2a38627def98121693b8916f400037dc09524c21fc829
+  metadata.gz: 86fbcf11687d81382349e07639c5f70824c00b913040e453bc71e0cccfebad662e377d38a28b2be0667f94ea8d181449f71d75f109bb31a1b01d11b8e3051b95
+  data.tar.gz: 4d004267238bea39655fb54492deb785b818cfcd63eed217c299444e230a60c2fa03a075367e7365cb9a7f96f383cb36660176b4069432d20590b41f1b78d42b

data/lib/otp/base.rb

@@ -29,21 +29,23 @@ module OTP
       raise NotImplementedError
     end
 
-    def otp
+    def otp(generation=0)
       hash = hmac(algorithm, OTP::Base32.decode(secret),
-                  pack_int64(moving_factor))
+                  pack_int64(moving_factor+generation))
       return truncate(hash)
     end
 
-    def password
-      pw = (otp % (10 ** digits)).to_s
+    def password(generation=0)
+      pw = (otp(generation) % (10 ** digits)).to_s
       pw = "0" + pw while pw.length < digits
       return pw
     end
 
-    def verify(otp)
-      return false if otp.nil? || otp.empty?
-      return compare(password, otp)
+    def verify(given_pw, last:0, post:0)
+      raise "last must be greater than or equal to 0" if last < 0
+      raise "post must be greater than or equal to 0" if post < 0
+      return false if given_pw.nil? || given_pw.empty?
+      return (-last..post).any?{|i| compare(password(i), given_pw) }
     end
 
     ## URI related methods

data/lib/otp/version.rb

@@ -1,4 +1,4 @@
 module OTP
-  VERSION = "0.0.4"
+  VERSION = "0.0.5"
 end
 

data/test/test_base32.rb

@@ -27,4 +27,15 @@ class TestBase32 < Test::Unit::TestCase
     assert_encode_decode("foobar", "MZXW6YTBOI======")
     assert_encode_decode("\u{3042}\u{3044}\u{3046}\u{3048}\u{304a}", "4OAYFY4BQTRYDBXDQGEOHAMK")
   end
+
+  def test_truncated_decode
+    assert_decode("f", "MY")
+    assert_decode("fo", "MZXQ")
+    assert_decode("foo", "MZXW6")
+    assert_decode("foob", "MZXW6YQ")
+    assert_decode("f", "my")
+    assert_decode("fo", "mzxq")
+    assert_decode("foo", "mzxw6")
+    assert_decode("foob", "mzxw6yq")
+  end
 end

data/test/test_hotp.rb

@@ -23,4 +23,30 @@ class TestHTOP < Test::Unit::TestCase
     assert_hotp(hotp, 8, "399871")
     assert_hotp(hotp, 9, "520489")
   end
+
+  def test_last_and_post
+    seed = "12345678901234567890"
+    hotp = OTP::HOTP.new(OTP::Base32.encode(seed), "SHA1", 6)
+    hotp.count = 5
+
+    assert(!hotp.verify("359152", last:2))  # pass for 2
+    assert(hotp.verify("969429", last:2))  # pass for 3
+    assert(hotp.verify("338314", last:2))  # pass for 4
+    assert(hotp.verify("254676", last:2))  # pass for 5
+    assert(!hotp.verify("287922", last:2))  # pass for 6
+
+    assert(!hotp.verify("338314", post:2))  # pass for 4
+    assert(hotp.verify("254676", post:2))  # pass for 5
+    assert(hotp.verify("287922", post:2))  # pass for 6
+    assert(hotp.verify("162583", post:2))  # pass for 7
+    assert(!hotp.verify("399871", post:2))  # pass for 8
+
+    assert(!hotp.verify("359152", last:2, post:2))  # pass for 2
+    assert(hotp.verify("969429", last:2, post:2))  # pass for 3
+    assert(hotp.verify("338314", last:2, post:2))  # pass for 4
+    assert(hotp.verify("254676", post:2, post:2))  # pass for 5
+    assert(hotp.verify("287922", post:2, post:2))  # pass for 6
+    assert(hotp.verify("162583", post:2, post:2))  # pass for 7
+    assert(!hotp.verify("399871", post:2, post:2))  # pass for 8
+  end
 end

data/test/test_totp.rb

@@ -41,4 +41,34 @@ class TestTOTP < Test::Unit::TestCase
     assert_totp(totp, 2000000000,  "38618901")
     assert_totp(totp, 20000000000, "47863826")
   end
+
+  def test_last_and_post
+    seed = "12345678901234567890"
+    totp = OTP::TOTP.new(OTP::Base32.encode(seed), "SHA1", 8)
+    totp.time = Time.at(1433502016)
+
+    assert(!totp.verify("71170909"))
+    assert(totp.verify("50451956"))  # current
+    assert(!totp.verify("36432053"))
+
+    assert(!totp.verify("79346509", last:2))
+    assert(totp.verify("60048391", last:2))
+    assert(totp.verify("71170909", last:2))
+    assert(totp.verify("50451956", last:2))  # current
+    assert(!totp.verify("36432053", last:2))
+
+    assert(!totp.verify("71170909", post:2))
+    assert(totp.verify("50451956", post:2))  # current
+    assert(totp.verify("36432053", post:2))
+    assert(totp.verify("78660635", post:2))
+    assert(!totp.verify("97845627", post:2))
+
+    assert(!totp.verify("79346509", last:2, post:2))
+    assert(totp.verify("60048391", last:2, post:2))
+    assert(totp.verify("71170909", last:2, post:2))
+    assert(totp.verify("50451956", last:2, post:2))  # current
+    assert(totp.verify("36432053", last:2, post:2))
+    assert(totp.verify("78660635", last:2, post:2))
+    assert(!totp.verify("97845627", last:2, post:2))
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: otp
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Yuuzou Gotou
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-04 00:00:00.000000000 Z
+date: 2015-06-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler