RubyGems - rotp - Versions diffs - 1.2.0 → 1.3.0 - Mend

rotp 1.2.0 → 1.3.0

Files changed (9) hide show

data/README.markdown CHANGED Viewed

@@ -2,12 +2,18 @@
 A ruby library for generating one time passwords according to [ RFC 4226 ](http://tools.ietf.org/html/rfc4226) and the [ HOTP RFC ](http://tools.ietf.org/html/draft-mraihi-totp-timebased-00)
-This is compatible with Google Authenticator apps available for Android and iPhone
+This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail
+## Quick overview of using One Time Passwords on your phone
+* OTP's involve a shared secret, stored both on the phone and the server
+* OTP's can be generated on a phone without internet connectivity(AT&T mode)
+* OTP's should always be used as a second factor of authentication(if your phone is lost, you account is still secured with a password)
+* Google Authenticator allows you to store multiple OTP secrets and provision those using a QR Code(no more typing in the secret)
 ## Dependencies
 * OpenSSL
-* Base32
 ## Installation
@@ -40,7 +46,7 @@ This is compatible with Google Authenticator apps available for Android and iPho
     ROTP.random_base32 # returns a 16 character base32 secret. Compatible with Google Authenticator
-### Google Authenticator Interop
+### Google Authenticator Compatible
 The library works with the Google Authenticator iPhone and Android app, and also
 includes the ability to generate provisioning URI's for use with the QR Code scanner
@@ -51,3 +57,27 @@ built into the app.
 This can then be rendered as a QR Code which can then be scanned and added to the users
 list of OTP credentials.
+#### Working example
+Scan the following barcode with your phone, using Google Authenticator
+![QR Code for OTP](http://chart.apis.google.com/chart?cht=qr&chs=250x250&chl=otpauth%3A%2F%2Ftotp%2Falice%40google.com%3Fsecret%3DJBSWY3DPEHPK3PXP)
+Now run the following and compare the output
+    require 'rubygems'
+    require 'rotp'
+    totp = ROTP::TOTP.new("JBSWY3DPEHPK3PXP")
+    p "Current OTP: #{totp.now}"
+### Changelog
+####1.3.0
+- Added support for Ruby 1.9.x
+- Removed dependency on Base32
+### See also:
+PHP port of ROTP by [Le Lag](https://github.com/lelag) - [OTPHP](https://github.com/lelag/otphp)

data/Rakefile CHANGED Viewed

@@ -1,2 +1,12 @@
 require 'bundler'
 Bundler::GemHelper.install_tasks
+require 'rake/testtask'
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test' << '.'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+task :default => :test

data/lib/rotp.rb CHANGED Viewed

@@ -1,17 +1,9 @@
+require 'rotp/base32'
 require 'rotp/otp'
 require 'rotp/hotp'
 require 'rotp/totp'
-require 'base32'
 require 'uri'
 require 'openssl'
 module ROTP
-  BASE32 = 'abcdefghijklmnopqrstuvwxyz234567'
-  def self.random_base32(length=16)
-    b32 = ''
-    OpenSSL::Random.random_bytes(length).each_byte do |b|
-      b32 << BASE32[b % 32, 1]
-    end
-    b32
-  end
 end

data/lib/rotp/base32.rb ADDED Viewed

@@ -0,0 +1,48 @@
+module ROTP
+  class Base32
+    CHARS = "abcdefghijklmnopqrstuvwxyz234567".each_char.to_a
+    class << self
+      def decode(str)
+        output = []
+        str.scan(/.{8}/).each do |block|
+          char_array = decode_block(block).map{|c| c.chr}
+          output << char_array
+        end
+        output.join
+      end
+      def random_base32(length=16)
+        b32 = ''
+        OpenSSL::Random.random_bytes(length).each_byte do |b|
+          b32 << CHARS[b % 32]
+        end
+        b32
+      end
+      private
+      def decode_block(block)
+        return 0 unless (block.bytesize % 8 == 0) || (block.bytesize == 0)
+        length = block.scan(/[^=]/).length
+        quints = block.each_char.map {|c| decode_quint(c)}
+        bytes = []
+        bytes[0] = (quints[0] << 3) + (quints[1] >> 2)
+        return bytes if length < 3
+        bytes[1] = ((quints[1] & 3) << 6) + (quints[2] << 1) + (quints[3] >> 4)
+        return bytes if length < 5
+        bytes[2] = ((quints[3] & 15) << 4) + (quints[4] >> 1)
+        return bytes if length < 6
+        bytes[3] = ((quints[4] & 1) << 7) + (quints[5] << 2) + (quints[6] >> 3)
+        bytes[4] = ((quints[6] & 7) << 5) + quints[7]
+        bytes
+      end
+      def decode_quint(q)
+        CHARS.index(q.downcase)
+      end
+    end
+  end
+end

data/lib/rotp/otp.rb CHANGED Viewed

@@ -26,11 +26,11 @@ module ROTP
         int_to_bytestring(input)
       )
-      offset = hmac[19] & 0xf
-      code = (hmac[offset] & 0x7f) << 24 |
-        (hmac[offset + 1] & 0xff) << 16 |
-        (hmac[offset + 2] & 0xff) << 8 |
-        (hmac[offset + 3] & 0xff)
+      offset = hmac[19].ord & 0xf
+      code = (hmac[offset].ord & 0x7f) << 24 |
+        (hmac[offset + 1].ord & 0xff) << 16 |
+        (hmac[offset + 2].ord & 0xff) << 8 |
+        (hmac[offset + 3].ord & 0xff)
       code % 10 ** digits
     end

data/lib/rotp/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ROTP
-  VERSION = "1.2.0"
+  VERSION = "1.3.0"
 end

data/rotp.gemspec CHANGED Viewed

@@ -14,8 +14,6 @@ Gem::Specification.new do |s|
   s.rubyforge_project = "rotp"
-  s.add_dependency('base32', '0.1.2')
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }

data/spec/base_spec.rb CHANGED Viewed

@@ -2,11 +2,11 @@ require 'spec_helper'
 describe "generating a random base32 secret" do
   it "should be 16 characters by default" do
-    ROTP.random_base32.length.should == 16
-    ROTP.random_base32.should match /[a-z2-7].+/
+    ROTP::Base32.random_base32.length.should == 16
+    ROTP::Base32.random_base32.should match /[a-z2-7].+/
   end
   it "should be allow a specific length" do
-    ROTP.random_base32(32).length.should == 32
+    ROTP::Base32.random_base32(32).length.should == 32
   end
 end

metadata CHANGED Viewed

@@ -1,13 +1,12 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  hash: 31
-  prerelease:
+  prerelease: false
   segments:
   - 1
-  - 2
+  - 3
   - 0
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Mark Percival
@@ -15,25 +14,10 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-02-13 00:00:00 -08:00
+date: 2011-05-01 00:00:00 -07:00
 default_executable:
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: base32
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - "="
-      - !ruby/object:Gem::Version
-        hash: 31
-        segments:
-        - 0
-        - 1
-        - 2
-        version: 0.1.2
-  type: :runtime
-  version_requirements: *id001
+dependencies: []
 description: Works for both HOTP and TOTP, and include QR Code provisioning
 email:
 - mark@markpercival.us
@@ -68,6 +52,7 @@ files:
 - doc/method_list.html
 - doc/top-level-namespace.html
 - lib/rotp.rb
+- lib/rotp/base32.rb
 - lib/rotp/hotp.rb
 - lib/rotp/otp.rb
 - lib/rotp/totp.rb
@@ -89,7 +74,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 3
       segments:
       - 0
       version: "0"
@@ -98,14 +82,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 3
       segments:
       - 0
       version: "0"
 requirements: []
 rubyforge_project: rotp
-rubygems_version: 1.5.2
+rubygems_version: 1.3.7
 signing_key:
 specification_version: 3
 summary: A Ruby library for generating and verifying one time passwords