RubyGems - rotp - Versions diffs - 3.3.0 → 3.3.1 - Mend

rotp 3.3.0 → 3.3.1

Files changed (14) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6966922a92bffb8bf74497e36d3f2e42e63f47a5
-  data.tar.gz: 0dbef9d1ed476e382b243d232240458d396b3593
+  metadata.gz: 6597229fd1ace9419ec1212d4cdedaa8392d5e2c
+  data.tar.gz: 7784edcd67e532d6e1c14e229c79e2b1c6c5bb6e
 SHA512:
-  metadata.gz: 3af99a2dcadd3591d235ecb8f1d0752ceadaa0b8649c1851163a7d0ce7e88bf5a564d1d32b6f3a2e2a3b290e36fd378b39e1d0a3a5225ba7ead905e3c207806f
-  data.tar.gz: c9504564ca0ec36d3efac011b9079d33d5038bf917ff4f5d6700556a71956fab49710304551e2d2d0a23f6c6a91dcdb7a296dd26468f6a78de8dc0584a0c35da
+  metadata.gz: cc83e697d928afc3be726fa0a7569f87bb5d69362ae429af512e35bc5f15d6cce947c510ab6204b6cac99601a3870600577360750f3e9af35762e316ce45080b
+  data.tar.gz: 5cdefb29436b550ecd825baa13cc2365c994705f575b474d9a8d02ecad1764ce9982bc04537ea95afbfe24b304c1a1a71e339f4223f496138f7eaeaa76261050

data/.gitignore CHANGED

@@ -3,3 +3,4 @@
 .yardoc
 pkg/*
 coverage
+Gemfile.lock

data/.travis.yml CHANGED

@@ -6,4 +6,4 @@ rvm:
   - 2.0.0
   - 1.9.3
 script:
-  - bundler exec rspec
+  - bundle exec rspec

data/CHANGELOG.md CHANGED

@@ -1,5 +1,10 @@
 ### Changelog
+#### 3.3.1
+- Add OpenSSL as a requirement for Ruby 2.5. Fixes #70 & #64
+- Allow Base32 with padding. #71
 #### 3.3.0
 - Add digest algorithm parameter for non SHA1 digests - #62 from @btalbot

data/README.md CHANGED

@@ -1,6 +1,6 @@
 # The Ruby One Time Password Library
-[![Build Status](https://secure.travis-ci.org/mdp/rotp.png)](https://travis-ci.org/mdp/rotp)
+[![Build Status](https://travis-ci.org/mdp/rotp.svg?branch=master)](https://travis-ci.org/mdp/rotp)
 [![Gem Version](https://badge.fury.io/rb/rotp.svg)](https://rubygems.org/gems/rotp)
 [![License](https://img.shields.io/badge/license-MIT-blue.svg?style=flat)](https://github.com/mdp/rotp/blob/master/LICENSE)
@@ -46,13 +46,13 @@ totp.provisioning_uri("alice@google.com")
 ```ruby
 hotp = ROTP::HOTP.new("base32secretkey3232")
-hotp.at(0) # => "260182"
-hotp.at(1) # => "055283"
-hotp.at(1401) # => "316439"
+hotp.at(0) # => "786922"
+hotp.at(1) # => "595254"
+hotp.at(1401) # => "259769"
 # OTP verified with a counter
-hotp.verify("316439", 1401) # => true
-hotp.verify("316439", 1402) # => false
+hotp.verify("259769", 1401) # => true
+hotp.verify("259769", 1402) # => false
 ```
 ### Verifying a Time based OTP with drift

data/lib/rotp.rb CHANGED

@@ -1,6 +1,7 @@
 require 'cgi'
 require 'uri'
 require 'securerandom'
+require 'openssl'
 require 'rotp/base32'
 require 'rotp/otp'
 require 'rotp/hotp'

data/lib/rotp/base32.rb CHANGED

@@ -5,6 +5,7 @@ module ROTP
     class << self
       def decode(str)
+        str = str.tr('=','')
         output = []
         str.scan(/.{1,8}/).each do |block|
           char_array = decode_block(block).map{|c| c.chr}

data/lib/rotp/otp.rb CHANGED

@@ -58,6 +58,10 @@ module ROTP
     # along with the secret
     #
     def int_to_bytestring(int, padding = 8)
+      unless int >= 0
+        raise ArgumentError, "#int_to_bytestring requires a positive number"
+      end
       result = []
       until int == 0
         result << (int & 0xFF).chr

data/lib/rotp/totp.rb CHANGED

@@ -20,6 +20,7 @@ module ROTP
       unless time.class == Time
         time = Time.at(time.to_i)
       end
       generate_otp(timecode(time), padding)
     end

data/lib/rotp/version.rb CHANGED

@@ -1,3 +1,3 @@
 module ROTP
-  VERSION = "3.3.0"
+  VERSION = "3.3.1"
 end

@@ -44,6 +44,12 @@ RSpec.describe ROTP::Base32 do
         expect(ROTP::Base32.decode('234BCDEFG').unpack('H*').first).to eq 'd6f8110c8530'
         expect(ROTP::Base32.decode('234BCDEFG234BCDEFG').unpack('H*').first).to eq 'd6f8110c8536b7c0886429'
       end
+      context 'with padding' do
+        it 'correctly decodes a string' do
+          expect(ROTP::Base32.decode('F==').unpack('H*').first).to eq '28'
+        end
+      end
     end
   end
 end

@@ -161,6 +161,21 @@ RSpec.describe ROTP::TOTP do
   end
+  describe 'invalid_verification with nil time as argument' do
+    let(:verification) { totp.verify_with_drift token, drift, nil }
+    context 'positive drift' do
+      let(:token) { totp.at now - 30 }
+      let(:drift) { 60 }
+      it 'raises error' do
+        expect do
+          verification
+        end.to raise_error(ArgumentError)
+      end
+    end
+  end
   describe '#verify_with_drift' do
     let(:verification) { totp.verify_with_drift token, drift, now }
     let(:drift) { 0 }

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  version: 3.3.0
+  version: 3.3.1
 platform: ruby
 authors:
 - Mark Percival
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-09-22 00:00:00.000000000 Z
+date: 2018-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -82,7 +82,6 @@ files:
 - Dockerfile-2.1
 - Dockerfile-2.3
 - Gemfile
-- Gemfile.lock
 - Guardfile
 - LICENSE
 - README.md

data/Gemfile.lock DELETED

@@ -1,41 +0,0 @@
-PATH
-  remote: .
-  specs:
-    rotp (3.2.0)
-GEM
-  remote: http://rubygems.org/
-  specs:
-    diff-lcs (1.2.5)
-    docile (1.1.5)
-    json (1.8.3)
-    rake (10.5.0)
-    rspec (3.5.0)
-      rspec-core (~> 3.5.0)
-      rspec-expectations (~> 3.5.0)
-      rspec-mocks (~> 3.5.0)
-    rspec-core (3.5.2)
-      rspec-support (~> 3.5.0)
-    rspec-expectations (3.5.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.5.0)
-    rspec-mocks (3.5.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.5.0)
-    rspec-support (3.5.0)
-    simplecov (0.12.0)
-      docile (~> 1.1.0)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.0)
-    timecop (0.8.1)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  rake (~> 10.5)
-  rotp!
-  rspec (~> 3.5)
-  simplecov (~> 0.12)
-  timecop (~> 0.8)