secondfactor 1.0.0 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +52 -0
  3. data/lib/secondfactor/hotp.rb +5 -0
  4. data/lib/secondfactor/otp.rb +2 -4
  5. data/lib/secondfactor/totp.rb +5 -0
  6. data/lib/secondfactor/version.rb +1 -1
  7. metadata +20 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7e9b1ac431c194b98785d7fadb0354d47abfc4e3
4
- data.tar.gz: 0cd5e7bb80c1049947f1fc8b177b363b54f689e2
3
+ metadata.gz: 21f71594aa27bf10a7cb47e61253e954a4590016
4
+ data.tar.gz: d03b1e17d8cba19cb8930fc39a20282ec5daa9c5
5
5
  SHA512:
6
- metadata.gz: 16f3ed8ada3fb918998caffe561154e6ceec9c74219a2e64dc0302d60f817b4fc631639472d2192074d45cd61d8497929979c90d007a208640211ab9cee2fbf7
7
- data.tar.gz: '08c03ff1b2b1f66b750892ad5e0004c174f983f782e974b0e6694db2b54c4ea26c2bdadca7966a1aa4a07ba4d4a87cd70c5b0d05dd90a801e6914c4da992daad'
6
+ metadata.gz: 07c0d7099d0ef041baf02b624441e613fa9b8b78cbd27b4db69a94beb61c5ec3d77554fab9ae0df606c1a021f726081ce70aa77d87f40d725b15e7a80520a6ee
7
+ data.tar.gz: 73be70702f0bed5a29b64815f59a9b9457dcef28cc86048cef3d8837535ca400171d17a92f2a78c84eeb4bb33e32028af1a721328a7431753d6a0c84f3da2428
data/README.md CHANGED
@@ -0,0 +1,52 @@
1
+ # SecondFactor
2
+
3
+ A simple, easy to use HMAC-based and time-based one-time passcode library for two-factor authentication implementations.
4
+
5
+ This implementation is RFC4226 and RFC6238 compliant.
6
+
7
+ Roughly based off a similar project I wrote in Go, [OTP](https://github.com/aeyris/otp).
8
+
9
+ ## Features
10
+
11
+ Due to various restrictions in common authenticator apps, base support is aimed for the most common denominator of configurations. Namely, it supports:
12
+
13
+ - SHA-1 based HMACs
14
+ - 30-second timeout
15
+ - Six-digit codes
16
+ - Base32 secrets
17
+
18
+ Extensibility to merely render these as modifiable defaults may occur in the future.
19
+
20
+ ## Usage
21
+
22
+
23
+ ### Seed Generation
24
+
25
+ Merely generates a seed in Base 32 for usage with phones. Can be converted to a QR code.
26
+
27
+ ```ruby
28
+ require 'secondfactor'
29
+
30
+ seed = SecondFactor::OTP.generate_seed
31
+ ```
32
+
33
+ ### TOTP Challenge Generation
34
+
35
+ Generates tokens for three timesteps. Current time minus one step, current time, and current time plus one step.
36
+
37
+ ```ruby
38
+ require 'secondfactor'
39
+
40
+ seed = SecondFactor::OTP.generate_seed
41
+ challenges = SecondFactor::TOTP.generate(seed)
42
+ ```
43
+
44
+ ### Verify a Token
45
+
46
+ Verifies a TOTP token against the seed provided. Internally, this calls TOTP.generate, so will verify against the three aforementioned timesteps.
47
+
48
+ ```ruby
49
+ require 'secondfactor'
50
+
51
+ SecondFactor::TOTP.verify(seed, token)
52
+ ```
data/lib/secondfactor/hotp.rb CHANGED
@@ -5,5 +5,10 @@ module SecondFactor
5
5
  hotp = (hmac % 10 ** 6).to_s.rjust(6, '0')
6
6
  return hotp
7
7
  end
8
+
9
+ def self.verify(secret_based, step, token)
10
+ challenge = self.generate(secret_based, step)
11
+ return challenge == token
12
+ end
8
13
  end
9
14
  end
data/lib/secondfactor/otp.rb CHANGED
@@ -9,11 +9,9 @@ module SecondFactor
9
9
 
10
10
  def self.generate_hmac(seed_based, step)
11
11
  seed_bytes = Base32.decode(seed_based)
12
- hmac = OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), seed_bytes, intbytes(step))
12
+ hmac = OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), seed_bytes, self.intbytes(step))
13
13
 
14
14
  # https://tools.ietf.org/html/rfc4226#section-5.4
15
- # What's security without a bit of math I don't understand, right?
16
- # Lucky that RFC is easy to understand...
17
15
  offset = hmac[-1].ord & 0xF
18
16
  truncated = (hmac[offset].ord & 0x7F) << 24 | (hmac[offset + 1].ord & 0xFF) << 16 | (hmac[offset + 2].ord & 0xFF) << 8 | (hmac[offset + 3].ord & 0xFF)
19
17
 
@@ -21,7 +19,7 @@ module SecondFactor
21
19
  end
22
20
 
23
21
  # Roughly adapted from github.com/aeyris/otp
24
- def intbytes(int)
22
+ def self.intbytes(int)
25
23
  result = ""
26
24
 
27
25
  8.times do
data/lib/secondfactor/totp.rb CHANGED
@@ -9,5 +9,10 @@ module SecondFactor
9
9
  SecondFactor::HOTP.generate(secret_based, now_step.succ)
10
10
  ]
11
11
  end
12
+
13
+ def self.verify(secret_based, token)
14
+ challenges = self.generate(secret_based)
15
+ return challenges.include? token
16
+ end
12
17
  end
13
18
  end
data/lib/secondfactor/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SecondFactor
2
- VERSION = "1.0.0"
2
+ VERSION = "2.0.0"
3
3
  end
metadata CHANGED
@@ -1,16 +1,31 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secondfactor
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elliot Speck
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-02-25 00:00:00.000000000 Z
12
- dependencies: []
13
- description: A simple HMAC-based and time-based two-factor authentication library.
11
+ date: 2017-02-26 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: base32
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ description: A simple HMAC-based and time-based two-factor authentication library
28
+ for usage within two-factor authentication mechanisms.
14
29
  email: rubygems@elliot.pro
15
30
  executables: []
16
31
  extensions: []
@@ -46,5 +61,5 @@ rubyforge_project:
46
61
  rubygems_version: 2.6.8
47
62
  signing_key:
48
63
  specification_version: 4
49
- summary: A simple HMAC-based and time-based two-factor authentication library.
64
+ summary: HMAC-based and time-based two-factor authentication library.
50
65
  test_files: []