mirror of
https://github.com/1f349/twofactor.git
synced 2024-12-22 07:24:12 +00:00
Merge pull request #12 from MarkSonghurst/spelling
Corrected spelling mistakes
This commit is contained in:
commit
7519c44a35
24
totp.go
24
totp.go
@ -44,7 +44,7 @@ type Totp struct {
|
|||||||
counter [counter_size]byte // this is the counter used to synchronize with the client device
|
counter [counter_size]byte // this is the counter used to synchronize with the client device
|
||||||
digits int // total amount of digits of the code displayed on the device
|
digits int // total amount of digits of the code displayed on the device
|
||||||
issuer string // the company which issues the 2FA
|
issuer string // the company which issues the 2FA
|
||||||
account string // usually the suer email or the account id
|
account string // usually the user email or the account id
|
||||||
stepSize int // by default 30 seconds
|
stepSize int // by default 30 seconds
|
||||||
clientOffset int // the amount of steps the client is off
|
clientOffset int // the amount of steps the client is off
|
||||||
totalVerificationFailures int // the total amount of verification failures from the client - by default 10
|
totalVerificationFailures int // the total amount of verification failures from the client - by default 10
|
||||||
@ -77,7 +77,7 @@ func (otp *Totp) getIntCounter() uint64 {
|
|||||||
// hash: is the crypto function used: crypto.SHA1, crypto.SHA256, crypto.SHA512
|
// hash: is the crypto function used: crypto.SHA1, crypto.SHA256, crypto.SHA512
|
||||||
// digits: is the token amount of digits (6 or 7 or 8)
|
// digits: is the token amount of digits (6 or 7 or 8)
|
||||||
// steps: the amount of second the token is valid
|
// steps: the amount of second the token is valid
|
||||||
// it autmatically generates a secret key using the golang crypto rand package. If there is not enough entropy the function returns an error
|
// it automatically generates a secret key using the golang crypto rand package. If there is not enough entropy the function returns an error
|
||||||
// The key is not encrypted in this package. It's a secret key. Therefore if you transfer the key bytes in the network,
|
// The key is not encrypted in this package. It's a secret key. Therefore if you transfer the key bytes in the network,
|
||||||
// please take care of protecting the key or in fact all the bytes.
|
// please take care of protecting the key or in fact all the bytes.
|
||||||
func NewTOTP(account, issuer string, hash crypto.Hash, digits int) (*Totp, error) {
|
func NewTOTP(account, issuer string, hash crypto.Hash, digits int) (*Totp, error) {
|
||||||
@ -99,7 +99,7 @@ func NewTOTP(account, issuer string, hash crypto.Hash, digits int) (*Totp, error
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Private function which initialize the TOTP so that it's easier to unit test it
|
// Private function which initialize the TOTP so that it's easier to unit test it
|
||||||
// Used internnaly
|
// Used internally
|
||||||
func makeTOTP(key []byte, account, issuer string, hash crypto.Hash, digits int) (*Totp, error) {
|
func makeTOTP(key []byte, account, issuer string, hash crypto.Hash, digits int) (*Totp, error) {
|
||||||
otp := new(Totp)
|
otp := new(Totp)
|
||||||
otp.key = key
|
otp.key = key
|
||||||
@ -112,7 +112,7 @@ func makeTOTP(key []byte, account, issuer string, hash crypto.Hash, digits int)
|
|||||||
return otp, nil
|
return otp, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// This function validates the user privided token
|
// This function validates the user provided token
|
||||||
// It calculates 3 different tokens. The current one, one before now and one after now.
|
// It calculates 3 different tokens. The current one, one before now and one after now.
|
||||||
// The difference is driven by the TOTP step size
|
// The difference is driven by the TOTP step size
|
||||||
// Based on which of the 3 steps it succeeds to validates, the client offset is updated.
|
// Based on which of the 3 steps it succeeds to validates, the client offset is updated.
|
||||||
@ -352,15 +352,15 @@ func (otp *Totp) ToBytes() ([]byte, error) {
|
|||||||
|
|
||||||
var buffer bytes.Buffer
|
var buffer bytes.Buffer
|
||||||
|
|
||||||
// caluclate the length of the key and create its byte representation
|
// calculate the length of the key and create its byte representation
|
||||||
keySize := len(otp.key)
|
keySize := len(otp.key)
|
||||||
keySizeBytes := bigendian.ToInt(keySize) //bigEndianInt(keySize)
|
keySizeBytes := bigendian.ToInt(keySize) //bigEndianInt(keySize)
|
||||||
|
|
||||||
// caluclate the length of the issuer and create its byte representation
|
// calculate the length of the issuer and create its byte representation
|
||||||
issuerSize := len(otp.issuer)
|
issuerSize := len(otp.issuer)
|
||||||
issuerSizeBytes := bigendian.ToInt(issuerSize)
|
issuerSizeBytes := bigendian.ToInt(issuerSize)
|
||||||
|
|
||||||
// caluclate the length of the account and create its byte representation
|
// calculate the length of the account and create its byte representation
|
||||||
accountSize := len(otp.account)
|
accountSize := len(otp.account)
|
||||||
accountSizeBytes := bigendian.ToInt(accountSize)
|
accountSizeBytes := bigendian.ToInt(accountSize)
|
||||||
|
|
||||||
@ -499,14 +499,14 @@ func TOTPFromBytes(encryptedMessage []byte, issuer string) (*Totp, error) {
|
|||||||
// otp object
|
// otp object
|
||||||
otp := new(Totp)
|
otp := new(Totp)
|
||||||
|
|
||||||
// get the lenght
|
// get the length
|
||||||
lenght := make([]byte, 4)
|
length := make([]byte, 4)
|
||||||
_, err = reader.Read(lenght) // read the 4 bytes for the total lenght
|
_, err = reader.Read(length) // read the 4 bytes for the total length
|
||||||
if err != nil && err != io.EOF {
|
if err != nil && err != io.EOF {
|
||||||
return otp, err
|
return otp, err
|
||||||
}
|
}
|
||||||
|
|
||||||
totalSize := bigendian.FromInt([4]byte{lenght[0], lenght[1], lenght[2], lenght[3]})
|
totalSize := bigendian.FromInt([4]byte{length[0], length[1], length[2], length[3]})
|
||||||
buffer := make([]byte, totalSize-4)
|
buffer := make([]byte, totalSize-4)
|
||||||
_, err = reader.Read(buffer)
|
_, err = reader.Read(buffer)
|
||||||
if err != nil && err != io.EOF {
|
if err != nil && err != io.EOF {
|
||||||
@ -571,7 +571,7 @@ func TOTPFromBytes(encryptedMessage []byte, issuer string) (*Totp, error) {
|
|||||||
b = buffer[startOffset:endOffset]
|
b = buffer[startOffset:endOffset]
|
||||||
otp.clientOffset = bigendian.FromInt([4]byte{b[0], b[1], b[2], b[3]})
|
otp.clientOffset = bigendian.FromInt([4]byte{b[0], b[1], b[2], b[3]})
|
||||||
|
|
||||||
// read the total failuers
|
// read the total failures
|
||||||
startOffset = endOffset
|
startOffset = endOffset
|
||||||
endOffset = startOffset + 4
|
endOffset = startOffset + 4
|
||||||
b = buffer[startOffset:endOffset]
|
b = buffer[startOffset:endOffset]
|
||||||
|
@ -9,10 +9,11 @@ import (
|
|||||||
"crypto/sha512"
|
"crypto/sha512"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"github.com/sec51/convert/bigendian"
|
|
||||||
"net/url"
|
"net/url"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/sec51/convert/bigendian"
|
||||||
)
|
)
|
||||||
|
|
||||||
var sha1KeyHex = "3132333435363738393031323334353637383930"
|
var sha1KeyHex = "3132333435363738393031323334353637383930"
|
||||||
@ -146,7 +147,7 @@ func TestVerificationFailures(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if otp.totalVerificationFailures != 3 {
|
if otp.totalVerificationFailures != 3 {
|
||||||
t.Errorf("Expected 3 verifcation failures, instead we've got %d\n", otp.totalVerificationFailures)
|
t.Errorf("Expected 3 verification failures, instead we've got %d\n", otp.totalVerificationFailures)
|
||||||
}
|
}
|
||||||
|
|
||||||
// at this point we crossed the max failures, therefore it should always return an error
|
// at this point we crossed the max failures, therefore it should always return an error
|
||||||
@ -172,7 +173,7 @@ func TestVerificationFailures(t *testing.T) {
|
|||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// maje sure the fields are the same after parsing the token from bytes
|
// make sure the fields are the same after parsing the token from bytes
|
||||||
if otp.label() != restoredOtp.label() {
|
if otp.label() != restoredOtp.label() {
|
||||||
t.Error("Label mismatch between in memory OTP and byte parsed OTP")
|
t.Error("Label mismatch between in memory OTP and byte parsed OTP")
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user