You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2014/10/30 12:40:04 UTC

[2/2] couch commit: updated refs/heads/two-factor-auth-256-512 to 61c743c

Support sha256 and sha512 for two factor auth

This requires crypto:hmac/3


Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/61c743c5
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/61c743c5
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/61c743c5

Branch: refs/heads/two-factor-auth-256-512
Commit: 61c743c5304adda77050b34d05b04ef194be7dab
Parents: 236a736
Author: Robert Newson <rn...@apache.org>
Authored: Thu Oct 30 10:54:02 2014 +0000
Committer: Robert Newson <rn...@apache.org>
Committed: Thu Oct 30 11:36:04 2014 +0000

----------------------------------------------------------------------
 src/couch_hotp.erl        | 11 ++++-------
 src/couch_httpd_auth.erl  |  2 +-
 src/couch_totp.erl        | 14 +++++++-------
 test/couch_hotp_tests.erl | 20 ++++++++++----------
 test/couch_totp_tests.erl | 33 ++++++++++++++++++++++++++-------
 5 files changed, 48 insertions(+), 32 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/src/couch_hotp.erl
----------------------------------------------------------------------
diff --git a/src/couch_hotp.erl b/src/couch_hotp.erl
index 10ccc33..9a620fa 100644
--- a/src/couch_hotp.erl
+++ b/src/couch_hotp.erl
@@ -12,14 +12,11 @@
 
 -module(couch_hotp).
 
--export([generate/2, generate/3]).
+-export([generate/4]).
 
-generate(Key, Counter) when is_binary(Key), is_integer(Counter) ->
-    generate(Key, Counter, 6).
-
-generate(Key, Counter, OutputLen)
-  when is_binary(Key), is_integer(Counter), is_integer(OutputLen) ->
-    Hmac = crypto:sha_mac(Key, <<Counter:64>>),
+generate(Alg, Key, Counter, OutputLen)
+  when is_atom(Alg), is_binary(Key), is_integer(Counter), is_integer(OutputLen) ->
+    Hmac = crypto:hmac(Alg, Key, <<Counter:64>>),
     Offset = binary:last(Hmac) band 16#f,
     Code =
         ((binary:at(Hmac, Offset) band 16#7f) bsl 24) +

http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/src/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couch_httpd_auth.erl b/src/couch_httpd_auth.erl
index 8c91252..aed99d0 100644
--- a/src/couch_httpd_auth.erl
+++ b/src/couch_httpd_auth.erl
@@ -470,7 +470,7 @@ verify_token(Key, Token) ->
     end.
 
 generate_token(Key, Timestamp) ->
-    integer_to_binary(couch_totp:generate(Key, Timestamp, 30, 6)).
+    integer_to_binary(couch_totp:generate(sha, Key, Timestamp, 30, 6)).
 
 integer_to_binary(Int) when is_integer(Int) ->
     ?l2b(integer_to_list(Int)).

http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/src/couch_totp.erl
----------------------------------------------------------------------
diff --git a/src/couch_totp.erl b/src/couch_totp.erl
index c3a6a7e..56e70d8 100644
--- a/src/couch_totp.erl
+++ b/src/couch_totp.erl
@@ -12,12 +12,12 @@
 
 -module(couch_totp).
 
--export([generate/3, generate/4]).
+-export([generate/5]).
 
-generate(Key, CounterSecs, StepSecs) ->
-    generate(Key, CounterSecs, StepSecs, 8).
-
-generate(Key, CounterSecs, StepSecs, OutputLen)
-  when is_binary(Key), is_integer(CounterSecs), is_integer(StepSecs),
+generate(Alg, Key, CounterSecs, StepSecs, OutputLen)
+  when is_atom(Alg),
+       is_binary(Key),
+       is_integer(CounterSecs),
+       is_integer(StepSecs),
        is_integer(OutputLen) ->
-    couch_hotp:generate(Key, CounterSecs div StepSecs, OutputLen).
+    couch_hotp:generate(Alg, Key, CounterSecs div StepSecs, OutputLen).

http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/test/couch_hotp_tests.erl
----------------------------------------------------------------------
diff --git a/test/couch_hotp_tests.erl b/test/couch_hotp_tests.erl
index 87d2dff..a41375c 100644
--- a/test/couch_hotp_tests.erl
+++ b/test/couch_hotp_tests.erl
@@ -16,13 +16,13 @@
 
 test_vector_test() ->
     Key = <<"12345678901234567890">>,
-    ?assertEqual(755224, couch_hotp:generate(Key, 0)),
-    ?assertEqual(287082, couch_hotp:generate(Key, 1)),
-    ?assertEqual(359152, couch_hotp:generate(Key, 2)),
-    ?assertEqual(969429, couch_hotp:generate(Key, 3)),
-    ?assertEqual(338314, couch_hotp:generate(Key, 4)),
-    ?assertEqual(254676, couch_hotp:generate(Key, 5)),
-    ?assertEqual(287922, couch_hotp:generate(Key, 6)),
-    ?assertEqual(162583, couch_hotp:generate(Key, 7)),
-    ?assertEqual(399871, couch_hotp:generate(Key, 8)),
-    ?assertEqual(520489, couch_hotp:generate(Key, 9)).
+    ?assertEqual(755224, couch_hotp:generate(sha, Key, 0, 6)),
+    ?assertEqual(287082, couch_hotp:generate(sha, Key, 1, 6)),
+    ?assertEqual(359152, couch_hotp:generate(sha, Key, 2, 6)),
+    ?assertEqual(969429, couch_hotp:generate(sha, Key, 3, 6)),
+    ?assertEqual(338314, couch_hotp:generate(sha, Key, 4, 6)),
+    ?assertEqual(254676, couch_hotp:generate(sha, Key, 5, 6)),
+    ?assertEqual(287922, couch_hotp:generate(sha, Key, 6, 6)),
+    ?assertEqual(162583, couch_hotp:generate(sha, Key, 7, 6)),
+    ?assertEqual(399871, couch_hotp:generate(sha, Key, 8, 6)),
+    ?assertEqual(520489, couch_hotp:generate(sha, Key, 9, 6)).

http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/test/couch_totp_tests.erl
----------------------------------------------------------------------
diff --git a/test/couch_totp_tests.erl b/test/couch_totp_tests.erl
index 33596ed..689cf38 100644
--- a/test/couch_totp_tests.erl
+++ b/test/couch_totp_tests.erl
@@ -15,10 +15,29 @@
 -include_lib("eunit/include/eunit.hrl").
 
 test_vector_test() ->
-    Key = <<"12345678901234567890">>,
-    ?assertEqual(94287082, couch_totp:generate(Key, 59, 30)),
-    ?assertEqual(07081804, couch_totp:generate(Key, 1111111109, 30)),
-    ?assertEqual(14050471, couch_totp:generate(Key, 1111111111, 30)),
-    ?assertEqual(89005924, couch_totp:generate(Key, 1234567890, 30)),
-    ?assertEqual(69279037, couch_totp:generate(Key, 2000000000, 30)),
-    ?assertEqual(65353130, couch_totp:generate(Key, 20000000000, 30)).
+    ShaKey = <<"12345678901234567890">>,
+    Sha256Key = <<"12345678901234567890123456789012">>,
+    Sha512Key = <<"1234567890123456789012345678901234567890123456789012345678901234">>,
+    ?assertEqual(94287082, couch_totp:generate(sha, ShaKey, 59, 30, 8)),
+    ?assertEqual(46119246, couch_totp:generate(sha256, Sha256Key, 59, 30, 8)),
+    ?assertEqual(90693936, couch_totp:generate(sha512, Sha512Key, 59, 30, 8)),
+
+    ?assertEqual(07081804, couch_totp:generate(sha, ShaKey, 1111111109, 30, 8)),
+    ?assertEqual(68084774, couch_totp:generate(sha256, Sha256Key, 1111111109, 30, 8)),
+    ?assertEqual(25091201, couch_totp:generate(sha512, Sha512Key, 1111111109, 30, 8)),
+
+    ?assertEqual(14050471, couch_totp:generate(sha, ShaKey, 1111111111, 30, 8)),
+    ?assertEqual(67062674, couch_totp:generate(sha256, Sha256Key, 1111111111, 30, 8)),
+    ?assertEqual(99943326, couch_totp:generate(sha512, Sha512Key, 1111111111, 30, 8)),
+
+    ?assertEqual(89005924, couch_totp:generate(sha, ShaKey, 1234567890, 30, 8)),
+    ?assertEqual(91819424, couch_totp:generate(sha256, Sha256Key, 1234567890, 30, 8)),
+    ?assertEqual(93441116, couch_totp:generate(sha512, Sha512Key, 1234567890, 30, 8)),
+
+    ?assertEqual(69279037, couch_totp:generate(sha, ShaKey, 2000000000, 30, 8)),
+    ?assertEqual(90698825, couch_totp:generate(sha256, Sha256Key, 2000000000, 30, 8)),
+    ?assertEqual(38618901, couch_totp:generate(sha512, Sha512Key, 2000000000, 30, 8)),
+
+    ?assertEqual(65353130, couch_totp:generate(sha, ShaKey, 20000000000, 30, 8)),
+    ?assertEqual(77737706, couch_totp:generate(sha256, Sha256Key, 20000000000, 30, 8)),
+    ?assertEqual(47863826, couch_totp:generate(sha512, Sha512Key, 20000000000, 30, 8)).