You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2014/10/30 12:40:04 UTC
[2/2] couch commit: updated refs/heads/two-factor-auth-256-512 to
61c743c
Support sha256 and sha512 for two factor auth
This requires crypto:hmac/3
Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/61c743c5
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/61c743c5
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/61c743c5
Branch: refs/heads/two-factor-auth-256-512
Commit: 61c743c5304adda77050b34d05b04ef194be7dab
Parents: 236a736
Author: Robert Newson <rn...@apache.org>
Authored: Thu Oct 30 10:54:02 2014 +0000
Committer: Robert Newson <rn...@apache.org>
Committed: Thu Oct 30 11:36:04 2014 +0000
----------------------------------------------------------------------
src/couch_hotp.erl | 11 ++++-------
src/couch_httpd_auth.erl | 2 +-
src/couch_totp.erl | 14 +++++++-------
test/couch_hotp_tests.erl | 20 ++++++++++----------
test/couch_totp_tests.erl | 33 ++++++++++++++++++++++++++-------
5 files changed, 48 insertions(+), 32 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/src/couch_hotp.erl
----------------------------------------------------------------------
diff --git a/src/couch_hotp.erl b/src/couch_hotp.erl
index 10ccc33..9a620fa 100644
--- a/src/couch_hotp.erl
+++ b/src/couch_hotp.erl
@@ -12,14 +12,11 @@
-module(couch_hotp).
--export([generate/2, generate/3]).
+-export([generate/4]).
-generate(Key, Counter) when is_binary(Key), is_integer(Counter) ->
- generate(Key, Counter, 6).
-
-generate(Key, Counter, OutputLen)
- when is_binary(Key), is_integer(Counter), is_integer(OutputLen) ->
- Hmac = crypto:sha_mac(Key, <<Counter:64>>),
+generate(Alg, Key, Counter, OutputLen)
+ when is_atom(Alg), is_binary(Key), is_integer(Counter), is_integer(OutputLen) ->
+ Hmac = crypto:hmac(Alg, Key, <<Counter:64>>),
Offset = binary:last(Hmac) band 16#f,
Code =
((binary:at(Hmac, Offset) band 16#7f) bsl 24) +
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/src/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couch_httpd_auth.erl b/src/couch_httpd_auth.erl
index 8c91252..aed99d0 100644
--- a/src/couch_httpd_auth.erl
+++ b/src/couch_httpd_auth.erl
@@ -470,7 +470,7 @@ verify_token(Key, Token) ->
end.
generate_token(Key, Timestamp) ->
- integer_to_binary(couch_totp:generate(Key, Timestamp, 30, 6)).
+ integer_to_binary(couch_totp:generate(sha, Key, Timestamp, 30, 6)).
integer_to_binary(Int) when is_integer(Int) ->
?l2b(integer_to_list(Int)).
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/src/couch_totp.erl
----------------------------------------------------------------------
diff --git a/src/couch_totp.erl b/src/couch_totp.erl
index c3a6a7e..56e70d8 100644
--- a/src/couch_totp.erl
+++ b/src/couch_totp.erl
@@ -12,12 +12,12 @@
-module(couch_totp).
--export([generate/3, generate/4]).
+-export([generate/5]).
-generate(Key, CounterSecs, StepSecs) ->
- generate(Key, CounterSecs, StepSecs, 8).
-
-generate(Key, CounterSecs, StepSecs, OutputLen)
- when is_binary(Key), is_integer(CounterSecs), is_integer(StepSecs),
+generate(Alg, Key, CounterSecs, StepSecs, OutputLen)
+ when is_atom(Alg),
+ is_binary(Key),
+ is_integer(CounterSecs),
+ is_integer(StepSecs),
is_integer(OutputLen) ->
- couch_hotp:generate(Key, CounterSecs div StepSecs, OutputLen).
+ couch_hotp:generate(Alg, Key, CounterSecs div StepSecs, OutputLen).
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/test/couch_hotp_tests.erl
----------------------------------------------------------------------
diff --git a/test/couch_hotp_tests.erl b/test/couch_hotp_tests.erl
index 87d2dff..a41375c 100644
--- a/test/couch_hotp_tests.erl
+++ b/test/couch_hotp_tests.erl
@@ -16,13 +16,13 @@
test_vector_test() ->
Key = <<"12345678901234567890">>,
- ?assertEqual(755224, couch_hotp:generate(Key, 0)),
- ?assertEqual(287082, couch_hotp:generate(Key, 1)),
- ?assertEqual(359152, couch_hotp:generate(Key, 2)),
- ?assertEqual(969429, couch_hotp:generate(Key, 3)),
- ?assertEqual(338314, couch_hotp:generate(Key, 4)),
- ?assertEqual(254676, couch_hotp:generate(Key, 5)),
- ?assertEqual(287922, couch_hotp:generate(Key, 6)),
- ?assertEqual(162583, couch_hotp:generate(Key, 7)),
- ?assertEqual(399871, couch_hotp:generate(Key, 8)),
- ?assertEqual(520489, couch_hotp:generate(Key, 9)).
+ ?assertEqual(755224, couch_hotp:generate(sha, Key, 0, 6)),
+ ?assertEqual(287082, couch_hotp:generate(sha, Key, 1, 6)),
+ ?assertEqual(359152, couch_hotp:generate(sha, Key, 2, 6)),
+ ?assertEqual(969429, couch_hotp:generate(sha, Key, 3, 6)),
+ ?assertEqual(338314, couch_hotp:generate(sha, Key, 4, 6)),
+ ?assertEqual(254676, couch_hotp:generate(sha, Key, 5, 6)),
+ ?assertEqual(287922, couch_hotp:generate(sha, Key, 6, 6)),
+ ?assertEqual(162583, couch_hotp:generate(sha, Key, 7, 6)),
+ ?assertEqual(399871, couch_hotp:generate(sha, Key, 8, 6)),
+ ?assertEqual(520489, couch_hotp:generate(sha, Key, 9, 6)).
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/61c743c5/test/couch_totp_tests.erl
----------------------------------------------------------------------
diff --git a/test/couch_totp_tests.erl b/test/couch_totp_tests.erl
index 33596ed..689cf38 100644
--- a/test/couch_totp_tests.erl
+++ b/test/couch_totp_tests.erl
@@ -15,10 +15,29 @@
-include_lib("eunit/include/eunit.hrl").
test_vector_test() ->
- Key = <<"12345678901234567890">>,
- ?assertEqual(94287082, couch_totp:generate(Key, 59, 30)),
- ?assertEqual(07081804, couch_totp:generate(Key, 1111111109, 30)),
- ?assertEqual(14050471, couch_totp:generate(Key, 1111111111, 30)),
- ?assertEqual(89005924, couch_totp:generate(Key, 1234567890, 30)),
- ?assertEqual(69279037, couch_totp:generate(Key, 2000000000, 30)),
- ?assertEqual(65353130, couch_totp:generate(Key, 20000000000, 30)).
+ ShaKey = <<"12345678901234567890">>,
+ Sha256Key = <<"12345678901234567890123456789012">>,
+ Sha512Key = <<"1234567890123456789012345678901234567890123456789012345678901234">>,
+ ?assertEqual(94287082, couch_totp:generate(sha, ShaKey, 59, 30, 8)),
+ ?assertEqual(46119246, couch_totp:generate(sha256, Sha256Key, 59, 30, 8)),
+ ?assertEqual(90693936, couch_totp:generate(sha512, Sha512Key, 59, 30, 8)),
+
+ ?assertEqual(07081804, couch_totp:generate(sha, ShaKey, 1111111109, 30, 8)),
+ ?assertEqual(68084774, couch_totp:generate(sha256, Sha256Key, 1111111109, 30, 8)),
+ ?assertEqual(25091201, couch_totp:generate(sha512, Sha512Key, 1111111109, 30, 8)),
+
+ ?assertEqual(14050471, couch_totp:generate(sha, ShaKey, 1111111111, 30, 8)),
+ ?assertEqual(67062674, couch_totp:generate(sha256, Sha256Key, 1111111111, 30, 8)),
+ ?assertEqual(99943326, couch_totp:generate(sha512, Sha512Key, 1111111111, 30, 8)),
+
+ ?assertEqual(89005924, couch_totp:generate(sha, ShaKey, 1234567890, 30, 8)),
+ ?assertEqual(91819424, couch_totp:generate(sha256, Sha256Key, 1234567890, 30, 8)),
+ ?assertEqual(93441116, couch_totp:generate(sha512, Sha512Key, 1234567890, 30, 8)),
+
+ ?assertEqual(69279037, couch_totp:generate(sha, ShaKey, 2000000000, 30, 8)),
+ ?assertEqual(90698825, couch_totp:generate(sha256, Sha256Key, 2000000000, 30, 8)),
+ ?assertEqual(38618901, couch_totp:generate(sha512, Sha512Key, 2000000000, 30, 8)),
+
+ ?assertEqual(65353130, couch_totp:generate(sha, ShaKey, 20000000000, 30, 8)),
+ ?assertEqual(77737706, couch_totp:generate(sha256, Sha256Key, 20000000000, 30, 8)),
+ ?assertEqual(47863826, couch_totp:generate(sha512, Sha512Key, 20000000000, 30, 8)).