Exemplo n.º 1
0
def check_hotp(raw_seed, auth_code, counter, token_type=None):
    """
    Checks whether `auth_code` is a valid authentication code for `counter`
    based on the `raw_seed` (raw byte string representation of `seed`).
    """
    if not token_type:
        token_type = DEFAULT_TOKEN_TYPE

    return accept_hotp(
        hexlify(raw_seed),
        auth_code,
        counter,
        token_type,
        # Don't support drifts yet -- need to return the new counter if support
        # for drifts is added.
        drift=0,
        backward_drift=0)[0]
Exemplo n.º 2
0
def check_hotp(raw_seed, auth_code, counter, token_type=None):
    """
    Checks whether `auth_code` is a valid authentication code for `counter`
    based on the `raw_seed` (raw byte string representation of `seed`).
    """
    if not token_type:
        token_type = DEFAULT_TOKEN_TYPE

    return accept_hotp(
        hexlify(raw_seed),
        auth_code,
        counter,
        token_type,
        # Don't support drifts yet -- need to return the new counter if support
        # for drifts is added.
        drift=0,
        backward_drift=0
    )[0]
Exemplo n.º 3
0
def valid_login():
    try:
        credentials = app.auth[request.form['username']]
    except KeyError:
        return False

    if request.form['password'] != credentials['password']:
        return False

    # Check oath-hotp credentals
    (valid, counter) = accept_hotp(credentials['shared_secret'], request.form['oath'], int(credentials['shared_counter']), format='dec8', drift=128)
    if not valid:
        return False

    # Save the new counter
    credentials['shared_counter'] = counter
    with open('auth.json', 'w') as auth_file:
        json.dump(app.auth, auth_file)

    return True
Exemplo n.º 4
0
    def test_accept_hotp(self):
        tvector2 = [
            (0, '4c93cf18', '1284755224', '755224',),
            (1, '41397eea', '1094287082', '287082',),
            (2, '82fef30',  '137359152',  '359152',),
            (3, '66ef7655', '1726969429', '969429',),
            (4, '61c5938a', '1640338314', '338314',),
            (5, '33c083d4', '868254676',  '254676',),
            (6, '7256c032', '1918287922', '287922',),
            (7, '4e5b397',  '82162583',   '162583',),
            (8, '2823443f', '673399871',  '399871',),
            (9, '2679dc69',  '645520489', '520489',),]

        for counter, hexa, deci, trunc in tvector2:
            h = hotp(self.secret, counter, format='hex')
            d = hotp(self.secret, counter, format='dec')
            d6 = hotp(self.secret, counter, format='dec6')
            self.assertEqual(d, deci)
            self.assertEqual(h,  hexa)
            self.assertEqual(d6, trunc)
            self.assertTrue(accept_hotp(self.secret, trunc, counter))
Exemplo n.º 5
0
    def test_accept_hotp(self):
        tvector2 = [
            (
                0,
                '4c93cf18',
                '1284755224',
                '755224',
            ),
            (
                1,
                '41397eea',
                '1094287082',
                '287082',
            ),
            (
                2,
                '82fef30',
                '137359152',
                '359152',
            ),
            (
                3,
                '66ef7655',
                '1726969429',
                '969429',
            ),
            (
                4,
                '61c5938a',
                '1640338314',
                '338314',
            ),
            (
                5,
                '33c083d4',
                '868254676',
                '254676',
            ),
            (
                6,
                '7256c032',
                '1918287922',
                '287922',
            ),
            (
                7,
                '4e5b397',
                '82162583',
                '162583',
            ),
            (
                8,
                '2823443f',
                '673399871',
                '399871',
            ),
            (
                9,
                '2679dc69',
                '645520489',
                '520489',
            ),
        ]

        for counter, hexa, deci, trunc in tvector2:
            h = hotp(self.secret, counter, format='hex')
            d = hotp(self.secret, counter, format='dec')
            d6 = hotp(self.secret, counter, format='dec6')
            self.assertEqual(d, deci)
            self.assertEqual(h, hexa)
            self.assertEqual(d6, trunc)
            self.assertTrue(accept_hotp(self.secret, trunc, counter))