35
93%

Ran 02 Jul 2015 03:46PM UTC

Jobs 4

Files 4

Run time 8min

Badge

Embed ▾

pending completion

Build # 35

Build Type

Pull #8

travis-ci

Committed by

samwierema

Commit Message

Fix issue with fast-expiring TOTP tokens

When a TOTP token is generated in the last second of a time-step it invalidates a second later. Practically, that makes validating a TOTP very difficult, especially because windowing only goes forward in this implementation.

According to RFC 6238:
"When an OTP is generated at the end of a time-step window, the receiving time most likely falls into the next time-step window.  A validation system SHOULD typically set a policy for an acceptable OTP transmission delay window for validation.  The validation system should compare OTPs not only with the receiving timestamp but also the past timestamps that are within the transmission delay.  A larger acceptable delay window would expose a larger window for attacks.  We RECOMMEND that at most one time step is allowed as the network delay."

This commit fixes that issue, first by allowing the validation function to check one time-step window back (the $counterLow) value was always the CURRENT time-step), and second by making a window of 1 default.

Pull Request Pull Request #8: Fix issue with fast-expiring TOTP tokens

Run Details

166 of 174 relevant lines covered (95.4%)

73.31 hits per line

Jobs

ID	Job ID	Ran	Coverage
1	35.1	02 Jul 2015 03:49PM UTC	95.4	Travis Job 35.1
2	35.2	02 Jul 2015 03:48PM UTC	95.4	Travis Job 35.2
3	35.3	02 Jul 2015 03:55PM UTC	95.4	Travis Job 35.3
4	35.4	02 Jul 2015 03:46PM UTC	95.4	Travis Job 35.4

Source Files on build 35

Detailed source file information is not available for this build.

rchouinard / rych-otp / 35
93%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 35

rchouinard / rych-otp / 35 93%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 35

rchouinard / rych-otp / 35
93%

README BADGES
x