1
93%
master: 93%

Ran 02 Jul 2015 03:49PM UTC

Files 4

Run time 1s

Badge

Embed ▾

Committed 02 Jul 2015 03:39PM UTC coverage: 95.402% (+0.6%) from 94.828%

Job # 35.1

Build Type

Pull #8

travis-ci

Committed by

samwierema

Commit Message

Fix issue with fast-expiring TOTP tokens

When a TOTP token is generated in the last second of a time-step it invalidates a second later. Practically, that makes validating a TOTP very difficult, especially because windowing only goes forward in this implementation.

According to RFC 6238:
"When an OTP is generated at the end of a time-step window, the receiving time most likely falls into the next time-step window.  A validation system SHOULD typically set a policy for an acceptable OTP transmission delay window for validation.  The validation system should compare OTPs not only with the receiving timestamp but also the past timestamps that are within the transmission delay.  A larger acceptable delay window would expose a larger window for attacks.  We RECOMMEND that at most one time step is allowed as the network delay."

This commit fixes that issue, first by allowing the validation function to check one time-step window back (the $counterLow) value was always the CURRENT time-step), and second by making a window of 1 default.

Pull Request Pull Request #8: Fix issue with fast-expiring TOTP tokens

Run Details

166 of 174 relevant lines covered (95.4%)

18.33 hits per line

rchouinard / rych-otp / 35 / 1
93%
master: 93%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 35.1

rchouinard / rych-otp / 35 / 1 93% master: 93%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 35.1

rchouinard / rych-otp / 35 / 1
93%
master: 93%

README BADGES
x