sean-m
/
keysmith
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix up outdated token length validation 

Keysmith can generate up to 10 digit HOTP/TOTP tokens and with this change
token length validation also permits it.
master
Johan Ouwerkerk 2020-04-11 21:46:19 +02:00
parent 567d9c3c97
commit ecf3476faa
4 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
autotests/account/file-jobs/save-hotp.cpp
View File

@ -133,7 +133,7 @@ void SaveHotpTest::invalidHotp_data(void)
define_test_case("null secret", QUuid("6e5ba95c-984d-538c-844e-f9edc1341bd2"), QLatin1String("null secret"), QString(), 0, 6);
define_test_case("empty secret", QUuid("fe68a65e-287e-5dcd-909b-1837d7ab94ee"), QLatin1String("empty secret"), QLatin1String(""), 0, 6);
define_test_case("tokenLength too small", QUuid("bca12e13-4b5b-5e4e-b162-3b86a6284dea"), QLatin1String("tokenLength too small"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 0, 5);
define_test_case("tokenLength too large", QUuid("5c10d530-fb22-5438-848d-3d4d1f738610"), QLatin1String("tokenLength too large"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 0, 9);
define_test_case("tokenLength too large", QUuid("5c10d530-fb22-5438-848d-3d4d1f738610"), QLatin1String("tokenLength too large"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 0, 11);
}
void SaveHotpTest::initTestCase(void)

2
autotests/account/file-jobs/save-totp.cpp
View File

@ -134,7 +134,7 @@ void SaveTotpTest::invalidHotp_data(void)
define_test_case("empty secret", QUuid("fe68a65e-287e-5dcd-909b-1837d7ab94ee"), QLatin1String("empty secret"), QLatin1String(""), 30, 6);
define_test_case("timeStep too small", QUuid("5ab8749b-f973-5f48-a70e-c261ebd0521a"), QLatin1String("timeStep too small"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 0, 6);
define_test_case("tokenLength too small", QUuid("bca12e13-4b5b-5e4e-b162-3b86a6284dea"), QLatin1String("tokenLength too small"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 30, 5);
define_test_case("tokenLength too large", QUuid("5c10d530-fb22-5438-848d-3d4d1f738610"), QLatin1String("tokenLength too large"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 30, 9);
define_test_case("tokenLength too large", QUuid("5c10d530-fb22-5438-848d-3d4d1f738610"), QLatin1String("tokenLength too large"), QLatin1String("NBSWY3DPFQQHO33SNRSCCCQ="), 30, 11);
}
void SaveTotpTest::initTestCase(void)

2
autotests/account/validation/account-validation.cpp
View File

@ -89,7 +89,7 @@ void AccountValidationTest::checkTokenLength_data()
QTest::addColumn<bool>("expected");
QTest::newRow("too small") << 5 << false;
QTest::newRow("too large") << 9 << false;
QTest::newRow("too large") << 11 << false;
QTest::newRow("minimum") << 6 << true;
QTest::newRow("maximum") << 8 << true;
}

2
src/account/validation.cpp
View File

@ -26,7 +26,7 @@ namespace accounts
bool checkTokenLength(int tokenLength)
{
return tokenLength >= 6 && tokenLength <= 8;
return tokenLength >= 6 && tokenLength <= 10;
}
bool checkTimeStep(uint timeStep)