From 7a89b3dbf2f8d8f882edb6298d011cdd3d7add3c Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Tue, 5 Jun 2018 20:17:52 +0200 Subject: Add tests with different TOTP time windows While 30 seconds is the default time step for TOTP, arbitrary values are possible. Yet the RFC does only provide test cases for the default time window. This patch adds tests where these test cases are applied for a time window of 60 seconds (if both the current time and the time window double, the resulting TOTP code is the same). --- src/tests/otp.rs | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'src/tests') diff --git a/src/tests/otp.rs b/src/tests/otp.rs index 44689be..46843c8 100644 --- a/src/tests/otp.rs +++ b/src/tests/otp.rs @@ -130,13 +130,15 @@ fn hotp_erase() { assert_eq!("test2", device.get_hotp_slot_name(2).unwrap()); } -fn configure_totp(admin: &ConfigureOtp) { +fn configure_totp(admin: &ConfigureOtp, factor: u64) { let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits); - assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 30)); + let time_window = 30u64.checked_mul(factor).unwrap(); + assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, time_window as u16)); } -fn check_totp_codes(device: &GenerateOtp) { - for (i, &(time, code)) in TOTP_CODES.iter().enumerate() { +fn check_totp_codes(device: &GenerateOtp, factor: u64) { + for (i, &(base_time, code)) in TOTP_CODES.iter().enumerate() { + let time = base_time.checked_mul(factor).unwrap(); assert_eq!(CommandStatus::Success, device.set_time(time)); let result = device.get_totp_code(1); assert!(result.is_ok()); @@ -157,11 +159,14 @@ fn totp_no_pin() { let config = Config::new(None, None, None, false); assert_eq!(CommandStatus::Success, admin.write_config(config)); - configure_totp(&admin); - check_totp_codes(admin.deref()); + configure_totp(&admin, 1); + check_totp_codes(admin.deref(), 1); - configure_totp(&admin); - check_totp_codes(&admin.device()); + configure_totp(&admin, 2); + check_totp_codes(admin.deref(), 2); + + configure_totp(&admin, 1); + check_totp_codes(&admin.device(), 1); } #[test] @@ -172,9 +177,9 @@ fn totp_pin() { let config = Config::new(None, None, None, true); assert_eq!(CommandStatus::Success, admin.write_config(config)); - configure_totp(&admin); + configure_totp(&admin, 1); let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); - check_totp_codes(&user); + check_totp_codes(&user, 1); assert!(user.device().get_totp_code(1).is_err()); } -- cgit v1.2.3