-
Notifications
You must be signed in to change notification settings - Fork 229
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Version 2.0.0 #44
Version 2.0.0 #44
Conversation
…ows for spaces/special chars in name)
- Added support for repetition of the key to the length of the hashing algorithm (20 bytes for SHA1, 32 bytes for SHA256, 64 bytes for SHA512) - Added tests for SHA256 and SHA512 test vectors as described in: https://tools.ietf.org/html/rfc6238#appendix-B
Sha256 sha512
Conflicts: lib/speakeasy.js
Conflicts: lib/speakeasy.js
Pull #50 fixes the TOTP window bug. |
Fix totp.verifyDelta() returning incorrect delta
…ackage name to throws in otpauthURL()
throw new Error('Speakeasy - otpauthURL - Invalid digits `' + digits + '`'); | ||
} | ||
query.digits = digits; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mikepb, do you think we need to be restricting the digits
here if it's a generic otpauth:// generator? I haven't been able to find any sort of spec for otpauth:// other than the one in the Google Authenticator wiki.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No reason other than Google, but we could just make a warning instead of full-blown error.
On Jan 26, 2016, at 8:51 PM, Mark Bao notifications@github.com wrote:
In index.js #44 (comment):
throw new Error('Speakeasy - otpauthURL - Invalid algorithm `' + algorithm + '`');
- }
- query.algorithm = algorithm.toUpperCase();
- }
- // validate digits
- if (digits != null) {
- switch (parseInt(digits, 10)) {
case 6:
case 8:
break;
default:
throw new Error('Speakeasy - otpauthURL - Invalid digits `' + digits + '`');
- }
- query.digits = digits;
- }
@mikepb https://github.com/mikepb, do you think we need to be restricting the digits here if it's a generic otpauth:// generator? I haven't been able to find any sort of spec for otpauth:// other than the one in the Google Authenticator wiki.—
Reply to this email directly or view it on GitHub https://github.com/speakeasyjs/speakeasy/pull/44/files#r50941080.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good call. Should we do the same for algorithm as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep.
On Jan 26, 2016, at 9:05 PM, Mark Bao notifications@github.com wrote:
In index.js #44 (comment):
throw new Error('Speakeasy - otpauthURL - Invalid algorithm `' + algorithm + '`');
- }
- query.algorithm = algorithm.toUpperCase();
- }
- // validate digits
- if (digits != null) {
- switch (parseInt(digits, 10)) {
case 6:
case 8:
break;
default:
throw new Error('Speakeasy - otpauthURL - Invalid digits `' + digits + '`');
- }
- query.digits = digits;
- }
Good call. Should we do the same for algorithm as well?—
Reply to this email directly or view it on GitHub https://github.com/speakeasyjs/speakeasy/pull/44/files#r50941798.
Alright, here we go! |
And we're live! https://www.npmjs.com/speakeasy Thank you to all of the contributors to version 2.0.0. Super thanks to @mikepb – I really enjoyed working with you on this, from having Passcode as a solid foundation to build on, to your input into design decisions and making pull requests. Thank you for your invaluable help on this project. Really proud to have this out! |
👏 |
2.0 Checklist
generate_key
andgenerate_key_ascii
.counter
and.time
back in for API compatibilityAPI breakage
key
is nowsecret
initial_time
is nowepoch
generate_key
method missingOpen questions
verify()
toverifyDelta()
and create a newverify()
that returns a boolean for a strict comparison (delta = 0)generate_key
->generateSecret()
for consistency?windowAhead
andwindowBehind
?