Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix valid_totp to support upper bound on check_candidate
Resolves #18. The logic of `pot: valid_totp/2,3` incorrectly fails to evaluate the highest candidate when the `window` is set to a value greater than `0`. This is because the logic of `pot:check_candidate/5` short-circuits on `Current == Last` rather than `Current > Last`, which is what would be needed for it to work as expected. This change alters `pot:check_candidate/5` to break on `Current > Last`, and updates the unit tests accordingly. Note that, because `pot:valid_hotp/2,3` **also** use `pot:check_candidate/5`, this change extends by 1 the number of candidate trials that it will check when evaluating a hotp Token. This appears to also be a bug fix, because if you set `trials` to `1`, previously the next valid hotp Token would be rejected. Unit tests have been added to cover the cases described above.
- Loading branch information
1 parent
70093d2
commit 008c94d
Showing
4 changed files
with
86 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters