File: KAT_OTP.hs

package info (click to toggle)
haskell-crypton 0.34-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 3,380 kB
  • sloc: ansic: 22,092; haskell: 18,717; makefile: 6
file content (101 lines) | stat: -rw-r--r-- 2,930 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
{-# LANGUAGE OverloadedStrings #-}


module KAT_OTP
    ( tests
    )
where

import Crypto.Hash.Algorithms (SHA1(..), SHA256(..), SHA512(..))
import Crypto.OTP
import Imports

-- | Test values from Appendix D of http://tools.ietf.org/html/rfc4226
hotpExpected :: [(Word64, Word32)]
hotpExpected =
    [ (0, 755224)
    , (1, 287082)
    , (3, 969429)
    , (4, 338314)
    , (5, 254676)
    , (6, 287922)
    , (7, 162583)
    , (8, 399871)
    , (9, 520489)
    ]

-- | Test data from Appendix B of http://tools.ietf.org/html/rfc6238
-- Note that the shared keys for the non SHA-1 values are actually
-- different (see the errata, or the Java example code).
totpSHA1Expected :: [(Word64, Word32)]
totpSHA1Expected =
    [ (59        , 94287082)
    , (1111111109, 07081804)
    , (1111111111, 14050471)
    , (1234567890, 89005924)
    , (2000000000, 69279037)
    , (20000000000, 65353130)
    ]

totpSHA256Expected :: [(Word64, Word32)]
totpSHA256Expected =
    [ (59        , 46119246)
    , (1111111109, 68084774)
    , (1111111111, 67062674)
    , (1234567890, 91819424)
    , (2000000000, 90698825)
    , (20000000000, 77737706)
    ]

totpSHA512Expected :: [(Word64, Word32)]
totpSHA512Expected =
    [ (59        , 90693936)
    , (1111111109, 25091201)
    , (1111111111, 99943326)
    , (1234567890, 93441116)
    , (2000000000, 38618901)
    , (20000000000, 47863826)
    ]

otpKey = "12345678901234567890" :: ByteString
totpSHA256Key = "12345678901234567890123456789012" :: ByteString
totpSHA512Key = "1234567890123456789012345678901234567890123456789012345678901234" :: ByteString

makeKATs otp expected = concatMap (makeTest otp) (zip3 is counts otps)
  where
    is :: [Int]
    is = [1..]

    counts = map fst expected
    otps  = map snd expected

makeTest otp (i, count, password) =
    [ testCase (show i) (assertEqual "" password (otp count))
    ]

Right totpSHA1Params = mkTOTPParams SHA1 0 30 OTP8 TwoSteps
Right totpSHA256Params = mkTOTPParams SHA256 0 30 OTP8 TwoSteps
Right totpSHA512Params = mkTOTPParams SHA512 0 30 OTP8 TwoSteps

-- resynching with the expected value should just return the current counter + 1
prop_resyncExpected ctr window = resynchronize SHA1 OTP6 window key ctr (otp, []) == Just (ctr + 1)
  where
    key = "1234" :: ByteString
    otp = hotp SHA1 OTP6 key ctr


tests = testGroup "OTP"
    [ testGroup "HOTP"
        [ testGroup "KATs" (makeKATs (hotp SHA1 OTP6 otpKey) hotpExpected)
        , testGroup "properties"
            [ testProperty "resync-expected" prop_resyncExpected
            ]
        ]
    , testGroup "TOTP"
        [ testGroup "KATs"
            [ testGroup "SHA1" (makeKATs (totp totpSHA1Params otpKey) totpSHA1Expected)
            , testGroup "SHA256" (makeKATs (totp totpSHA256Params totpSHA256Key) totpSHA256Expected)
            , testGroup "SHA512" (makeKATs (totp totpSHA512Params totpSHA512Key) totpSHA512Expected)
            ]
        ]
    ]