From b6ff55662e0281c0d6e111f9307625ef695df2fa Mon Sep 17 00:00:00 2001 From: kim Date: Thu, 22 May 2025 16:27:55 +0200 Subject: [chore] update dependencies (#4188) Update dependencies: - github.com/gin-gonic/gin v1.10.0 -> v1.10.1 - github.com/gin-contrib/sessions v1.10.3 -> v1.10.4 - github.com/jackc/pgx/v5 v5.7.4 -> v5.7.5 - github.com/minio/minio-go/v7 v7.0.91 -> v7.0.92 - github.com/pquerna/otp v1.4.0 -> v1.5.0 - github.com/tdewolff/minify/v2 v2.23.5 -> v2.23.8 - github.com/yuin/goldmark v1.7.11 -> v1.7.12 - go.opentelemetry.io/otel{,/*} v1.35.0 -> v1.36.0 - modernc.org/sqlite v1.37.0 -> v1.37.1 Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4188 Reviewed-by: Daenney Co-authored-by: kim Co-committed-by: kim --- vendor/github.com/pquerna/otp/hotp/hotp.go | 35 ++++++++++++++++++++++++------ 1 file changed, 28 insertions(+), 7 deletions(-) (limited to 'vendor/github.com/pquerna/otp/hotp') diff --git a/vendor/github.com/pquerna/otp/hotp/hotp.go b/vendor/github.com/pquerna/otp/hotp/hotp.go index 13a193e94..bc23b660b 100644 --- a/vendor/github.com/pquerna/otp/hotp/hotp.go +++ b/vendor/github.com/pquerna/otp/hotp/hotp.go @@ -57,6 +57,8 @@ type ValidateOpts struct { Digits otp.Digits // Algorithm to use for HMAC. Defaults to SHA1. Algorithm otp.Algorithm + // Encoder to use for output code. + Encoder otp.Encoder } // GenerateCode creates a HOTP passcode given a counter and secret. @@ -112,15 +114,34 @@ func GenerateCodeCustom(secret string, counter uint64, opts ValidateOpts) (passc (int(sum[offset+3]) & 0xff)) l := opts.Digits.Length() - mod := int32(value % int64(math.Pow10(l))) + switch opts.Encoder { + case otp.EncoderDefault: + mod := int32(value % int64(math.Pow10(l))) + + if debug { + fmt.Printf("offset=%v\n", offset) + fmt.Printf("value=%v\n", value) + fmt.Printf("mod'ed=%v\n", mod) + } + passcode = opts.Digits.Format(mod) + case otp.EncoderSteam: + // Define the character set used by Steam Guard codes. + alphabet := []byte{ + '2', '3', '4', '5', '6', '7', '8', '9', 'B', 'C', + 'D', 'F', 'G', 'H', 'J', 'K', 'M', 'N', 'P', 'Q', + 'R', 'T', 'V', 'W', 'X', 'Y', + } + radix := int64(len(alphabet)) - if debug { - fmt.Printf("offset=%v\n", offset) - fmt.Printf("value=%v\n", value) - fmt.Printf("mod'ed=%v\n", mod) + for i := 0; i < l; i++ { + digit := value % radix + value /= radix + c := alphabet[digit] + passcode += string(c) + } } - return opts.Digits.Format(mod), nil + return } // ValidateCustom validates an HOTP with customizable options. Most users should @@ -194,7 +215,7 @@ func Generate(opts GenerateOpts) (*otp.Key, error) { v.Set("secret", b32NoPadding.EncodeToString(opts.Secret)) } else { secret := make([]byte, opts.SecretSize) - _, err := opts.Rand.Read(secret) + _, err := io.ReadFull(opts.Rand, secret) if err != nil { return nil, err } -- cgit v1.3