From 69617caca7ff98f1a991b476669f1afcdfb01fb0 Mon Sep 17 00:00:00 2001
From: Terry Chia <terrycwk1994@gmail.com>
Date: Sat, 16 Jul 2016 22:22:32 +0800
Subject: Add flag to toggle key length check for HOTP and TOTP. (#3012)

* Add an enforce_key_length parameter to HOTP and TOTP.

* Document changes in docs.

* Add some words to the wordlist.

* Add versionadded to docs.
---
 src/cryptography/hazmat/primitives/twofactor/hotp.py | 5 +++--
 src/cryptography/hazmat/primitives/twofactor/totp.py | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/twofactor/hotp.py b/src/cryptography/hazmat/primitives/twofactor/hotp.py
index 12bc7661..4ad1bdc2 100644
--- a/src/cryptography/hazmat/primitives/twofactor/hotp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/hotp.py
@@ -19,14 +19,15 @@ from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
 
 
 class HOTP(object):
-    def __init__(self, key, length, algorithm, backend):
+    def __init__(self, key, length, algorithm, backend,
+                 enforce_key_length=True):
         if not isinstance(backend, HMACBackend):
             raise UnsupportedAlgorithm(
                 "Backend object does not implement HMACBackend.",
                 _Reasons.BACKEND_MISSING_INTERFACE
             )
 
-        if len(key) < 16:
+        if len(key) < 16 and enforce_key_length is True:
             raise ValueError("Key length has to be at least 128 bits.")
 
         if not isinstance(length, six.integer_types):
diff --git a/src/cryptography/hazmat/primitives/twofactor/totp.py b/src/cryptography/hazmat/primitives/twofactor/totp.py
index 60705901..499f2824 100644
--- a/src/cryptography/hazmat/primitives/twofactor/totp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/totp.py
@@ -15,7 +15,8 @@ from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
 
 
 class TOTP(object):
-    def __init__(self, key, length, algorithm, time_step, backend):
+    def __init__(self, key, length, algorithm, time_step, backend,
+                 enforce_key_length=True):
         if not isinstance(backend, HMACBackend):
             raise UnsupportedAlgorithm(
                 "Backend object does not implement HMACBackend.",
@@ -23,7 +24,7 @@ class TOTP(object):
             )
 
         self._time_step = time_step
-        self._hotp = HOTP(key, length, algorithm, backend)
+        self._hotp = HOTP(key, length, algorithm, backend, enforce_key_length)
 
     def generate(self, time):
         counter = int(time / self._time_step)
-- 
cgit v1.2.3