diff options
author | Harsh Shandilya <msfjarvis@gmail.com> | 2019-03-19 20:34:41 +0530 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-19 20:34:41 +0530 |
commit | 94bf103b337d9df1d6232d85f5edf4673ede651c (patch) | |
tree | 84c3971b0f95f0586923b5e3a8262137236a2b80 | |
parent | 59ac91ebbc9f1d63c0377890902cc5c12f0af4c6 (diff) | |
parent | 2ca59d95f962d333f56c714f1e0b97d38db4785a (diff) |
Merge pull request #491 from igaryhe/master
Read OTP digits, algorithm, period from URI, support Steam Guard
3 files changed, 62 insertions, 11 deletions
diff --git a/app/src/main/java/com/zeapo/pwdstore/PasswordEntry.kt b/app/src/main/java/com/zeapo/pwdstore/PasswordEntry.kt index 757681c5..392bc749 100644 --- a/app/src/main/java/com/zeapo/pwdstore/PasswordEntry.kt +++ b/app/src/main/java/com/zeapo/pwdstore/PasswordEntry.kt @@ -11,7 +11,10 @@ import java.io.UnsupportedEncodingException class PasswordEntry(private val content: String) { val password: String val username: String? + val digits: String val totpSecret: String? + val totpPeriod: Long + val totpAlgorithm: String val hotpSecret: String? val hotpCounter: Long? var extraContent: String? = null @@ -24,7 +27,10 @@ class PasswordEntry(private val content: String) { init { val passContent = content.split("\n".toRegex(), 2).toTypedArray() password = passContent[0] + digits = findOtpDigits(content) totpSecret = findTotpSecret(content) + totpPeriod = findTotpPeriod(content) + totpAlgorithm = findTotpAlgorithm(content) hotpSecret = findHotpSecret(content) hotpCounter = findHotpCounter(content) extraContent = findExtraContent(passContent) @@ -81,6 +87,37 @@ class PasswordEntry(private val content: String) { return null } + private fun findOtpDigits(decryptedContent: String): String { + decryptedContent.split("\n".toRegex()).forEach { line -> + if (line.startsWith("otpauth://totp/") || + line.startsWith("otpauth://hotp/") && + Uri.parse(line).getQueryParameter("digits") != null) { + return Uri.parse(line).getQueryParameter("digits")!! + } + } + return "6" + } + + private fun findTotpPeriod(decryptedContent: String): Long { + decryptedContent.split("\n".toRegex()).forEach { line -> + if (line.startsWith("otpauth://totp/") && + Uri.parse(line).getQueryParameter("period") != null) { + return java.lang.Long.parseLong(Uri.parse(line).getQueryParameter("period")!!) + } + } + return 30 + } + + private fun findTotpAlgorithm(decryptedContent: String): String { + decryptedContent.split("\n".toRegex()).forEach { line -> + if (line.startsWith("otpauth://totp/") && + Uri.parse(line).getQueryParameter("algorithm") != null) { + return Uri.parse(line).getQueryParameter("algorithm")!! + } + } + return "sha1" + } + private fun findHotpSecret(decryptedContent: String): String? { decryptedContent.split("\n".toRegex()).forEach { line -> if (line.startsWith("otpauth://hotp/")) { diff --git a/app/src/main/java/com/zeapo/pwdstore/crypto/PgpActivity.kt b/app/src/main/java/com/zeapo/pwdstore/crypto/PgpActivity.kt index c7b1273f..81a79d05 100644 --- a/app/src/main/java/com/zeapo/pwdstore/crypto/PgpActivity.kt +++ b/app/src/main/java/com/zeapo/pwdstore/crypto/PgpActivity.kt @@ -305,12 +305,17 @@ class PgpActivity : AppCompatActivity(), OpenPgpServiceConnection.OnBound { copyOtpToClipBoard( Otp.calculateCode( entry.totpSecret, - Date().time / (1000 * Otp.TIME_WINDOW) - ) + Date().time / (1000 * entry.totpPeriod), + entry.totpAlgorithm, + entry.digits) ) } crypto_otp_show.text = - Otp.calculateCode(entry.totpSecret, Date().time / (1000 * Otp.TIME_WINDOW)) + Otp.calculateCode( + entry.totpSecret, + Date().time / (1000 * entry.totpPeriod), + entry.totpAlgorithm, + entry.digits) } else { // we only want to calculate and show HOTP if the user requests it crypto_copy_otp.setOnClickListener { @@ -494,8 +499,8 @@ class PgpActivity : AppCompatActivity(), OpenPgpServiceConnection.OnBound { } private fun calculateHotp(entry: PasswordEntry) { - copyOtpToClipBoard(Otp.calculateCode(entry.hotpSecret, entry.hotpCounter!! + 1)) - crypto_otp_show.text = Otp.calculateCode(entry.hotpSecret, entry.hotpCounter!! + 1) + copyOtpToClipBoard(Otp.calculateCode(entry.hotpSecret, entry.hotpCounter!! + 1, "sha1", entry.digits)) + crypto_otp_show.text = Otp.calculateCode(entry.hotpSecret, entry.hotpCounter!! + 1, "sha1", entry.digits) crypto_extra_show.text = entry.extraContent } diff --git a/app/src/main/java/com/zeapo/pwdstore/utils/Otp.java b/app/src/main/java/com/zeapo/pwdstore/utils/Otp.java index 35e773e4..0bacd684 100644 --- a/app/src/main/java/com/zeapo/pwdstore/utils/Otp.java +++ b/app/src/main/java/com/zeapo/pwdstore/utils/Otp.java @@ -12,17 +12,17 @@ import java.security.NoSuchAlgorithmException; import java.util.Arrays; public class Otp { - public static final int TIME_WINDOW = 30; - - private static final String ALGORITHM = "HmacSHA1"; - private static final int CODE_DIGITS = 6; private static final Base32 BASE_32 = new Base32(); private Otp() { } - public static String calculateCode(String secret, long counter) { + public static String calculateCode(String secret, long counter, String algorithm, String digits) { + String[] steam = {"2", "3", "4", "5", "6", "7", "8", "9", "B", "C", + "D", "F", "G", "H", "J", "K", "M", "N", "P", "Q", + "R", "T", "V", "W", "X", "Y"}; + String ALGORITHM = "Hmac" + algorithm.toUpperCase(); SecretKeySpec signingKey = new SecretKeySpec(BASE_32.decode(secret), ALGORITHM); Mac mac; @@ -42,6 +42,15 @@ public class Otp { byte[] code = Arrays.copyOfRange(digest, offset, offset + 4); code[0] = (byte) (0x7f & code[0]); String strCode = new BigInteger(code).toString(); - return strCode.substring(strCode.length() - CODE_DIGITS); + if (digits.equals("s")) { + String output = ""; + int bigInt = new BigInteger(code).intValue(); + for (int i = 0; i != 5; i++) { + output += steam[bigInt % 26]; + bigInt /= 26; + } + return output; + } + else return strCode.substring(strCode.length() - Integer.parseInt(digits)); } } |