commit 10367541e37894960c9e394e28a8487cf9818343 Author: Lucas Date: Sun Jan 23 18:01:07 2022 +0000 Initial import diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..0e259d4 --- /dev/null +++ b/COPYING @@ -0,0 +1,121 @@ +Creative Commons Legal Code + +CC0 1.0 Universal + + CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE + LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN + ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS + INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES + REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS + PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM + THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED + HEREUNDER. + +Statement of Purpose + +The laws of most jurisdictions throughout the world automatically confer +exclusive Copyright and Related Rights (defined below) upon the creator +and subsequent owner(s) (each and all, an "owner") of an original work of +authorship and/or a database (each, a "Work"). + +Certain owners wish to permanently relinquish those rights to a Work for +the purpose of contributing to a commons of creative, cultural and +scientific works ("Commons") that the public can reliably and without fear +of later claims of infringement build upon, modify, incorporate in other +works, reuse and redistribute as freely as possible in any form whatsoever +and for any purposes, including without limitation commercial purposes. +These owners may contribute to the Commons to promote the ideal of a free +culture and the further production of creative, cultural and scientific +works, or to gain reputation or greater distribution for their Work in +part through the use and efforts of others. + +For these and/or other purposes and motivations, and without any +expectation of additional consideration or compensation, the person +associating CC0 with a Work (the "Affirmer"), to the extent that he or she +is an owner of Copyright and Related Rights in the Work, voluntarily +elects to apply CC0 to the Work and publicly distribute the Work under its +terms, with knowledge of his or her Copyright and Related Rights in the +Work and the meaning and intended legal effect of CC0 on those rights. + +1. Copyright and Related Rights. A Work made available under CC0 may be +protected by copyright and related or neighboring rights ("Copyright and +Related Rights"). Copyright and Related Rights include, but are not +limited to, the following: + + i. the right to reproduce, adapt, distribute, perform, display, + communicate, and translate a Work; + ii. moral rights retained by the original author(s) and/or performer(s); +iii. publicity and privacy rights pertaining to a person's image or + likeness depicted in a Work; + iv. rights protecting against unfair competition in regards to a Work, + subject to the limitations in paragraph 4(a), below; + v. rights protecting the extraction, dissemination, use and reuse of data + in a Work; + vi. database rights (such as those arising under Directive 96/9/EC of the + European Parliament and of the Council of 11 March 1996 on the legal + protection of databases, and under any national implementation + thereof, including any amended or successor version of such + directive); and +vii. other similar, equivalent or corresponding rights throughout the + world based on applicable law or treaty, and any national + implementations thereof. + +2. Waiver. To the greatest extent permitted by, but not in contravention +of, applicable law, Affirmer hereby overtly, fully, permanently, +irrevocably and unconditionally waives, abandons, and surrenders all of +Affirmer's Copyright and Related Rights and associated claims and causes +of action, whether now known or unknown (including existing as well as +future claims and causes of action), in the Work (i) in all territories +worldwide, (ii) for the maximum duration provided by applicable law or +treaty (including future time extensions), (iii) in any current or future +medium and for any number of copies, and (iv) for any purpose whatsoever, +including without limitation commercial, advertising or promotional +purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each +member of the public at large and to the detriment of Affirmer's heirs and +successors, fully intending that such Waiver shall not be subject to +revocation, rescission, cancellation, termination, or any other legal or +equitable action to disrupt the quiet enjoyment of the Work by the public +as contemplated by Affirmer's express Statement of Purpose. + +3. Public License Fallback. Should any part of the Waiver for any reason +be judged legally invalid or ineffective under applicable law, then the +Waiver shall be preserved to the maximum extent permitted taking into +account Affirmer's express Statement of Purpose. In addition, to the +extent the Waiver is so judged Affirmer hereby grants to each affected +person a royalty-free, non transferable, non sublicensable, non exclusive, +irrevocable and unconditional license to exercise Affirmer's Copyright and +Related Rights in the Work (i) in all territories worldwide, (ii) for the +maximum duration provided by applicable law or treaty (including future +time extensions), (iii) in any current or future medium and for any number +of copies, and (iv) for any purpose whatsoever, including without +limitation commercial, advertising or promotional purposes (the +"License"). The License shall be deemed effective as of the date CC0 was +applied by Affirmer to the Work. Should any part of the License for any +reason be judged legally invalid or ineffective under applicable law, such +partial invalidity or ineffectiveness shall not invalidate the remainder +of the License, and in such case Affirmer hereby affirms that he or she +will not (i) exercise any of his or her remaining Copyright and Related +Rights in the Work or (ii) assert any associated claims and causes of +action with respect to the Work, in either case contrary to Affirmer's +express Statement of Purpose. + +4. Limitations and Disclaimers. + + a. No trademark or patent rights held by Affirmer are waived, abandoned, + surrendered, licensed or otherwise affected by this document. + b. Affirmer offers the Work as-is and makes no representations or + warranties of any kind concerning the Work, express, implied, + statutory or otherwise, including without limitation warranties of + title, merchantability, fitness for a particular purpose, non + infringement, or the absence of latent or other defects, accuracy, or + the present or absence of errors, whether or not discoverable, all to + the greatest extent permissible under applicable law. + c. Affirmer disclaims responsibility for clearing rights of other persons + that may apply to the Work or any use thereof, including without + limitation any person's Copyright and Related Rights in the Work. + Further, Affirmer disclaims responsibility for obtaining any necessary + consents, permissions or other rights required for any use of the + Work. + d. Affirmer understands and acknowledges that Creative Commons is not a + party to this document and has no duty or obligation with respect to + this CC0 or use of the Work. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..0cba7f8 --- /dev/null +++ b/Makefile @@ -0,0 +1,44 @@ +# vala-otp +# Written in 2022 by Lucas +# +# To the extent possible under law, the author(s) have dedicated all +# copyright and related and neighboring rights to this software to the +# public domain worldwide. This software is distributed without any +# warranty. +# +# You should have received a copy of the CC0 Public Domain Dedication +# along with this software. If not, see +# . +.POSIX: +.SUFFIXES: + +P = otp +V = 0.0 + +DIST = COPYING Makefile opt.vala t/rfc.vala + +all: libotp.so + +clean: + rm -f otp.h libotp.so otp.vapi ${P}-${V}.tgz + +test: t/rfc.t + +run-tests: test + LD_LIBRARY_PATH=. prove + +dist: clean + pax -w -s ',^,$P-$V/,' ${DIST} | gzip >$P-$V.tgz + +install: all + mkdir -p ${PREFIX}/bin + cp -f ${BIN} ${PREFIX}/bin + +uninstall: + cd ${PREFIX}/bin && rm -f ${BIN} + +libotp.so: otp.vala + valac --library=otp -H otp.h -X -fPIC -X -shared -o libotp.so otp.vala + +t/rfc.t: libotp.so + valac -X -I. -X libotp.so -o t/rfc.t otp.vapi t/rfc.vala diff --git a/otp.vala b/otp.vala new file mode 100644 index 0000000..d08c886 --- /dev/null +++ b/otp.vala @@ -0,0 +1,163 @@ +/* otp.vala + * + * Written in 2022 by Lucas + * + * To the extent possible under law, the author(s) have dedicated all + * copyright and related and neighboring rights to this software to the + * public domain worldwide. This software is distributed without any + * warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication + * along with this software. If not, see + * . + */ + +namespace Otp { + public abstract class Otp : GLib.Object { + protected uint8[] key; + + protected int _digits = 6; + public int digits { + get { return _digits; } + set { + return_if_fail(value >= 6 && value <= 10); + _digits = value; + } + } + + private ChecksumType[] ALLOWED_ALGORITHMS = { + ChecksumType.SHA1, + ChecksumType.SHA256, + ChecksumType.SHA512, + }; + protected ChecksumType _algorithm = ChecksumType.SHA1; + public ChecksumType algorithm { + get { return _algorithm; } + set { + return_if_fail(value in ALLOWED_ALGORITHMS); + _algorithm = value; + } + } + + protected int32 _compute_value(uint64 counter) { + uint digits = this._digits, modulo = 0; + if (digits < 10) + for (modulo = 1000000; digits > 6; digits--) + modulo *= 10; + + Hmac hmac = new Hmac(this.algorithm, this.key); + + uint8 buf[8]; + buf[0] = (uint8)(counter >> 56); + buf[1] = (uint8)((counter >> 48) & 0xff); + buf[2] = (uint8)((counter >> 40) & 0xff); + buf[3] = (uint8)((counter >> 32) & 0xff); + buf[4] = (uint8)((counter >> 24) & 0xff); + buf[5] = (uint8)((counter >> 16) & 0xff); + buf[6] = (uint8)((counter >> 8) & 0xff); + buf[7] = (uint8)(counter & 0xff); + hmac.update(buf); + + uint8[] digest = new uint8[64]; + size_t digest_len = digest.length; + hmac.get_digest(digest, ref digest_len); + + uint offset = digest[digest_len - 1] & 0xf; + uint res = (digest[offset] << 24) | + (digest[offset + 1] << 16) | + (digest[offset + 2] << 8) | + digest[offset + 3]; + res &= 0x7fffffff; + + return digits == 10 ? (int32)res : + (int32)(res % modulo); + } + } + + public class Hotp : Otp { + public Hotp(uint8[] key, int digits = 6, + ChecksumType algorithm = ChecksumType.SHA1) { + this.key = key; + this.digits = digits; + this.algorithm = algorithm; + } + + public string get_value_at(uint64 counter) { + int32 result = this._compute_value(counter); + return ("%0*" + int32.FORMAT).printf(this.digits, + result); + } + + public static string compute(uint8[] key, uint counter = 0, + int digits = 6, + ChecksumType algorithm = ChecksumType.SHA1) + requires (digits >= 6 && digits <= 10) + ensures (result.length == digits) + { + Hotp hotp = new Hotp(key, digits, algorithm); + return hotp.get_value_at(counter); + } + } + + public class Totp : Otp { + private uint _period = 30; + public uint period { + get { return _period; } + set { + return_if_fail(value != 0); + _period = value; + } + } + + public Totp(uint8[] key, uint period = 30, int digits = 6, + ChecksumType algorithm = ChecksumType.SHA1) { + this.key = key; + this.period = period; + this.digits = digits; + this.algorithm = algorithm; + } + + public static string compute_at_timestamp(uint8[] key, + int64 time, uint period = 30, int digits = 6, + ChecksumType algorithm = ChecksumType.SHA1) + requires (digits >= 6 && digits <= 10) + requires (period != 0) + ensures (result.length == digits) + { + Totp totp = new Totp(key, period, digits, algorithm); + return totp.get_value_at_timestamp(time); + } + + public static string compute_at_datetime(uint8[] key, + DateTime dt, uint period = 30, int digits = 6, + ChecksumType algorithm = ChecksumType.SHA1) + { + return Totp.compute_at_timestamp(key, dt.to_unix(), + period, digits, algorithm); + } + + public static string compute_at_now(uint8[] key, + uint period = 30, int digits = 6, + ChecksumType algorithm = ChecksumType.SHA1) + { + return Totp.compute_at_timestamp(key, + new DateTime.now_utc().to_unix(), period, digits, + algorithm); + } + + public string get_value_at_timestamp(int64 time) { + int32 result = this._compute_value(time / this.period); + return ("%0*" + int32.FORMAT).printf(this.digits, + result); + } + + public string get_value_at_datetime(DateTime dt) { + return get_value_at_timestamp(dt.to_unix()); + } + + public string get_value_at_now() { + return get_value_at_timestamp( + new DateTime.now_utc().to_unix()); + } + } +} diff --git a/t/rfc b/t/rfc new file mode 100755 index 0000000..49244c5 Binary files /dev/null and b/t/rfc differ diff --git a/t/rfc.t b/t/rfc.t new file mode 100755 index 0000000..a96bda8 Binary files /dev/null and b/t/rfc.t differ diff --git a/t/rfc.vala b/t/rfc.vala new file mode 100644 index 0000000..8511063 --- /dev/null +++ b/t/rfc.vala @@ -0,0 +1,87 @@ +/* rfc.vala + * + * Written in 2022 by Lucas + * + * To the extent possible under law, the author(s) have dedicated all + * copyright and related and neighboring rights to this software to the + * public domain worldwide. This software is distributed without any + * warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication + * along with this software. If not, see + * . + */ + +unowned string RFC_4226_KEY = "12345678901234567890"; +unowned string RFC_6238_SHA1_KEY = "12345678901234567890"; +unowned string RFC_6238_SHA256_KEY = "12345678901234567890123456789012"; +unowned string RFC_6238_SHA512_KEY = "123456789012345678901234567890" + + "1234567890123456789012345678901234"; + +void add_rfc_4226_test_vectors() { + Test.add_func("/otp/rfc4226", () => { + Otp.Hotp hotp = new Otp.Hotp(RFC_4226_KEY.data); + + assert(hotp.get_value_at(0) == "755224"); + assert(hotp.get_value_at(1) == "287082"); + assert(hotp.get_value_at(2) == "359152"); + assert(hotp.get_value_at(3) == "969429"); + assert(hotp.get_value_at(4) == "338314"); + assert(hotp.get_value_at(5) == "254676"); + assert(hotp.get_value_at(6) == "287922"); + assert(hotp.get_value_at(7) == "162583"); + assert(hotp.get_value_at(8) == "399871"); + assert(hotp.get_value_at(9) == "520489"); + }); +} + +void add_rfc_6238_sha1_test_vectors() { + Test.add_func("/otp/rfc6238/sha1", () => { + Otp.Totp totp = new Otp.Totp(RFC_6238_SHA1_KEY.data, 30, 8, + ChecksumType.SHA1); + + assert(totp.get_value_at_timestamp(59) == "94287082"); + assert(totp.get_value_at_timestamp(1111111109) == "07081804"); + assert(totp.get_value_at_timestamp(1111111111) == "14050471"); + assert(totp.get_value_at_timestamp(1234567890) == "89005924"); + assert(totp.get_value_at_timestamp(2000000000) == "69279037"); + assert(totp.get_value_at_timestamp(20000000000) == "65353130"); + }); +} + +void add_rfc_6238_sha256_test_vectors() { + Test.add_func("/otp/rfc6238/sha256", () => { + Otp.Totp totp = new Otp.Totp(RFC_6238_SHA256_KEY.data, 30, 8, + ChecksumType.SHA256); + + assert(totp.get_value_at_timestamp(59) == "46119246"); + assert(totp.get_value_at_timestamp(1111111109) == "68084774"); + assert(totp.get_value_at_timestamp(1111111111) == "67062674"); + assert(totp.get_value_at_timestamp(1234567890) == "91819424"); + assert(totp.get_value_at_timestamp(2000000000) == "90698825"); + assert(totp.get_value_at_timestamp(20000000000) == "77737706"); + }); +} + +void add_rfc_6238_sha512_test_vectors() { + Test.add_func("/otp/rfc6238/sha512", () => { + Otp.Totp totp = new Otp.Totp(RFC_6238_SHA512_KEY.data, 30, 8, + ChecksumType.SHA512); + + assert(totp.get_value_at_timestamp(59) == "90693936"); + assert(totp.get_value_at_timestamp(1111111109) == "25091201"); + assert(totp.get_value_at_timestamp(1111111111) == "99943326"); + assert(totp.get_value_at_timestamp(1234567890) == "93441116"); + assert(totp.get_value_at_timestamp(2000000000) == "38618901"); + assert(totp.get_value_at_timestamp(20000000000) == "47863826"); + }); +} + +void main(string[] args) { + Test.init(ref args); + add_rfc_4226_test_vectors(); + add_rfc_6238_sha1_test_vectors(); + add_rfc_6238_sha256_test_vectors(); + add_rfc_6238_sha512_test_vectors(); + Test.run(); +}