Example #1
0
        public void EncryptSecret()
        {
            if (m_pbSecret == null)
            {
                throw new InvalidOperationException();
            }

            string[] vOtps    = new string[m_uOtpsReq + m_uLookAhead];
            ulong    uCounter = m_uCounter;

            for (int i = 0; i < vOtps.Length; ++i)
            {
                vOtps[i] = HmacOtp.Generate(m_pbSecret, uCounter,
                                            m_uOtpLength, false, -1);
                ++uCounter;
            }

            m_strEncSecret = string.Empty;
            m_strEncIV     = string.Empty;
            m_strTrfKey    = string.Empty;
            m_uTrfRounds   = DefaultTrfRounds;

            m_lSecrets.Clear();
            for (int i = 0; i <= (int)m_uLookAhead; ++i)
            {
                m_lSecrets.Add(OtpUtil.EncryptSecret(m_pbSecret, vOtps, i,
                                                     (int)m_uOtpsReq));
            }
        }
Example #2
0
        private static string ReplaceHmacOtpPlaceholder(string strText,
                                                        PwEntry pe, PwDatabase pd, SprContentFlags cf)
        {
            if ((pe == null) || (pd == null))
            {
                return(strText);
            }

            string str = strText;

            const string strHmacOtpPlh = @"{HMACOTP}";

            if (str.IndexOf(strHmacOtpPlh, StrUtil.CaseIgnoreCmp) >= 0)
            {
                const string strKeyField     = "HmacOtp-Secret";
                const string strCounterField = "HmacOtp-Counter";

                byte[] pbSecret = Encoding.UTF8.GetBytes(pe.Strings.ReadSafe(
                                                             strKeyField));

                string strCounter = pe.Strings.ReadSafe(strCounterField);
                ulong  uCounter;
                ulong.TryParse(strCounter, out uCounter);

                string strValue = HmacOtp.Generate(pbSecret, uCounter, 6, false, -1);

                pe.Strings.Set(strCounterField, new ProtectedString(false,
                                                                    (uCounter + 1).ToString()));
                pd.Modified = true;

                str = StrUtil.ReplaceCaseInsensitive(str, strHmacOtpPlh, strValue);
            }

            return(str);
        }
Example #3
0
        public void TestGenerate()
        {
            var secretBytes = Encoding.UTF8.GetBytes(secret);

            for (ulong i = 0; i < 10; i++)
            {
                var hotp = HmacOtp.Generate(secretBytes, i, 6, false, -1);
                Assert.That(hotp, Is.EqualTo(expectedHOTP[i]));
            }
        }
Example #4
0
        public void TestHmacOtp()
        {
            var pbSecret = StrUtil.Utf8.GetBytes("12345678901234567890");
            var vExp     = new [] { "755224", "287082", "359152",
                                    "969429", "338314", "254676", "287922", "162583", "399871",
                                    "520489" };

            for (var i = 0; i < vExp.Length; ++i)
            {
                Assert.Equal(HmacOtp.Generate(pbSecret, (ulong)i, 6, false, -1), vExp[i]);
            }
        }
Example #5
0
        private static string ReplaceHmacOtpPlaceholder(string strText,
                                                        SprContext ctx)
        {
            PwEntry    pe = ctx.Entry;
            PwDatabase pd = ctx.Database;

            if ((pe == null) || (pd == null))
            {
                return(strText);
            }

            string str = strText;

            const string strHmacOtpPlh = @"{HMACOTP}";

            if (str.IndexOf(strHmacOtpPlh, StrUtil.CaseIgnoreCmp) >= 0)
            {
                const string strKeyFieldUtf8   = "HmacOtp-Secret";
                const string strKeyFieldHex    = "HmacOtp-Secret-Hex";
                const string strKeyFieldBase32 = "HmacOtp-Secret-Base32";
                const string strKeyFieldBase64 = "HmacOtp-Secret-Base64";
                const string strCounterField   = "HmacOtp-Counter";

                byte[] pbSecret = null;
                try
                {
                    string strKey = pe.Strings.ReadSafe(strKeyFieldUtf8);
                    if (strKey.Length > 0)
                    {
                        pbSecret = StrUtil.Utf8.GetBytes(strKey);
                    }

                    if (pbSecret == null)
                    {
                        strKey = pe.Strings.ReadSafe(strKeyFieldHex);
                        if (strKey.Length > 0)
                        {
                            pbSecret = MemUtil.HexStringToByteArray(strKey);
                        }
                    }

                    if (pbSecret == null)
                    {
                        strKey = pe.Strings.ReadSafe(strKeyFieldBase32);
                        if (strKey.Length > 0)
                        {
                            pbSecret = MemUtil.ParseBase32(strKey);
                        }
                    }

                    if (pbSecret == null)
                    {
                        strKey = pe.Strings.ReadSafe(strKeyFieldBase64);
                        if (strKey.Length > 0)
                        {
                            pbSecret = Convert.FromBase64String(strKey);
                        }
                    }
                }
                catch (Exception) { Debug.Assert(false); }
                if (pbSecret == null)
                {
                    pbSecret = new byte[0];
                }

                string strCounter = pe.Strings.ReadSafe(strCounterField);
                ulong  uCounter;
                ulong.TryParse(strCounter, out uCounter);

                string strValue = HmacOtp.Generate(pbSecret, uCounter, 6,
                                                   false, -1);

                pe.Strings.Set(strCounterField, new ProtectedString(false,
                                                                    (uCounter + 1).ToString()));
                pd.Modified = true;

                str = StrUtil.ReplaceCaseInsensitive(str, strHmacOtpPlh, strValue);
            }

            return(str);
        }
Example #6
0
        public string TestHmacOtp(int factor)
        {
            var pbSecret = StrUtil.Utf8.GetBytes("12345678901234567890");

            return(HmacOtp.Generate(pbSecret, (ulong)factor, 6, false, -1));
        }