public async Task IncrementHotp(int position)
{
if (Authenticators.ElementAtOrDefault(position) == null)
{
return;
}
var info = Authenticators[position];
var auth = GetAuthenticator(info);
if (auth.Type != OtpType.Hotp)
{
return;
}
var secret = Base32.Decode(auth.Secret);
var hotp = new Hotp(secret, auth.Algorithm);
auth.Counter++;
auth.Code = hotp.ComputeHotp(auth.Counter);
auth.TimeRenew = DateTime.Now.AddSeconds(10);
Authenticators[position] = auth;
await _connection.UpdateAsync(auth);
}
public void HotpPaddingTest()
{
var hotpCalculator = new Hotp(RfcTestKey);
var hotp = hotpCalculator.ComputeHotp(25193);
Assert.AreEqual("000039", hotp);
}
public void ComputeHOTPRfc4226Test(OtpHashMode hash, long counter, string expectedOtp)
{
Hotp otpCalc = new Hotp(rfc4226Secret, hash, expectedOtp.Length);
string otp = otpCalc.ComputeHOTP(counter);
Assert.That(otp, Is.EqualTo(expectedOtp));
}
public void HotpAppendixDTests(Rfc4226AppendixDData data)
{
Assert.IsNotNull(data, "data was null");
Hotp hotpCalculator = new Hotp(RfcTestKey);
var hotp = hotpCalculator.ComputeHotp(data.Counter);
Assert.AreEqual(data.Hotp, hotp);
}
public void OtpAppendixDTests(Rfc4226AppendixDData data)
{
Assert.IsNotNull(data, "data was null");
Hotp hotpCalculator = new Hotp(RfcTestKey);
var otp = hotpCalculator.ComputeHotpDecimal(data.Counter, OtpHashMode.Sha1);
Assert.AreEqual(data.Decimal, otp);
}
public AuthRepository(UserManager <User> userManager, UserDataContext userDataContext, IConfiguration configuration, IJwtFactory jwtFactory, ISmsService sms)
{
UserManager = userManager;
UserDataContext = userDataContext;
JwtFactory = jwtFactory;
Configuration = configuration;
Generator = new Hotp(Encoding.ASCII.GetBytes(Configuration.GetSection("Authentication:Key").Value));
SMS = sms;
}
public void Hotp_Sha1_Called()
{
var mock = this.keyMock;
IKeyProvider key = mock.Object;
var hotp = new Hotp(key, mode: OtpHashMode.Sha1);
hotp.ComputeHotp(hotpCounter);
mock.Verify(k => k.ComputeHmac(OtpHashMode.Sha1, hotpData));
}
public void GenerateHotpWithCounter3()
{
byte[] secret = System.Text.Encoding.ASCII.GetBytes("12345678901234567890");
int passwordSize = 6;
int counter = 3;
string expectedHotp = "969429";
Hotp otp = new Hotp(secret, passwordSize);
string generatedHotp = otp.GeneratePassword(counter);
Assert.AreEqual(expectedHotp, generatedHotp);
}
public void ContructorWithKeyProviderTest()
{
//Mock a key provider which always returns an all-zero HMAC (causing an all-zero OTP)
Mock <IKeyProvider> keyMock = new Mock <IKeyProvider>();
keyMock.Setup(key => key.ComputeHmac(It.Is <OtpHashMode>(m => m == OtpHashMode.Sha1), It.IsAny <byte[]>())).Returns(new byte[20]);
var otp = new Hotp(keyMock.Object, OtpHashMode.Sha1, 6);
Assert.That(otp.ComputeHOTP(0), Is.EqualTo("000000"));
Assert.That(otp.ComputeHOTP(1), Is.EqualTo("000000"));
}
public UserController(ISmsSender smsSender,
AppDbContext appDbContext,
IOptions <TokenSettings> tokenSettings,
IOptions <SMSSettings> smsSettings,
JwtSettings jwtSettings)
{
_smsSender = smsSender;
_dbContext = appDbContext;
_tokenSettings = tokenSettings.Value;
_jwtSettings = jwtSettings;
_SMSSettings = smsSettings.Value;
hotp = new Hotp(Encoding.ASCII.GetBytes(_SMSSettings.OTPSecretKey), mode: OtpHashMode.Sha256, hotpSize: 6);
}
public async Task <IActionResult> AddDevice()
{
var user = await _userManager.GetUserAsync(User);
if (user == null)
{
throw new ApplicationException($"Unable to load user with ID '{_userManager.GetUserId(User)}'.");
}
using (var context = _context){
user = context.Users.Include(ApplicationUser => ApplicationUser.Devices)
.Single(u => u.Id == user.Id);
}
var model = new AddDeviceViewModel();
//TODO: Redo with TOTP? or better implement HOTP in AddDeviceViewModel
var hotp = new Hotp(Encoding.ASCII.GetBytes(user.Email), mode: OtpHashMode.Sha512);
model.newToken = hotp.GetHashCode().ToString();
return(View(model));
}
public string GetCode()
{
if (Type == AuthenticatorType.Totp && TimeRenew <= DateTime.Now)
{
var secret = Base32Encoding.ToBytes(Secret);
var totp = new Totp(secret, Period, Algorithm, Digits);
_code = totp.ComputeTotp();
TimeRenew = DateTime.Now.AddSeconds(totp.RemainingSeconds());
}
else if (Type == AuthenticatorType.Hotp && _lastCounter != Counter)
{
var secret = Base32Encoding.ToBytes(Secret);
var hotp = new Hotp(secret, Algorithm);
_code = hotp.ComputeHOTP(Counter);
TimeRenew = DateTime.Now.AddSeconds(10);
_lastCounter = Counter;
}
return(_code);
}
public void Vector8()
{
Assert.Equal(162583, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 7));
}
public static string GenerateHotpCode(long counter)
{
var otp = new Hotp(rfcSecret);
return(otp.ComputeHOTP(counter));
}
public HotpTest()
{
_computeTestHotp = new Hotp("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ", HashAlgorithm.Sha1, 6);
}
public OtpHotp(OtpAuthData data) : base(data)
{
this.hotp = new Hotp(data.Key.ReadData(), data.Algorithm, data.Digits);
}
public static bool VerifyHotpCode(string hotpCode, long counter)
{
var otp = new Hotp(rfcSecret);
return(otp.VerifyHotp(hotpCode, counter));
}
public void Vector1()
{
Assert.Equal(755224, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 0));
}
public void Vector2()
{
Assert.Equal(287082, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 1));
}
public void Vector3()
{
Assert.Equal(359152, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 2));
}
public void Vector4()
{
Assert.Equal(969429, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 3));
}
public void Vector10()
{
Assert.Equal(520489, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 9));
}
public void Vector9()
{
Assert.Equal(399871, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 8));
}
public void Vector5()
{
Assert.Equal(338314, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 4));
}
public void Vector7()
{
Assert.Equal(287922, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 6));
}
public void Vector6()
{
Assert.Equal(254676, Hotp.GetCode(HashAlgorithm.Sha1, this.secret, 5));
}
