totp : rework and add SHA256/512 (#151)

* totp : rework and add SHA256/512 * totp : comment code * totp : fix SHA224/SHA384 and examples * totp : fix bug in totp_face_lfs * totp : init_totp_record to SHA1 * totp : move TOTP-MCU to TOTP, update README and example * totp : SHAX, use size_t n instead of harcoded 8 * clarify what to put in TOTP face Co-authored-by: Emilien <Emilien> Co-authored-by: joeycastillo <joeycastillo@utexas.edu>
2023-01-14 17:58:03 +01:00
parent 2e61885070
commit 9ebea46300
16 changed files with 1628 additions and 251 deletions
--- a/movement/watch_faces/complication/totp_face.c
+++ b/movement/watch_faces/complication/totp_face.c
@@ -6,25 +6,39 @@
 #include "TOTP.h"

 // Use https://cryptii.com/pipes/base32-to-hex to convert base32 to hex
-// Use https://totp.danhersam.com/ to generate test codes for verification
+// Use https://github.com/susam/mintotp to generate test codes for verification
+// Available algorothms:
+// SHA1 (most TOTP codes use this)
+// SHA224
+// SHA256
+// SHA384
+// SHA512

+////////////////////////////////////////////////////////////////////////////////
+// Enter your TOTP key data below
 static const uint8_t num_keys = 2;
 static uint8_t keys[] = {
    0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x21, 0xde, 0xad, 0xbe, 0xef, // 1 - JBSWY3DPEHPK3PXP
-    0x5c, 0x0d, 0x27, 0x6b, 0x6d, 0x9a, 0x01, 0x22, 0x20, 0x4f  // 2 - E9M348K0ADIDFBC2
+    0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x21, 0xde, 0xad, 0xbe, 0xef, // 2 - JBSWY3DPEHPK3PXP
 };
 static const uint8_t key_sizes[] = {
    10,
-    10
+    10,
 };
 static const uint32_t timesteps[] = {
    30,
-    30
+    30,
 };
 static const char labels[][2] = {
-    { 'a', 'b' },
-    { 'c', 'd' }
+    { '2', 'F' },
+    { 'A', 'C' },
 };
+static const hmac_alg algorithms[] = {
+    SHA1,
+    SHA1,
+};
+// END OF KEY DATA.
+////////////////////////////////////////////////////////////////////////////////

 void totp_face_setup(movement_settings_t *settings, uint8_t watch_face_index, void ** context_ptr) {
    (void) settings;
@@ -36,7 +50,7 @@ void totp_face_activate(movement_settings_t *settings, void *context) {
    (void) settings;
    memset(context, 0, sizeof(totp_state_t));
    totp_state_t *totp_state = (totp_state_t *)context;
-    TOTP(keys, key_sizes[0], timesteps[0]);
+    TOTP(keys, key_sizes[0], timesteps[0], algorithms[0]);
    totp_state->timestamp = watch_utility_date_time_to_unix_time(watch_rtc_get_date_time(), movement_timezone_offsets[settings->bit.time_zone] * 60);
    totp_state->current_code = getCodeFromTimestamp(totp_state->timestamp);
 }
@@ -83,7 +97,7 @@ bool totp_face_loop(movement_event_t event, movement_settings_t *settings, void
                totp_state->current_key_offset = 0;
                totp_state->current_index = 0;
            }
-            TOTP(keys + totp_state->current_key_offset, key_sizes[totp_state->current_index], timesteps[totp_state->current_index]);
+            TOTP(keys + totp_state->current_key_offset, key_sizes[totp_state->current_index], timesteps[totp_state->current_index], algorithms[totp_state->current_index]);
            break;
        case EVENT_ALARM_BUTTON_DOWN:
        case EVENT_ALARM_LONG_PRESS:
--- a/movement/watch_faces/complication/totp_face_lfs.c
+++ b/movement/watch_faces/complication/totp_face_lfs.c
@@ -40,6 +40,7 @@ struct totp_record {
    size_t secret_size;
    char label[2];
    uint32_t period;
+    hmac_alg algorithm;
 };

 static struct totp_record totp_records[MAX_TOTP_RECORDS];
@@ -50,6 +51,7 @@ static void init_totp_record(struct totp_record *totp_record) {
    totp_record->label[0] = 'A';
    totp_record->label[1] = 'A';
    totp_record->period = 30;
+    totp_record->algorithm = SHA1;
 }

 static bool totp_face_lfs_read_param(struct totp_record *totp_record, char *param, char *value) {
@@ -84,7 +86,22 @@ static bool totp_face_lfs_read_param(struct totp_record *totp_record, char *para
            return false;
        }
    } else if (!strcmp(param, "algorithm")) {
-        if (!strcmp(param, "SHA1")) {
+        if (!strcmp(value, "SHA1")) {
+            totp_record->algorithm = SHA1;
+        }
+        else if (!strcmp(value, "SHA224")) {
+            totp_record->algorithm = SHA224;
+        }
+        else if (!strcmp(value, "SHA256")) {
+            totp_record->algorithm = SHA256;
+        }
+        else if (!strcmp(value, "SHA384")) {
+            totp_record->algorithm = SHA384;
+        }
+        else if (!strcmp(value, "SHA512")) {
+            totp_record->algorithm = SHA512;
+        }
+        else {
            printf("TOTP ignored due to algorithm %s\n", value);
            return false;
        }
@@ -169,7 +186,7 @@ static void totp_face_set_record(totp_lfs_state_t *totp_state, int i) {
    }

    totp_state->current_index = i;
-    TOTP(totp_records[i].secret, totp_records[i].secret_size, totp_records[i].period);
+    TOTP(totp_records[i].secret, totp_records[i].secret_size, totp_records[i].period, totp_records[i].algorithm);
    totp_state->current_code = getCodeFromTimestamp(totp_state->timestamp);
    totp_state->steps = totp_state->timestamp / totp_records[i].period;
 }