-
Notifications
You must be signed in to change notification settings - Fork 755
/
TotpService.cs
116 lines (106 loc) · 3.78 KB
/
TotpService.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
using System;
using System.Threading.Tasks;
using Bit.Core.Abstractions;
using Bit.Core.Enums;
using Bit.Core.Utilities;
namespace Bit.Core.Services
{
public class TotpService : ITotpService
{
private const string SteamChars = "23456789BCDFGHJKMNPQRTVWXY";
private readonly ICryptoFunctionService _cryptoFunctionService;
public TotpService(
ICryptoFunctionService cryptoFunctionService)
{
_cryptoFunctionService = cryptoFunctionService;
}
public async Task<string> GetCodeAsync(string key)
{
if (string.IsNullOrWhiteSpace(key))
{
return null;
}
var period = Constants.TotpDefaultTimer;
var alg = CryptoHashAlgorithm.Sha1;
var digits = 6;
var keyB32 = key;
var isOtpAuth = key?.ToLowerInvariant().StartsWith("otpauth://") ?? false;
var isSteamAuth = key?.ToLowerInvariant().StartsWith("steam://") ?? false;
if (isOtpAuth)
{
var otpData = new OtpData(key.ToLowerInvariant());
if (otpData.Digits > 0)
{
digits = Math.Min(otpData.Digits.Value, 10);
}
if (otpData.Period.HasValue)
{
period = otpData.Period.Value;
}
if (otpData.Secret != null)
{
keyB32 = otpData.Secret;
}
if (otpData.Algorithm.HasValue)
{
alg = otpData.Algorithm.Value;
}
}
else if (isSteamAuth)
{
digits = 5;
keyB32 = key.Substring(8);
}
var keyBytes = Base32.FromBase32(keyB32);
if (keyBytes == null || keyBytes.Length == 0)
{
return null;
}
var now = CoreHelpers.EpocUtcNow() / 1000;
var time = now / period;
var timeBytes = BitConverter.GetBytes(time);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(timeBytes, 0, timeBytes.Length);
}
var hash = await _cryptoFunctionService.HmacAsync(timeBytes, keyBytes, alg);
if (hash.Length == 0)
{
return null;
}
var offset = (hash[hash.Length - 1] & 0xf);
var binary = ((hash[offset] & 0x7f) << 24) | ((hash[offset + 1] & 0xff) << 16) |
((hash[offset + 2] & 0xff) << 8) | (hash[offset + 3] & 0xff);
string otp = string.Empty;
if (isSteamAuth)
{
var fullCode = binary & 0x7fffffff;
for (var i = 0; i < digits; i++)
{
otp += SteamChars[fullCode % SteamChars.Length];
fullCode = (int)Math.Truncate(fullCode / (double)SteamChars.Length);
}
}
else
{
var rawOtp = binary % (int)Math.Pow(10, digits);
otp = rawOtp.ToString().PadLeft(digits, '0');
}
return otp;
}
public int GetTimeInterval(string key)
{
var period = Constants.TotpDefaultTimer;
if (key != null && key.ToLowerInvariant().StartsWith("otpauth://"))
{
var qsParams = CoreHelpers.GetQueryParams(key);
if (qsParams.ContainsKey("period") && qsParams["period"] != null &&
int.TryParse(qsParams["period"].Trim(), out var periodParam) && periodParam > 0)
{
period = periodParam;
}
}
return period;
}
}
}