Properly vendor TOTP-MCU temporarily

author: Wesley Ellis <tahnok@gmail.com> 2021-11-23 21:37:54 -0500
committer: Wesley Ellis <tahnok@gmail.com> 2021-11-23 21:40:27 -0500
commit: 4a0ff5577363a1bd315693b41f448e3774de9e34 (patch)
tree: 1f114cf2d110b431b750ab073713d52dc5d1077d
parent: 121e6fd165a03f9249100e73bdf658e545e10d25 (diff)
download: Sensor-Watch-4a0ff5577363a1bd315693b41f448e3774de9e34.tar.gz
Sensor-Watch-4a0ff5577363a1bd315693b41f448e3774de9e34.tar.bz2
Sensor-Watch-4a0ff5577363a1bd315693b41f448e3774de9e34.zip
8 files changed, 374 insertions, 0 deletions
diff --git a/movement/lib/TOTP-MCU b/movement/lib/TOTP-MCU
deleted file mode 160000
-Subproject 646474a8757e1fca490792e81082b2ad89b966a
diff --git a/movement/lib/TOTP-MCU/LICENSE b/movement/lib/TOTP-MCU/LICENSE
new file mode 100644
index 00000000..6de4c0f0
--- /dev/null
+++ b/movement/lib/TOTP-MCU/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Weravech
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/movement/lib/TOTP-MCU/README.md b/movement/lib/TOTP-MCU/README.md
new file mode 100644
index 00000000..df5ab96e
--- /dev/null
+++ b/movement/lib/TOTP-MCU/README.md
@@ -0,0 +1,57 @@
+TOTP Pure C Library for ALL MCU
+====================
+
+Library to generate Time-based One-Time Passwords.
+
+Implements the Time-based One-Time Password algorithm specified in [RFC 6238](https://tools.ietf.org/html/rfc6238). 
+Supports different time steps and is compatible with tokens that use the same standard (including software ones, like the Google Authenticator app).
+
+Tested on MCUs: MSP430, RP2040
+
+Installation & usage:
+--------------------
+First include header to your file
+```
+#include <totp.h>
+```
+After included, define key ex. Key is ```MyLegoDoor```
+- Note: The format of hmacKey is array of hexadecimal bytes.
+- Most websites provide the key encoded in base32 - RFC3548/RFC4648, either upper or lower case. You can use [this site](https://cryptii.com/pipes/base32-to-hex) to convert the base32 string to hex (make sure you upcase it first if it's lowercase and remove all whitespaces).
+```
+uint8_t hmacKey[] = {0x4d, 0x79, 0x4c, 0x65, 0x67, 0x6f, 0x44, 0x6f, 0x6f, 0x72};               // Secret key
+```
+Instantiate the TOTP class by providing the secret hmacKey, the length of the hmacKey and the Timestep between codes.
+```
+TOTP(hmacKey, 10, 30);                                     // Secret key, Secret key length, Timestep (30s)
+```
+Use the ```getCodeFromTimestamp()``` function to get a TOTP from a unix epoch timestamp
+```
+uint32_t newCode = getCodeFromTimestamp(1557414000);       // Current timestamp since Unix epoch in seconds
+```
+Or ```getCodeFromTimeStruct()``` if you want to get a TOTP from a tm struct (Time Struct in C), 
+```
+struct tm datetime;
+datetime.tm_hour = 9;
+datetime.tm_min = 0;
+datetime.tm_sec = 0;
+datetime.tm_mday = 13;
+datetime.tm_mon = 5;
+datetime.tm_year = 2019;
+uint32_t newCode = getCodeFromTimeStruct(datetime);
+```
+
+If the provided unix timestamp isn't in UTC±0, use ```setTimezone()``` before ```getCodeFromTimestamp()``` or ```getCodeFromTimeStruct()``` to offset the time.
+
+```
+setTimezone(9);                                            // Set timezone +9 Japan
+```
+
+You can see an example in blink.c
+
+Thanks to:
+----------
+
+* Jose Damico, https://github.com/damico/ARDUINO-OATH-TOKEN
+* Peter Knight, https://github.com/Cathedrow/Cryptosuite
+* Maniacbug, https://github.com/maniacbug/Cryptosuite
+* lucadentella, https://github.com/lucadentella/TOTP-Arduino
diff --git a/movement/lib/TOTP-MCU/TOTP.c b/movement/lib/TOTP-MCU/TOTP.c
new file mode 100644
index 00000000..d977d06e
--- /dev/null
+++ b/movement/lib/TOTP-MCU/TOTP.c
@@ -0,0 +1,69 @@
+#include "TOTP.h"
+#include "sha1.h"
+
+uint8_t* _hmacKey;
+uint8_t _keyLength;
+uint8_t _timeZoneOffset;
+uint32_t _timeStep;
+
+// Init the library with the private key, its length and the timeStep duration
+void TOTP(uint8_t* hmacKey, uint8_t keyLength, uint32_t timeStep) {
+    _hmacKey = hmacKey;
+    _keyLength = keyLength;
+    _timeStep = timeStep;
+}
+
+void setTimezone(uint8_t timezone){
+    _timeZoneOffset = timezone;
+}
+
+uint32_t TimeStruct2Timestamp(struct tm time){
+    //time.tm_mon -= 1;
+    //time.tm_year -= 1900;
+    return mktime(&(time)) - (_timeZoneOffset * 3600) - 2208988800;
+}
+
+// Generate a code, using the timestamp provided
+uint32_t getCodeFromTimestamp(uint32_t timeStamp) {
+    uint32_t steps = timeStamp / _timeStep;
+    return getCodeFromSteps(steps);
+}
+
+// Generate a code, using the timestamp provided
+uint32_t getCodeFromTimeStruct(struct tm time) {
+    return getCodeFromTimestamp(TimeStruct2Timestamp(time));
+}
+
+// Generate a code, using the number of steps provided
+uint32_t getCodeFromSteps(uint32_t steps) {
+    // STEP 0, map the number of steps in a 8-bytes array (counter value)
+    uint8_t _byteArray[8];
+    _byteArray[0] = 0x00;
+    _byteArray[1] = 0x00;
+    _byteArray[2] = 0x00;
+    _byteArray[3] = 0x00;
+    _byteArray[4] = (uint8_t)((steps >> 24) & 0xFF);
+    _byteArray[5] = (uint8_t)((steps >> 16) & 0xFF);
+    _byteArray[6] = (uint8_t)((steps >> 8) & 0XFF);
+    _byteArray[7] = (uint8_t)((steps & 0XFF));
+
+    // STEP 1, get the HMAC-SHA1 hash from counter and key
+    initHmac(_hmacKey, _keyLength);
+    writeArray(_byteArray, 8);
+    uint8_t* _hash = resultHmac();
+
+    // STEP 2, apply dynamic truncation to obtain a 4-bytes string
+    uint32_t _truncatedHash = 0;
+    uint8_t _offset = _hash[20 - 1] & 0xF;
+    uint8_t j;
+    for (j = 0; j < 4; ++j) {
+        _truncatedHash <<= 8;
+        _truncatedHash  |= _hash[_offset + j];
+    }
+
+    // STEP 3, compute the OTP value
+    _truncatedHash &= 0x7FFFFFFF;    //Disabled
+    _truncatedHash %= 1000000;
+
+    return _truncatedHash;
+}
diff --git a/movement/lib/TOTP-MCU/TOTP.h b/movement/lib/TOTP-MCU/TOTP.h
new file mode 100644
index 00000000..13715f4d
--- /dev/null
+++ b/movement/lib/TOTP-MCU/TOTP.h
@@ -0,0 +1,8 @@
+#include <inttypes.h>
+#include "time.h"
+
+void TOTP(uint8_t* hmacKey, uint8_t keyLength, uint32_t timeStep);
+void setTimezone(uint8_t timezone);
+uint32_t getCodeFromTimestamp(uint32_t timeStamp);
+uint32_t getCodeFromTimeStruct(struct tm time);
+uint32_t getCodeFromSteps(uint32_t steps);
diff --git a/movement/lib/TOTP-MCU/blink.c b/movement/lib/TOTP-MCU/blink.c
new file mode 100644
index 00000000..9ec14ec6
--- /dev/null
+++ b/movement/lib/TOTP-MCU/blink.c
@@ -0,0 +1,39 @@
+#include <msp430.h>				
+#include <totp.h>
+#include <stdint.h>
+
+/**
+ * blink.c
+ */
+void main(void)
+{
+	WDTCTL = WDTPW | WDTHOLD;		// stop watchdog timer
+	P1DIR |= 0x01;					// configure P1.0 as output
+
+	uint8_t hmacKey[] = {0x4d, 0x79, 0x4c, 0x65, 0x67, 0x6f, 0x44, 0x6f, 0x6f, 0x72};               // Secret key
+	TOTP(hmacKey, 10, 7200);                                                                        // Secret key, Key length, Timestep (7200s - 2hours)
+
+	setTimezone(9);                                                                                 // Set timezone
+	uint32_t newCode = getCodeFromTimestamp(1557414000);                                            // Timestamp Now
+
+	///////////////// For struct tm //////////////////
+    //	struct tm datetime;
+    //	datetime.tm_hour = 9;
+    //	datetime.tm_min = 0;
+    //	datetime.tm_sec = 0;
+    //	datetime.tm_mday = 13;
+    //	datetime.tm_mon = 5;
+    //	datetime.tm_year = 2019;
+	//  uint32_t newCode = getCodeFromTimeStruct(datetime);
+	///////////////////////////////////////////////////
+
+	volatile unsigned int i;		// volatile to prevent optimization
+
+	while(1)
+	{
+	    if (newCode == 0){          // 0 = INPUT HERE
+	        P1OUT ^= 0x01;          // toggle P1.0
+	    }
+		for(i=10000; i>0; i--);     // delay
+	}
+}
diff --git a/movement/lib/TOTP-MCU/sha1.c b/movement/lib/TOTP-MCU/sha1.c
new file mode 100644
index 00000000..07ad697b
--- /dev/null
+++ b/movement/lib/TOTP-MCU/sha1.c
@@ -0,0 +1,155 @@
+#include <string.h>
+#include "sha1.h"
+
+#define SHA1_K0 0x5a827999
+#define SHA1_K20 0x6ed9eba1
+#define SHA1_K40 0x8f1bbcdc
+#define SHA1_K60 0xca62c1d6
+
+uint8_t sha1InitState[] = {
+  0x01,0x23,0x45,0x67, // H0
+  0x89,0xab,0xcd,0xef, // H1
+  0xfe,0xdc,0xba,0x98, // H2
+  0x76,0x54,0x32,0x10, // H3
+  0xf0,0xe1,0xd2,0xc3  // H4
+};
+
+void init(void) {
+  memcpy(state.b,sha1InitState,HASH_LENGTH);
+  byteCount = 0;
+  bufferOffset = 0;
+}
+
+uint32_t rol32(uint32_t number, uint8_t bits) {
+  return ((number << bits) | (uint32_t)(number >> (32-bits)));
+}
+
+void hashBlock() {
+  uint8_t i;
+  uint32_t a,b,c,d,e,t;
+
+  a=state.w[0];
+  b=state.w[1];
+  c=state.w[2];
+  d=state.w[3];
+  e=state.w[4];
+  for (i=0; i<80; i++) {
+    if (i>=16) {
+      t = buffer.w[(i+13)&15] ^ buffer.w[(i+8)&15] ^ buffer.w[(i+2)&15] ^ buffer.w[i&15];
+      buffer.w[i&15] = rol32(t,1);
+    }
+    if (i<20) {
+      t = (d ^ (b & (c ^ d))) + SHA1_K0;
+    } else if (i<40) {
+      t = (b ^ c ^ d) + SHA1_K20;
+    } else if (i<60) {
+      t = ((b & c) | (d & (b | c))) + SHA1_K40;
+    } else {
+      t = (b ^ c ^ d) + SHA1_K60;
+    }
+    t+=rol32(a,5) + e + buffer.w[i&15];
+    e=d;
+    d=c;
+    c=rol32(b,30);
+    b=a;
+    a=t;
+  }
+  state.w[0] += a;
+  state.w[1] += b;
+  state.w[2] += c;
+  state.w[3] += d;
+  state.w[4] += e;
+}
+
+void addUncounted(uint8_t data) {
+  buffer.b[bufferOffset ^ 3] = data;
+  bufferOffset++;
+  if (bufferOffset == BLOCK_LENGTH) {
+    hashBlock();
+    bufferOffset = 0;
+  }
+}
+
+void write(uint8_t data) {
+  ++byteCount;
+  addUncounted(data);
+
+  return;
+}
+
+void writeArray(uint8_t *buffer, uint8_t size){
+    while (size--) {
+        write(*buffer++);
+    }
+}
+
+void pad() {
+  // Implement SHA-1 padding (fips180-2 ��5.1.1)
+
+  // Pad with 0x80 followed by 0x00 until the end of the block
+  addUncounted(0x80);
+  while (bufferOffset != 56) addUncounted(0x00);
+
+  // Append length in the last 8 bytes
+  addUncounted(0); // We're only using 32 bit lengths
+  addUncounted(0); // But SHA-1 supports 64 bit lengths
+  addUncounted(0); // So zero pad the top bits
+  addUncounted(byteCount >> 29); // Shifting to multiply by 8
+  addUncounted(byteCount >> 21); // as SHA-1 supports bitstreams as well as
+  addUncounted(byteCount >> 13); // byte.
+  addUncounted(byteCount >> 5);
+  addUncounted(byteCount << 3);
+}
+
+uint8_t* result(void) {
+  // Pad to complete the last block
+  pad();
+
+  // Swap byte order back
+  uint8_t i;
+  for (i=0; i<5; i++) {
+    uint32_t a,b;
+    a=state.w[i];
+    b=a<<24;
+    b|=(a<<8) & 0x00ff0000;
+    b|=(a>>8) & 0x0000ff00;
+    b|=a>>24;
+    state.w[i]=b;
+  }
+
+  // Return pointer to hash (20 characters)
+  return state.b;
+}
+
+#define HMAC_IPAD 0x36
+#define HMAC_OPAD 0x5c
+
+void initHmac(const uint8_t* key, uint8_t keyLength) {
+  uint8_t i;
+  memset(keyBuffer,0,BLOCK_LENGTH);
+  if (keyLength > BLOCK_LENGTH) {
+    // Hash long keys
+    init();
+    for (;keyLength--;) write(*key++);
+    memcpy(keyBuffer,result(),HASH_LENGTH);
+  } else {
+    // Block length keys are used as is
+    memcpy(keyBuffer,key,keyLength);
+  }
+  // Start inner hash
+  init();
+  for (i=0; i<BLOCK_LENGTH; i++) {
+    write(keyBuffer[i] ^ HMAC_IPAD);
+  }
+}
+
+uint8_t* resultHmac(void) {
+  uint8_t i;
+  // Complete inner hash
+  memcpy(innerHash,result(),HASH_LENGTH);
+  // Calculate outer hash
+  init();
+  for (i=0; i<BLOCK_LENGTH; i++) write(keyBuffer[i] ^ HMAC_OPAD);
+  for (i=0; i<HASH_LENGTH; i++) write(innerHash[i]);
+  return result();
+}
diff --git a/movement/lib/TOTP-MCU/sha1.h b/movement/lib/TOTP-MCU/sha1.h
new file mode 100644
index 00000000..2257e367
--- /dev/null
+++ b/movement/lib/TOTP-MCU/sha1.h
@@ -0,0 +1,25 @@
+#include <inttypes.h>
+
+#define HASH_LENGTH 20
+#define BLOCK_LENGTH 64
+
+union _buffer {
+  uint8_t b[BLOCK_LENGTH];
+  uint32_t w[BLOCK_LENGTH/4];
+} buffer;
+union _state {
+  uint8_t b[HASH_LENGTH];
+  uint32_t w[HASH_LENGTH/4];
+} state;
+
+uint8_t bufferOffset;
+uint32_t byteCount;
+uint8_t keyBuffer[BLOCK_LENGTH];
+uint8_t innerHash[HASH_LENGTH];
+
+void init(void);
+void initHmac(const uint8_t* secret, uint8_t secretLength);
+uint8_t* result(void);
+uint8_t* resultHmac(void);
+void write(uint8_t);
+void writeArray(uint8_t *buffer, uint8_t size);
author	Wesley Ellis <tahnok@gmail.com>	2021-11-23 21:37:54 -0500
committer	Wesley Ellis <tahnok@gmail.com>	2021-11-23 21:40:27 -0500
commit	4a0ff5577363a1bd315693b41f448e3774de9e34 (patch)
tree	1f114cf2d110b431b750ab073713d52dc5d1077d
parent	121e6fd165a03f9249100e73bdf658e545e10d25 (diff)
download	Sensor-Watch-4a0ff5577363a1bd315693b41f448e3774de9e34.tar.gz Sensor-Watch-4a0ff5577363a1bd315693b41f448e3774de9e34.tar.bz2 Sensor-Watch-4a0ff5577363a1bd315693b41f448e3774de9e34.zip