From 10701f3d505170f57655b111c77977f270fe9e42 Mon Sep 17 00:00:00 2001 From: Matheus Afonso Martins Moreira Date: Wed, 20 Mar 2024 11:35:58 -0300 Subject: faces/totp: avoid displaying when key is invalid Fixes a division by zero bug caused by calling getCodeFromTimestamp without having initialized the TOTP library with a secret first. This was happening because the face calls totp_display on activation, meaning the validity of the secret was not checked since this is done in the generate function. Now the validity of the key is determined solely by the size of the current decoded key. A general display function checks it and decides whether to display the code or just the error message. The size of the current decoded key is initialized to zero on watch face activation, ensuring fail safe operation. Tested-by: Matheus Afonso Martins Moreira Tested-on-hardware-by: madhogs <59648482+madhogs@users.noreply.github.com> Signed-off-by: Matheus Afonso Martins Moreira GitHub-Pull-Request: https://github.com/joeycastillo/Sensor-Watch/pull/385 --- movement/watch_faces/complication/totp_face.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/movement/watch_faces/complication/totp_face.c b/movement/watch_faces/complication/totp_face.c index 2938337e..a593e9c9 100644 --- a/movement/watch_faces/complication/totp_face.c +++ b/movement/watch_faces/complication/totp_face.c @@ -94,12 +94,13 @@ static void totp_validate_key_lengths(void) { } } -static bool totp_generate(totp_state_t *totp_state) { +static void totp_generate(totp_state_t *totp_state) { totp_t *totp = totp_current(totp_state); if (totp->encoded_key_length <= 0) { // Key exceeded static limits and was turned off - return false; + totp_state->current_decoded_key_length = 0; + return; } totp_state->current_decoded_key_length = base32_decode(totp->encoded_key, totp_state->current_decoded_key); @@ -107,7 +108,7 @@ static bool totp_generate(totp_state_t *totp_state) { if (totp_state->current_decoded_key_length == 0) { // Decoding failed for some reason // Not a base 32 string? - return false; + return; } TOTP( @@ -116,8 +117,6 @@ static bool totp_generate(totp_state_t *totp_state) { totp->period, totp->algorithm ); - - return true; } static void totp_display_error(totp_state_t *totp_state) { @@ -128,7 +127,7 @@ static void totp_display_error(totp_state_t *totp_state) { watch_display_string(buf, 0); } -static void totp_display(totp_state_t *totp_state) { +static void totp_display_code(totp_state_t *totp_state) { char buf[14]; div_t result; uint8_t valid_for; @@ -145,14 +144,19 @@ static void totp_display(totp_state_t *totp_state) { watch_display_string(buf, 0); } -static void totp_generate_and_display(totp_state_t *totp_state) { - if (totp_generate(totp_state)) { - totp_display(totp_state); +static void totp_display(totp_state_t *totp_state) { + if (totp_state->current_decoded_key_length > 0) { + totp_display_code(totp_state); } else { totp_display_error(totp_state); } } +static void totp_generate_and_display(totp_state_t *totp_state) { + totp_generate(totp_state); + totp_display(totp_state); +} + static inline uint32_t totp_compute_base_timestamp(movement_settings_t *settings) { return watch_utility_date_time_to_unix_time(watch_rtc_get_date_time(), movement_timezone_offsets[settings->bit.time_zone] * 60); } -- cgit v1.2.3