-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathhmac.cpp
113 lines (93 loc) · 3.04 KB
/
hmac.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#include <stddef.h>
#include <stdlib.h>
#include <math.h>
#include <Arduino.h>
#include <EEPROM.h>
#include "sha1.h"
#include "eeprom.h"
#include "global.h"
#include "led.h"
#include "hmac.h"
/*
SL, StickLock
provides an electronic lock with USB security tokens as keys.
Copyright (C) 2019 [email protected]
COMMERCIAL USAGE PROHIBITED!
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program (see file gpl-3.0.txt).
If not, see <http://www.gnu.org/licenses/>.
*/
/*
* see https://tools.ietf.org/html/rfc4226#section-5.4
* for more details
*/
#ifndef CONFIG
// ipow returns based raised to the power of exp.
ULL ipow(ULL base, int exp) {
unsigned long long int result = 1ULL;
while(exp) {
if(exp & 1)
result *= (ULL)base;
exp >>= 1;
base *= base;
}
return result;
}
// CalcOTP calculates 6 or 8 byte (specified by otpLen) HOTP's from
// provided key and counter values.
unsigned long CalcOTP(uint8_t keyLen, uint8_t *key, ULL counter, uint8_t otpLen) {
union {
ULL cnt;
uint8_t bytes[sizeof(ULL)];
} cnt_bytes;
cnt_bytes.cnt = counter;
Sha1.initHmac(key, keyLen);
for (int i=7; i>=0; i--)
Sha1.write(cnt_bytes.bytes[i]);
uint8_t *hash = Sha1.resultHmac();
uint8_t offset = (hash[19] & 0x0f);
unsigned long bin_code =
((long)hash[offset] & 0x7f) << 24 |
((long)hash[offset+1] & 0xff) << 16 |
((long)hash[offset+2] & 0xff) << 8 |
(long)hash[offset+3] & 0xff;
// XXX: dont use this - can give wrong resilts !
//unsigned long p = (unsigned long)(pow(10, otpLen));
ULL p = ipow(10, otpLen);
unsigned long otp = bin_code % p;
return otp;
}
boolean CheckStatic(Key_t *key, const char *phrase) {
for(int i=0; i<key->key_len; i++)
if(key->key_bytes[i] != phrase[i])
return false;
return true;
}
// CheckOTP checks provided OTP against all enabled HOTP
// keys configured in EEPROM.
boolean CheckOTP(uint16_t addr, Key_t *key, uint8_t otpLen,
unsigned long otp, ULL *counter) {
boolean found = false;
ULL maxCounter = key->counter + key->counter_tolerance;
*counter = 0;
for(int i=key->counter; i<maxCounter; i++) {
unsigned long keyOTP = CalcOTP(key->key_len, key->key_bytes, i, otpLen);
if(keyOTP == otp) {
*counter = i;
key->counter = ++i;
WriteKey(addr, key, false);
found = true;
break;
}
}
return found;
}
#endif