Update pom.xml and fixed a fatal bug with big token lenghts

This commit is contained in:
TheArrayser 2023-06-25 23:15:01 +02:00
parent 75680b2e93
commit 19de03f0f4
3 changed files with 41 additions and 4 deletions

View File

@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>com.cringe_studios</groupId> <groupId>com.cringe_studios</groupId>
<artifactId>CringeAuthenticatorLibrary</artifactId> <artifactId>CringeAuthenticatorLibrary</artifactId>
<version>1.0</version> <version>1.1</version>
<name>CringeAuthenticatorLibrary</name> <name>CringeAuthenticatorLibrary</name>
<description>The Library of the Cringe Authenticator</description> <description>The Library of the Cringe Authenticator</description>
<build> <build>

View File

@ -1,7 +1,11 @@
package com.cringe_studios.cringe_authenticator_library.impl; package com.cringe_studios.cringe_authenticator_library.impl;
import java.math.BigInteger;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import com.cringe_studios.cringe_authenticator_library.OTP; import com.cringe_studios.cringe_authenticator_library.OTP;
import com.cringe_studios.cringe_authenticator_library.OTPAlgorithm; import com.cringe_studios.cringe_authenticator_library.OTPAlgorithm;
@ -66,11 +70,23 @@ public class HOTP extends OTP {
int binary = ((hash[offset] & 0x7f) << 24) | ((hash[offset + 1] & 0xff) << 16) int binary = ((hash[offset] & 0x7f) << 24) | ((hash[offset + 1] & 0xff) << 16)
| ((hash[offset + 2] & 0xff) << 8) | (hash[offset + 3] & 0xff); | ((hash[offset + 2] & 0xff) << 8) | (hash[offset + 3] & 0xff);
int otp = binary % DIGITS_POWER[codeDigits]; //int otp = binary % DIGITS_POWER[codeDigits];
//byte[] truncatedHash = Arrays.copyOfRange(hash, offset, offset + 3);
//truncatedHash[0] &= 0x7F;
//BigInteger bigBinary = new BigInteger(1, truncatedHash);
BigInteger bigBinary = BigInteger.valueOf(binary);
BigInteger bigOtp = bigBinary.mod(BigInteger.TEN.pow(codeDigits));
//System.out.println(binary + " vs. " + bigBinary.toString());
//System.out.println(otp + " vs. " + bigOtp.toString());
if (addChecksum) { if (addChecksum) {
otp = (otp * 10) + HOTPChecksumProvider.calcChecksum(otp, codeDigits); //otp = (otp * 10) + HOTPChecksumProvider.calcChecksum(otp, codeDigits);
bigOtp = bigOtp.multiply(BigInteger.TEN).add(BigInteger.valueOf(HOTPChecksumProvider.calcChecksum(bigOtp.longValue(), codeDigits)));
} }
String result = Integer.toString(otp); //String result = Integer.toString(otp);
String result = bigOtp.toString();
while (result.length() < digits) { while (result.length() < digits) {
result = "0" + result; result = "0" + result;
} }

View File

@ -1,6 +1,8 @@
package test; package test;
import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertThrows;
import java.math.BigInteger; import java.math.BigInteger;
import java.text.DateFormat; import java.text.DateFormat;
@ -45,6 +47,25 @@ public class OTPTest {
} }
} }
@Test
public void lengthTest() {
String secret = "1";
String base32secret = Base32.encode(hexStr2Bytes(secret));
OTP testOTP1 = OTP.createNewOTP(OTPType.HOTP, base32secret, OTPAlgorithm.SHA1, 1, 0, 0, false);
assertDoesNotThrow(() -> testOTP1.getPin());
secret = "100";
base32secret = Base32.encode(hexStr2Bytes(secret));
OTP testOTP2 = OTP.createNewOTP(OTPType.HOTP, base32secret, OTPAlgorithm.SHA256, 0, 0, 0, false);
assertDoesNotThrow(() -> testOTP2.getPin());
OTP testOTP3 = OTP.createNewOTP(OTPType.HOTP, base32secret, OTPAlgorithm.SHA512, 50, 0, 0, false);
assertDoesNotThrow(() -> testOTP3.getPin());
OTP testOTP4 = OTP.createNewOTP(OTPType.HOTP, base32secret, OTPAlgorithm.SHA512, 10, 0, 0, false);
assertDoesNotThrow(() -> testOTP4.getPin());
}
private static byte[] hexStr2Bytes(String hex) { private static byte[] hexStr2Bytes(String hex) {
// Adding one byte to get the right conversion // Adding one byte to get the right conversion
// Values starting with "0" can be converted // Values starting with "0" can be converted