Add a base32 class; change secret default type to base32 encoded; tested

TOTP.java -> it works

src/com/cringe_studios/cringe_authenticator_library/OTP.java

@@ -1,10 +1,13 @@
 package com.cringe_studios.cringe_authenticator_library;
 
+import com.cringe_studios.cringe_authenticator_library.impl.Base32;
+
 public abstract class OTP {
 	//TOTP
 	//HOTP
 	
-	protected String secret;
+	protected byte[] secret;
+	protected String base32Secret;
 	protected OTPType type;
 	protected OTPAlgorithm algorithm;
 	protected int digits;
@@ -13,7 +16,8 @@ public abstract class OTP {
 	protected boolean checksum;
 	
 	protected OTP(OTPType nType, String nSecret, OTPAlgorithm nAlgorithm, int nDigits, long nCounter, long nPeriodInSeconds, boolean nChecksum) {
-		this.secret = nSecret;
+		this.secret = Base32.decode(nSecret);
+		base32Secret = nSecret;
 		type = nType;
 		algorithm = nAlgorithm;
 		digits = nDigits;
@@ -22,7 +26,7 @@ public abstract class OTP {
 		checksum = nChecksum;
 	}
 	
-	//secret: required
+	//secret: required - base32 encoded
 	//algorithm: optional (default SHA1)
 	//digits: optional (default 6)
 	//OTPType: required
@@ -37,7 +41,7 @@ public abstract class OTP {
 	public abstract String getPin();
 	
 	public String getSecret() {
-		return this.secret;
+		return this.base32Secret;
 	}
 	
 	public OTPType getOTPType() {

src/com/cringe_studios/cringe_authenticator_library/impl/Base32.java

@@ -0,0 +1,231 @@
+package com.cringe_studios.cringe_authenticator_library.impl;
+
+public final class Base32 {
+	/* lookup table used to encode() groups of 5 bits of data */
+	private static final String base32Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
+	/* lookup table used to decode() characters in Base32 strings */
+	private static final byte[] base32Lookup = { 26, 27, 28, 29, 30, 31, -1, -1, -1, -1, -1, -1, -1, -1, // 23456789:;<=>?
+			-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // @ABCDEFGHIJKLMNO
+			15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, // PQRSTUVWXYZ[\]^_
+			-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // `abcdefghijklmno
+			15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 // pqrstuvwxyz
+	};
+	/* Messsages for Illegal Parameter Exceptions in decode() */
+	private static final String errorCanonicalLength = "non canonical Base32 string length";
+	private static final String errorCanonicalEnd = "non canonical bits at end of Base32 string";
+	private static final String errorInvalidChar = "invalid character in Base32 string";
+
+	/**
+	 * Decode a Base32 string into an array of binary bytes. May fail if the
+	 * parameter is a non canonical Base32 string (the only other possible exception
+	 * is that the returned array cannot be allocated in memory)
+	 */
+	static public byte[] decode(final String base32) throws IllegalArgumentException {
+		// Note that the code below detects could detect non canonical
+		// Base32 length within the loop. However canonical Base32 length
+		// can be tested before entering the loop.
+		// A canonical Base32 length modulo 8 cannot be:
+		// 1 (aborts discarding 5 bits at STEP n=0 which produces no byte),
+		// 3 (aborts discarding 7 bits at STEP n=2 which produces no byte),
+		// 6 (aborts discarding 6 bits at STEP n=1 which produces no byte)
+		// So these tests could be avoided within the loop.
+		switch (base32.length() % 8) { // test the length of last subblock
+		case 1: // 5 bits in subblock: 0 useful bits but 5 discarded
+		case 3: // 15 bits in subblock: 8 useful bits but 7 discarded
+		case 6: // 30 bits in subblock: 24 useful bits but 6 discarded
+			throw new IllegalArgumentException(errorCanonicalLength);
+		}
+		byte[] bytes = new byte[base32.length() * 5 / 8];
+		int offset = 0, i = 0, lookup;
+		byte nextByte, digit;
+		// Also the code below does test that other discarded bits
+		// (1 to 4 bits at end) are effectively 0.
+		while (i < base32.length()) {
+			// Read the 1st char in a 8-chars subblock
+			// check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 0: leave 5 bits
+			nextByte = (byte) (digit << 3);
+			// Assert(i < base32.length) // tested before loop
+			// Read the 2nd char in a 8-chars subblock
+			// Check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 5: insert 3 bits, leave 2 bits
+			bytes[offset++] = (byte) (nextByte | (digit >> 2));
+			nextByte = (byte) ((digit & 3) << 6);
+			if (i >= base32.length()) {
+				if (nextByte != (byte) 0) {
+					throw new IllegalArgumentException(errorCanonicalEnd);
+				}
+				break; // discard the remaining 2 bits
+			}
+			// Read the 3rd char in a 8-chars subblock
+			// Check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 2: leave 7 bits
+			nextByte |= (byte) (digit << 1);
+			// Assert(i < base32.length) // tested before loop
+			// Read the 4th char in a 8-chars subblock
+			// Check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 7: insert 1 bit, leave 4 bits
+			bytes[offset++] = (byte) (nextByte | (digit >> 4));
+			nextByte = (byte) ((digit & 15) << 4);
+			if (i >= base32.length()) {
+				if (nextByte != (byte) 0) {
+					throw new IllegalArgumentException(errorCanonicalEnd);
+				}
+				break; // discard the remaining 4 bits
+			}
+			// Read the 5th char in a 8-chars subblock
+			// Assert that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 4: insert 4 bits, leave 1 bit
+			bytes[offset++] = (byte) (nextByte | (digit >> 1));
+			nextByte = (byte) ((digit & 1) << 7);
+			if (i >= base32.length()) {
+				if (nextByte != (byte) 0) {
+					throw new IllegalArgumentException(errorCanonicalEnd);
+				}
+				break; // discard the remaining 1 bit
+			}
+			// Read the 6th char in a 8-chars subblock
+			// Check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 1: leave 6 bits
+			nextByte |= (byte) (digit << 2);
+			// Assert(i < base32.length) // tested before loop
+			// Read the 7th char in a 8-chars subblock
+			// Check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 6: insert 2 bits, leave 3 bits
+			bytes[offset++] = (byte) (nextByte | (digit >> 3));
+			nextByte = (byte) ((digit & 7) << 5);
+			if (i >= base32.length()) {
+				if (nextByte != (byte) 0) {
+					throw new IllegalArgumentException(errorCanonicalEnd);
+				}
+				break; // discard the remaining 3 bits
+			}
+			// Read the 8th char in a 8-chars subblock
+			// Check that chars are not outside the lookup table and valid
+			lookup = base32.charAt(i++) - '2';
+			if (lookup < 0 || lookup >= base32Lookup.length) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			digit = base32Lookup[lookup];
+			if (digit == -1) {
+				throw new IllegalArgumentException(errorInvalidChar);
+			}
+			// // STEP n = 3: insert 5 bits, leave 0 bit
+			bytes[offset++] = (byte) (nextByte | digit);
+			// // possible end of string here with no trailing bits
+		}
+		// On loop exit, discard trialing n bits.
+		return bytes;
+	}
+
+	/**
+	 * Encode an array of binary bytes into a Base32 string. Should not fail (the
+	 * only possible exception is that the returned string cannot be allocated in
+	 * memory)
+	 */
+	static public String encode(final byte[] bytes) {
+		StringBuffer base32 = new StringBuffer((bytes.length * 8 + 4) / 5);
+		int currByte, digit, i = 0;
+		while (i < bytes.length) {
+			// INVARIANTS FOR EACH STEP n in [0..5[; digit in [0..31[;
+			// The remaining n bits are already aligned on top positions
+			// of the 5 least bits of digit, the other bits are 0.
+			// //// STEP n = 0; insert new 5 bits, leave 3 bits
+			currByte = bytes[i++] & 255;
+			base32.append(base32Chars.charAt(currByte >> 3));
+			digit = (currByte & 7) << 2;
+			if (i >= bytes.length) { // put the last 3 bits
+				base32.append(base32Chars.charAt(digit));
+				break;
+			}
+			// //// STEP n = 3: insert 2 new bits, then 5 bits, leave 1 bit
+			currByte = bytes[i++] & 255;
+			base32.append(base32Chars.charAt(digit | (currByte >> 6)));
+			base32.append(base32Chars.charAt((currByte >> 1) & 31));
+			digit = (currByte & 1) << 4;
+			if (i >= bytes.length) { // put the last 1 bit
+				base32.append(base32Chars.charAt(digit));
+				break;
+			}
+			// //// STEP n = 1: insert 4 new bits, leave 4 bit
+			currByte = bytes[i++] & 255;
+			base32.append(base32Chars.charAt(digit | (currByte >> 4)));
+			digit = (currByte & 15) << 1;
+			if (i >= bytes.length) { // put the last 4 bits
+				base32.append(base32Chars.charAt(digit));
+				break;
+			}
+			// //// STEP n = 4: insert 1 new bit, then 5 bits, leave 2 bits
+			currByte = bytes[i++] & 255;
+			base32.append(base32Chars.charAt(digit | (currByte >> 7)));
+			base32.append(base32Chars.charAt((currByte >> 2) & 31));
+			digit = (currByte & 3) << 3;
+			if (i >= bytes.length) { // put the last 2 bits
+				base32.append(base32Chars.charAt(digit));
+				break;
+			}
+			// /// STEP n = 2: insert 3 new bits, then 5 bits, leave 0 bit
+			currByte = bytes[i++] & 255;
+			base32.append(base32Chars.charAt(digit | (currByte >> 5)));
+			base32.append(base32Chars.charAt(currByte & 31));
+			// // This point is reached for bytes.length multiple of 5
+		}
+		return base32.toString();
+	}
+}

src/com/cringe_studios/cringe_authenticator_library/impl/TOTP.java

@@ -1,6 +1,7 @@
 package com.cringe_studios.cringe_authenticator_library.impl;
 
 import java.math.BigInteger;
+import java.nio.ByteBuffer;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.security.InvalidKeyException;
@@ -30,39 +31,32 @@ public class TOTP extends HOTP {
 	@Override
 	public String getPin() {
 		// TODO Auto-generated method stub
+		try {
+			return getPinAt(Instant.now().getEpochSecond());
+		} catch (InvalidKeyException e) {
+			e.printStackTrace();
+		} catch (NoSuchAlgorithmException e) {
+			e.printStackTrace();
+		}
+		
 		return null;
 	}
 
 	@Override
 	public long getCounter() {
-		return Instant.now().getEpochSecond() / this.getPeriod();
+		return getCounterAt(Instant.now().getEpochSecond());
-
+	}
+	
+	private long getCounterAt(long unixSecond) {
+		return unixSecond / this.getPeriod();
 	}
 
-	private static byte[] hexStr2Bytes(String hex) {
+	public String getPinAt(long time) throws InvalidKeyException, NoSuchAlgorithmException {
-		// Adding one byte to get the right conversion
-		// Values starting with "0" can be converted
-		byte[] bArray = new BigInteger("10" + hex, 16).toByteArray();
-
-		// Copy all the REAL bytes, not the "first"
-		byte[] ret = new byte[bArray.length - 1];
-		for (int i = 0; i < ret.length; i++)
-			ret[i] = bArray[i + 1];
-		return ret;
-	}
-
-	public String getPinAt(String key, String time) throws InvalidKeyException, NoSuchAlgorithmException {	
 		int codeDigits = this.getDigits();
 
-		// Using the counter
-		// First 8 bytes are for the movingFactor
-		// Compliant with base RFC 4226 (HOTP)
-		while (time.length() < 16)
-			time = "0" + time;
-
 		// Get the HEX in a Byte[]
-		byte[] msg = hexStr2Bytes(time);
+		byte[] msg = ByteBuffer.allocate(Long.BYTES).putLong(this.getCounterAt(time)).array();
-		byte[] k = hexStr2Bytes(key);
+		byte[] k = this.secret;
 		byte[] hash = this.getAlgorithm().hash(k, msg);
 
 		// put selected bytes into result int