vaultwarden
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

support for otpauth:// urls for totp codes

This commit is contained in:
Kyle Spearrin 2018-07-31 11:25:50 -04:00
parent 2045e7047a
commit 41ab22a82f
4 changed files with 108 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/abstractions/totp.service.ts
View File

@ -1,4 +1,5 @@
export abstract class TotpService {
getCode: (keyb32: string) => Promise<string>;
getCode: (key: string) => Promise<string>;
getTimeInterval: (key: string) => number;
isAutoCopyEnabled: () => Promise<boolean>;
}

20
src/angular/components/view.component.ts
View File

@ -63,10 +63,11 @@ export class ViewComponent implements OnDestroy {
if (this.cipher.type === CipherType.Login && this.cipher.login.totp &&
(cipher.organizationUseTotp || this.isPremium)) {
await this.totpUpdateCode();
await this.totpTick();
const interval = this.totpService.getTimeInterval(this.cipher.login.totp);
await this.totpTick(interval);
this.totpInterval = setInterval(async () => {
await this.totpTick();
await this.totpTick(interval);
}, 1000);
}
}
@ -178,7 +179,12 @@ export class ViewComponent implements OnDestroy {
this.totpCode = await this.totpService.getCode(this.cipher.login.totp);
if (this.totpCode != null) {
this.totpCodeFormatted = this.totpCode.substring(0, 3) + ' ' + this.totpCode.substring(3);
if (this.totpCode.length > 4) {
const half = Math.floor(this.totpCode.length / 2);
this.totpCodeFormatted = this.totpCode.substring(0, half) + ' ' + this.totpCode.substring(half);
} else {
this.totpCodeFormatted = this.totpCode;
}
} else {
this.totpCodeFormatted = null;
if (this.totpInterval) {
@ -187,12 +193,12 @@ export class ViewComponent implements OnDestroy {
}
}
private async totpTick() {
private async totpTick(intervalSeconds: number) {
const epoch = Math.round(new Date().getTime() / 1000.0);
const mod = epoch % 30;
const mod = epoch % intervalSeconds;
this.totpSec = 30 - mod;
this.totpDash = +(Math.round(((2.62 * mod) + 'e+2') as any) + 'e-2');
this.totpSec = intervalSeconds - mod;
this.totpDash = +(Math.round((((78.6 / intervalSeconds) * mod) + 'e+2') as any) + 'e-2');
this.totpLow = this.totpSec <= 7;
if (mod === 0) {
await this.totpUpdateCode();

46
src/misc/utils.ts
View File

@ -151,6 +151,23 @@ export class Utils {
return url != null ? url.host : null;
}
static getQueryParams(uriString: string): Map<string, string> {
const url = Utils.getUrl(uriString);
if (url == null || url.search == null || url.search === '') {
return null;
}
const map = new Map<string, string>();
const pairs = (url.search[0] === '?' ? url.search.substr(1) : url.search).split('&');
pairs.forEach((pair) => {
const parts = pair.split('=');
if (parts.length < 1) {
return;
}
map.set(decodeURIComponent(parts[0]).toLowerCase(), parts[1] == null ? '' : decodeURIComponent(parts[1]));
});
return map;
}
static getSortFunction(i18nService: I18nService, prop: string) {
return (a: any, b: any) => {
if (a[prop] == null && b[prop] != null) {
@ -178,23 +195,24 @@ export class Utils {
return null;
}
if (uriString.indexOf('://') === -1 && uriString.indexOf('.') > -1) {
const hasProtocol = uriString.indexOf('://') > -1;
if (!hasProtocol && uriString.indexOf('.') > -1) {
uriString = 'http://' + uriString;
} else if (!hasProtocol) {
return null;
}
if (uriString.startsWith('http://') || uriString.startsWith('https://')) {
try {
if (nodeURL != null) {
return new nodeURL(uriString);
} else if (typeof URL === 'function') {
return new URL(uriString);
} else if (window != null) {
const anchor = window.document.createElement('a');
anchor.href = uriString;
return anchor as any;
}
} catch (e) { }
}
try {
if (nodeURL != null) {
return new nodeURL(uriString);
} else if (typeof URL === 'function') {
return new URL(uriString);
} else if (window != null) {
const anchor = window.document.createElement('a');
anchor.href = uriString;
return anchor as any;
}
} catch (e) { }
return null;
}

78
src/services/totp.service.ts
View File

@ -9,30 +9,78 @@ import { Utils } from '../misc/utils';
const b32Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
export class TotpService implements TotpServiceAbstraction {
constructor(private storageService: StorageService, private cryptoFunctionService: CryptoFunctionService) {}
constructor(private storageService: StorageService, private cryptoFunctionService: CryptoFunctionService) { }
async getCode(key: string): Promise<string> {
let period = 30;
let alg: 'sha1' | 'sha256' | 'sha512' = 'sha1';
let digits = 6;
let keyB32 = key;
if (key.indexOf('otpauth://') === 0) {
const params = Utils.getQueryParams(key);
if (params.has('digits') && params.get('digits') != null) {
try {
const digitParams = parseInt(params.get('digits').trim(), null);
if (digitParams > 10) {
digits = 10;
} else if (digitParams > 0) {
digits = digitParams;
}
} catch { }
}
if (params.has('period') && params.get('period') != null) {
try {
period = parseInt(params.get('period').trim(), null);
} catch { }
}
if (params.has('secret') && params.get('secret') != null) {
keyB32 = params.get('secret');
}
if (params.has('algorithm') && params.get('algorithm') != null) {
const algParam = params.get('algorithm').toLowerCase();
if (algParam === 'sha1' || algParam === 'sha256' || algParam === 'sha512') {
alg = algParam;
}
}
}
async getCode(keyb32: string): Promise<string> {
const epoch = Math.round(new Date().getTime() / 1000.0);
const timeHex = this.leftpad(this.dec2hex(Math.floor(epoch / 30)), 16, '0');
const timeHex = this.leftpad(this.dec2hex(Math.floor(epoch / period)), 16, '0');
const timeBytes = Utils.fromHexToArray(timeHex);
const keyBytes = this.b32tobytes(keyb32);
const keyBytes = this.b32tobytes(keyB32);
if (!keyBytes.length || !timeBytes.length) {
return null;
}
const hashHex = await this.sign(keyBytes, timeBytes);
if (!hashHex) {
const hash = await this.sign(keyBytes, timeBytes, alg);
if (hash.length === 0) {
return null;
}
const offset = this.hex2dec(hashHex.substring(hashHex.length - 1));
// tslint:disable-next-line
let otp = (this.hex2dec(hashHex.substr(offset * 2, 8)) & this.hex2dec('7fffffff')) + '';
otp = (otp).substr(otp.length - 6, 6);
/* tslint:disable */
const offset = (hash[hash.length - 1] & 0xf);
const binary = ((hash[offset] & 0x7f) << 24) | ((hash[offset + 1] & 0xff) << 16) |
((hash[offset + 2] & 0xff) << 8) | (hash[offset + 3] & 0xff);
/* tslint:enable */
let otp = (binary % Math.pow(10, digits)).toString();
otp = this.leftpad(otp, digits, '0');
return otp;
}
getTimeInterval(key: string): number {
let period = 30;
if (key.indexOf('otpauth://') === 0) {
const params = Utils.getQueryParams(key);
if (params.has('period') && params.get('period') != null) {
try {
period = parseInt(params.get('period').trim(), null);
} catch { }
}
}
return period;
}
async isAutoCopyEnabled(): Promise<boolean> {
return !(await this.storageService.get<boolean>(ConstantsService.disableAutoTotpCopyKey));
}
@ -50,10 +98,6 @@ export class TotpService implements TotpServiceAbstraction {
return (d < 15.5 ? '0' : '') + Math.round(d).toString(16);
}
private hex2dec(s: string): number {
return parseInt(s, 16);
}
private b32tohex(s: string): string {
s = s.toUpperCase();
let cleanedInput = '';
@ -87,8 +131,8 @@ export class TotpService implements TotpServiceAbstraction {
return Utils.fromHexToArray(this.b32tohex(s));
}
private async sign(keyBytes: Uint8Array, timeBytes: Uint8Array) {
const signature = await this.cryptoFunctionService.hmac(timeBytes.buffer, keyBytes.buffer, 'sha1');
return Utils.fromBufferToHex(signature);
private async sign(keyBytes: Uint8Array, timeBytes: Uint8Array, alg: 'sha1' | 'sha256' | 'sha512') {
const signature = await this.cryptoFunctionService.hmac(timeBytes.buffer, keyBytes.buffer, alg);
return new Uint8Array(signature);
}
}