keeweb
/
keeweb
mirror of https://github.com/keeweb/keeweb.git
1
0
Fork 0
Code Issues Releases Wiki Activity
keeweb/app/scripts/util/otp.js

152 lines
4.4 KiB
JavaScript
Raw Blame History

const Logger = require('./logger');
const logger = new Logger('otp');
const Otp = function(url, params) {
if (['hotp', 'totp'].indexOf(params.type) < 0) {
throw 'Bad type: ' + params.type;
}
if (!params.secret) {
throw 'Empty secret';
}
if (params.algorithm && ['SHA1', 'SHA256', 'SHA512'].indexOf(params.algorithm) < 0) {
throw 'Bad algorithm: ' + params.algorithm;
}
if (params.digits && ['6', '8'].indexOf(params.digits) < 0) {
throw 'Bad digits: ' + params.digits;
}
if (params.type === 'hotp' && !params.counter) {
throw 'Bad counter: ' + params.counter;
}
if ((params.period && isNaN(params.period)) || params.period < 1) {
throw 'Bad period: ' + params.period;
}
this.url = url;
this.type = params.type;
this.issuer = params.issuer;
this.account = params.account;
this.secret = params.secret;
this.issuer = params.issuer;
this.algorithm = params.algorithm ? params.algorithm.toUpperCase() : 'SHA1';
this.digits = params.digits ? +params.digits : 6;
this.counter = params.counter;
this.period = params.period ? +params.period : 30;
this.key = Otp.fromBase32(this.secret);
if (!this.key) {
throw 'Bad key: ' + this.key;
}
};
Otp.prototype.next = function(callback) {
let valueForHashing;
let timeLeft;
if (this.type === 'totp') {
const now = Date.now();
const epoch = Math.round(now / 1000);
valueForHashing = Math.floor(epoch / this.period);
const msPeriod = this.period * 1000;
timeLeft = msPeriod - (now % msPeriod);
} else {
valueForHashing = this.counter;
}
const data = new Uint8Array(8).buffer;
new DataView(data).setUint32(4, valueForHashing);
this.hmac(data, (sig, err) => {
if (!sig) {
logger.error('OTP calculation error', err);
return callback();
}
sig = new DataView(sig);
const offset = sig.getInt8(sig.byteLength - 1) & 0xf;
let pass = (sig.getUint32(offset) & 0x7fffffff).toString();
pass = Otp.leftPad(pass.substr(pass.length - this.digits), this.digits);
callback(pass, timeLeft);
});
};
Otp.prototype.hmac = function(data, callback) {
const subtle = window.crypto.subtle || window.crypto.webkitSubtle;
const algo = { name: 'HMAC', hash: { name: this.algorithm.replace('SHA', 'SHA-') } };
subtle
.importKey('raw', this.key, algo, false, ['sign'])
.then(key => {
subtle
.sign(algo, key, data)
.then(sig => {
callback(sig);
})
.catch(err => {
callback(null, err);
});
})
.catch(err => {
callback(null, err);
});
};
Otp.fromBase32 = function(str) {
const alphabet = 'abcdefghijklmnopqrstuvwxyz234567';
let bin = '';
let i;
for (i = 0; i < str.length; i++) {
const ix = alphabet.indexOf(str[i].toLowerCase());
if (ix < 0) {
return null;
}
bin += Otp.leftPad(ix.toString(2), 5);
}
const hex = new Uint8Array(Math.floor(bin.length / 8));
for (i = 0; i < hex.length; i++) {
const chunk = bin.substr(i * 8, 8);
hex[i] = parseInt(chunk, 2);
}
return hex.buffer;
};
Otp.leftPad = function(str, len) {
while (str.length < len) {
str = '0' + str;
}
return str;
};
Otp.parseUrl = function(url) {
const match = /^otpauth:\/\/(\w+)\/([^\?]+)\?(.*)/i.exec(url);
if (!match) {
throw 'Not OTP url';
}
const params = {};
const label = decodeURIComponent(match[2]);
if (label) {
const parts = label.split(':');
params.issuer = parts[0].trim();
if (parts.length > 1) {
params.account = parts[1].trim();
}
}
params.type = match[1].toLowerCase();
match[3].split('&').forEach(part => {
const parts = part.split('=', 2);
params[parts[0].toLowerCase()] = decodeURIComponent(parts[1]);
});
return new Otp(url, params);
};
Otp.isSecret = function(str) {
return !!Otp.fromBase32(str);
};
Otp.makeUrl = function(secret, period, digits) {
return (
'otpauth://totp/default?secret=' +
secret +
(period ? '&period=' + period : '') +
(digits ? '&digits=' + digits : '')
);
};
module.exports = Otp;
Reference in New Issue View Git Blame Copy Permalink