2017-04-13 07:05:36 -03:00
|
|
|
|
/*
|
|
|
|
|
* Copyright (C) 2017 Weslly Honorato <weslly@protonmail.com>
|
2017-06-09 23:40:36 +02:00
|
|
|
|
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
|
2017-04-13 07:05:36 -03:00
|
|
|
|
*
|
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation, either version 2 or (at your option)
|
|
|
|
|
* version 3 of the License.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "TestTotp.h"
|
|
|
|
|
|
2017-10-14 22:54:20 -06:00
|
|
|
|
#include <QDateTime>
|
2017-04-13 07:05:36 -03:00
|
|
|
|
#include <QTest>
|
2017-10-14 22:54:20 -06:00
|
|
|
|
#include <QTextCodec>
|
2017-04-13 07:05:36 -03:00
|
|
|
|
#include <QTime>
|
|
|
|
|
#include <QtEndian>
|
|
|
|
|
|
|
|
|
|
#include "crypto/Crypto.h"
|
|
|
|
|
#include "totp/totp.h"
|
|
|
|
|
|
|
|
|
|
QTEST_GUILESS_MAIN(TestTotp)
|
|
|
|
|
|
|
|
|
|
void TestTotp::initTestCase()
|
|
|
|
|
{
|
|
|
|
|
QVERIFY(Crypto::init());
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-03 20:54:19 -03:00
|
|
|
|
void TestTotp::testParseSecret()
|
2017-04-13 07:05:36 -03:00
|
|
|
|
{
|
|
|
|
|
quint8 digits = 0;
|
|
|
|
|
quint8 step = 0;
|
2017-10-14 22:54:20 -06:00
|
|
|
|
QString secret = "otpauth://totp/"
|
|
|
|
|
"ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm="
|
|
|
|
|
"SHA1&digits=6&period=30";
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QCOMPARE(Totp::parseOtpString(secret, digits, step), QString("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ"));
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(digits, quint8(6));
|
|
|
|
|
QCOMPARE(step, quint8(30));
|
|
|
|
|
|
2017-11-20 22:25:09 -02:00
|
|
|
|
digits = Totp::defaultDigits;
|
|
|
|
|
step = Totp::defaultStep;
|
2017-04-13 07:05:36 -03:00
|
|
|
|
secret = "key=HXDMVJECJJWSRBY%3d&step=25&size=8";
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QCOMPARE(Totp::parseOtpString(secret, digits, step), QString("HXDMVJECJJWSRBY="));
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(digits, quint8(8));
|
|
|
|
|
QCOMPARE(step, quint8(25));
|
|
|
|
|
|
|
|
|
|
digits = 0;
|
|
|
|
|
step = 0;
|
|
|
|
|
secret = "gezdgnbvgy3tqojqgezdgnbvgy3tqojq";
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QCOMPARE(Totp::parseOtpString(secret, digits, step), QString("gezdgnbvgy3tqojqgezdgnbvgy3tqojq"));
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(digits, quint8(6));
|
|
|
|
|
QCOMPARE(step, quint8(30));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void TestTotp::testTotpCode()
|
|
|
|
|
{
|
|
|
|
|
// Test vectors from RFC 6238
|
|
|
|
|
// https://tools.ietf.org/html/rfc6238#appendix-B
|
|
|
|
|
|
|
|
|
|
QByteArray seed = QString("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ").toLatin1();
|
|
|
|
|
|
|
|
|
|
quint64 time = 1234567890;
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QString output = Totp::generateTotp(seed, time, 6, 30);
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(output, QString("005924"));
|
|
|
|
|
|
|
|
|
|
time = 1111111109;
|
2017-11-20 22:25:09 -02:00
|
|
|
|
output = Totp::generateTotp(seed, time, 6, 30);
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(output, QString("081804"));
|
|
|
|
|
|
|
|
|
|
time = 1111111111;
|
2017-11-20 22:25:09 -02:00
|
|
|
|
output = Totp::generateTotp(seed, time, 8, 30);
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(output, QString("14050471"));
|
|
|
|
|
|
|
|
|
|
time = 2000000000;
|
2017-11-20 22:25:09 -02:00
|
|
|
|
output = Totp::generateTotp(seed, time, 8, 30);
|
2017-04-13 07:05:36 -03:00
|
|
|
|
QCOMPARE(output, QString("69279037"));
|
|
|
|
|
}
|
2017-11-20 11:01:22 -07:00
|
|
|
|
|
|
|
|
|
void TestTotp::testEncoderData()
|
|
|
|
|
{
|
2017-11-20 22:25:09 -02:00
|
|
|
|
for (quint8 key: Totp::encoders.keys()) {
|
|
|
|
|
const Totp::Encoder& enc = Totp::encoders.value(key);
|
2017-11-20 11:01:22 -07:00
|
|
|
|
QVERIFY2(enc.digits != 0,
|
|
|
|
|
qPrintable(QString("Custom encoders cannot have zero-value for digits field: %1(%2)")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)));
|
|
|
|
|
QVERIFY2(!enc.name.isEmpty(),
|
|
|
|
|
qPrintable(QString("Custom encoders must have a name: %1(%2)")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)));
|
|
|
|
|
QVERIFY2(!enc.shortName.isEmpty(),
|
|
|
|
|
qPrintable(QString("Custom encoders must have a shortName: %1(%2)")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)));
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QVERIFY2(Totp::shortNameToEncoder.contains(enc.shortName),
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("No shortNameToEncoder entry found for custom encoder: %1(%2) %3")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)
|
|
|
|
|
.arg(enc.shortName)));
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QVERIFY2(Totp::shortNameToEncoder[enc.shortName] == key,
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("shortNameToEncoder doesn't reference this custome encoder: %1(%2) %3")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)
|
|
|
|
|
.arg(enc.shortName)));
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QVERIFY2(Totp::nameToEncoder.contains(enc.name),
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("No nameToEncoder entry found for custom encoder: %1(%2) %3")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)
|
|
|
|
|
.arg(enc.shortName)));
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QVERIFY2(Totp::nameToEncoder[enc.name] == key,
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("nameToEncoder doesn't reference this custome encoder: %1(%2) %3")
|
|
|
|
|
.arg(enc.name)
|
|
|
|
|
.arg(key)
|
|
|
|
|
.arg(enc.shortName)));
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-20 22:25:09 -02:00
|
|
|
|
for (const QString & key: Totp::nameToEncoder.keys()) {
|
|
|
|
|
quint8 value = Totp::nameToEncoder.value(key);
|
|
|
|
|
QVERIFY2(Totp::encoders.contains(value),
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("No custom encoder found for encoder named %1(%2)")
|
|
|
|
|
.arg(value)
|
|
|
|
|
.arg(key)));
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QVERIFY2(Totp::encoders[value].name == key,
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("nameToEncoder doesn't reference the right custom encoder: %1(%2)")
|
|
|
|
|
.arg(value)
|
|
|
|
|
.arg(key)));
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-20 22:25:09 -02:00
|
|
|
|
for (const QString & key: Totp::shortNameToEncoder.keys()) {
|
|
|
|
|
quint8 value = Totp::shortNameToEncoder.value(key);
|
|
|
|
|
QVERIFY2(Totp::encoders.contains(value),
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("No custom encoder found for short-name encoder %1(%2)")
|
|
|
|
|
.arg(value)
|
|
|
|
|
.arg(key)));
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QVERIFY2(Totp::encoders[value].shortName == key,
|
2017-11-20 11:01:22 -07:00
|
|
|
|
qPrintable(QString("shortNameToEncoder doesn't reference the right custom encoder: %1(%2)")
|
|
|
|
|
.arg(value)
|
|
|
|
|
.arg(key)));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void TestTotp::testSteamTotp()
|
|
|
|
|
{
|
|
|
|
|
quint8 digits = 0;
|
|
|
|
|
quint8 step = 0;
|
|
|
|
|
QString secret = "otpauth://totp/"
|
|
|
|
|
"test:test@example.com?secret=63BEDWCQZKTQWPESARIERL5DTTQFCJTK&issuer=Valve&algorithm="
|
|
|
|
|
"SHA1&digits=5&period=30&encoder=steam";
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QCOMPARE(Totp::parseOtpString(secret, digits, step), QString("63BEDWCQZKTQWPESARIERL5DTTQFCJTK"));
|
|
|
|
|
QCOMPARE(digits, quint8(Totp::ENCODER_STEAM));
|
2017-11-20 11:01:22 -07:00
|
|
|
|
QCOMPARE(step, quint8(30));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
QByteArray seed = QString("63BEDWCQZKTQWPESARIERL5DTTQFCJTK").toLatin1();
|
|
|
|
|
|
|
|
|
|
// These time/value pairs were created by running the Steam Guard function of the
|
|
|
|
|
// Steam mobile app with a throw-away steam account. The above secret was extracted
|
|
|
|
|
// from the Steam app's data for use in testing here.
|
|
|
|
|
quint64 time = 1511200518;
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QCOMPARE(Totp::generateTotp(seed, time, Totp::ENCODER_STEAM, 30), QString("FR8RV"));
|
2017-11-20 11:01:22 -07:00
|
|
|
|
time = 1511200714;
|
2017-11-20 22:25:09 -02:00
|
|
|
|
QCOMPARE(Totp::generateTotp(seed, time, Totp::ENCODER_STEAM, 30), QString("9P3VP"));
|
2017-11-20 11:01:22 -07:00
|
|
|
|
}
|