Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2024-12-25 23:39:45 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix TOTP epoch time; add null checks for settings

Browse Source
This commit is contained in:
Jonathan White 2018-09-15 12:08:33 -04:00
parent 1dc9f10c7f
commit 823a916220
No known key found for this signature in database
GPG Key ID: 440FC65F2E0C6E01
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/totp/totp.cpp
View File

@ -98,6 +98,10 @@ QSharedPointer<Totp::Settings> Totp::createSettings(const QString& key, const ui
QString Totp::writeSettings(const QSharedPointer<Totp::Settings> settings)
{
if (settings.isNull()) {
return {};
}
// OTP Url output
if (settings->otpUrl) {
auto urlstring = QString("key=%1&step=%2&size=%3").arg(settings->key).arg(settings->step).arg(settings->digits);
@ -118,20 +122,26 @@ QString Totp::writeSettings(const QSharedPointer<Totp::Settings> settings)
QString Totp::generateTotp(const QSharedPointer<Totp::Settings> settings, const quint64 time)
{
Q_ASSERT(!settings.isNull());
if (settings.isNull()) {
return QObject::tr("Invalid Settings", "TOTP");
}
const Encoder& encoder = settings->encoder;
uint step = settings->custom ? settings->step : encoder.step;
uint digits = settings->custom ? settings->digits : encoder.digits;
quint64 current;
if (time == 0) {
current = qToBigEndian(QDateTime::currentDateTime().toTime_t() / step);
// TODO: Replace toTime_t() with toSecsSinceEpoch() when minimum Qt >= 5.8
current = qToBigEndian(static_cast<quint64>(QDateTime::currentDateTime().toTime_t()) / step);
} else {
current = qToBigEndian(time / step);
}
QVariant secret = Base32::decode(Base32::sanitizeInput(settings->key.toLatin1()));
if (secret.isNull()) {
return "Invalid TOTP secret key";
return QObject::tr("Invalid Key", "TOTP");
}
QMessageAuthenticationCode code(QCryptographicHash::Sha1);