Inicio Explorar Ayuda
Iniciar sesión
sl1nk
/
keepassxc
espejo de https://github.com/keepassxreboot/keepassxc.git
Seguir 1
Destacar 0
Fork 0
Archivos Incidencias 0 Wiki
Árbol: af2d0b1429
Ramas Etiquetas
keepassxc
/
tests
/
TestTotp.cpp

TestTotp.cpp 8.2 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223 
  1. /*
    2. 

  2.  *  Copyright (C) 2017 Weslly Honorato <weslly@protonmail.com>
    3. 

  3.  *  Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
    4. 

  4.  *
    5. 

  5.  *  This program is free software: you can redistribute it and/or modify
    6. 

  6.  *  it under the terms of the GNU General Public License as published by
    7. 

  7.  *  the Free Software Foundation, either version 2 or (at your option)
    8. 

  8.  *  version 3 of the License.
    9. 

  9.  *
    10. 

  10.  *  This program is distributed in the hope that it will be useful,
    11. 

  11.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13. 

  13.  *  GNU General Public License for more details.
    14. 

  14.  *
    15. 

  15.  *  You should have received a copy of the GNU General Public License
    16. 

  16.  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17. 

  17.  */
    18. 

  18. 

  19. #include "TestTotp.h"
    20. 

  20. 

  21. #include "core/Entry.h"
    22. 

  22. #include "core/Totp.h"
    23. 

  23. #include "crypto/Crypto.h"
    24. 

  24. 

  25. #include <QTest>
    26. 

  26. 

  27. QTEST_GUILESS_MAIN(TestTotp)
    28. 

  28. 

  29. void TestTotp::initTestCase()
    30. 

  30. {
    31. 

  31.     QVERIFY(Crypto::init());
    32. 

  32. }
    33. 

  33. 

  34. void TestTotp::testParseSecret()
    35. 

  35. {
    36. 

  36.     // OTP URL Parsing
    37. 

  37.     QString secret = "otpauth://totp/"
    38. 

  38.                      "ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm="
    39. 

  39.                      "SHA1&digits=6&period=30";
    40. 

  40.     auto settings = Totp::parseSettings(secret);
    41. 

  41.     QVERIFY(!settings.isNull());
    42. 

  42.     QCOMPARE(settings->key, QString("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ"));
    43. 

  43.     QCOMPARE(settings->format, Totp::StorageFormat::OTPURL);
    44. 

  44.     QCOMPARE(settings->digits, 6u);
    45. 

  45.     QCOMPARE(settings->step, 30u);
    46. 

  46.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha1);
    47. 

  47.     QCOMPARE(Totp::hasCustomSettings(settings), false);
    48. 

  48. 

  49.     // OTP URL with non-default hash type
    50. 

  50.     secret = "otpauth://totp/"
    51. 

  51.              "ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm="
    52. 

  52.              "SHA512&digits=6&period=30";
    53. 

  53.     settings = Totp::parseSettings(secret);
    54. 

  54.     QVERIFY(!settings.isNull());
    55. 

  55.     QCOMPARE(settings->key, QString("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ"));
    56. 

  56.     QCOMPARE(settings->format, Totp::StorageFormat::OTPURL);
    57. 

  57.     QCOMPARE(settings->digits, 6u);
    58. 

  58.     QCOMPARE(settings->step, 30u);
    59. 

  59.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha512);
    60. 

  60.     QCOMPARE(Totp::hasCustomSettings(settings), true);
    61. 

  61. 

  62.     // Max TOTP step of 24-hours
    63. 

  63.     secret.replace("period=30", "period=90000");
    64. 

  64.     settings = Totp::parseSettings(secret);
    65. 

  65.     QVERIFY(!settings.isNull());
    66. 

  66.     QCOMPARE(settings->step, 86400u);
    67. 

  67. 

  68.     // KeeOTP Parsing
    69. 

  69.     secret = "key=HXDMVJECJJWSRBY%3d&step=25&size=8&otpHashMode=Sha256";
    70. 

  70.     settings = Totp::parseSettings(secret);
    71. 

  71.     QVERIFY(!settings.isNull());
    72. 

  72.     QCOMPARE(settings->key, QString("HXDMVJECJJWSRBY="));
    73. 

  73.     QCOMPARE(settings->format, Totp::StorageFormat::KEEOTP);
    74. 

  74.     QCOMPARE(settings->digits, 8u);
    75. 

  75.     QCOMPARE(settings->step, 25u);
    76. 

  76.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha256);
    77. 

  77.     QCOMPARE(Totp::hasCustomSettings(settings), true);
    78. 

  78. 

  79.     // Semi-colon delineated "TOTP Settings"
    80. 

  80.     secret = "gezdgnbvgy3tqojqgezdgnbvgy3tqojq";
    81. 

  81.     settings = Totp::parseSettings("30;8", secret);
    82. 

  82.     QVERIFY(!settings.isNull());
    83. 

  83.     QCOMPARE(settings->key, QString("gezdgnbvgy3tqojqgezdgnbvgy3tqojq"));
    84. 

  84.     QCOMPARE(settings->format, Totp::StorageFormat::LEGACY);
    85. 

  85.     QCOMPARE(settings->digits, 8u);
    86. 

  86.     QCOMPARE(settings->step, 30u);
    87. 

  87.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha1);
    88. 

  88.     QCOMPARE(Totp::hasCustomSettings(settings), true);
    89. 

  89. 

  90.     // Bare secret (no "TOTP Settings" attribute)
    91. 

  91.     secret = "gezdgnbvgy3tqojqgezdgnbvgy3tqojq";
    92. 

  92.     settings = Totp::parseSettings("", secret);
    93. 

  93.     QVERIFY(!settings.isNull());
    94. 

  94.     QCOMPARE(settings->key, QString("gezdgnbvgy3tqojqgezdgnbvgy3tqojq"));
    95. 

  95.     QCOMPARE(settings->format, Totp::StorageFormat::LEGACY);
    96. 

  96.     QCOMPARE(settings->digits, 6u);
    97. 

  97.     QCOMPARE(settings->step, 30u);
    98. 

  98.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha1);
    99. 

  99.     QCOMPARE(Totp::hasCustomSettings(settings), false);
    100. 

  100. 

  101.     // Blank settings (expected failure)
    102. 

  102.     settings = Totp::parseSettings("", "");
    103. 

  103.     QVERIFY(settings.isNull());
    104. 

  104. 

  105.     // TOTP Settings with blank secret (expected failure)
    106. 

  106.     settings = Totp::parseSettings("30;8", "");
    107. 

  107.     QVERIFY(settings.isNull());
    108. 

  108. }
    109. 

  109. 

  110. void TestTotp::testTotpCode()
    111. 

  111. {
    112. 

  112.     // Test vectors from RFC 6238
    113. 

  113.     // https://tools.ietf.org/html/rfc6238#appendix-B
    114. 

  114.     auto settings = Totp::createSettings("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ", Totp::DEFAULT_DIGITS, Totp::DEFAULT_STEP);
    115. 

  115. 

  116.     // Test 6 digit TOTP (default)
    117. 

  117.     quint64 time = 1234567890;
    118. 

  118.     QCOMPARE(Totp::generateTotp(settings, time), QString("005924"));
    119. 

  119. 

  120.     time = 1111111109;
    121. 

  121.     QCOMPARE(Totp::generateTotp(settings, time), QString("081804"));
    122. 

  122. 

  123.     // Test 8 digit TOTP (custom)
    124. 

  124.     settings->digits = 8;
    125. 

  125.     time = 1111111111;
    126. 

  126.     QCOMPARE(Totp::generateTotp(settings, time), QString("14050471"));
    127. 

  127. 

  128.     time = 2000000000;
    129. 

  129.     QCOMPARE(Totp::generateTotp(settings, time), QString("69279037"));
    130. 

  130. }
    131. 

  131. 

  132. void TestTotp::testSteamTotp()
    133. 

  133. {
    134. 

  134.     // Legacy parsing
    135. 

  135.     auto settings = Totp::parseSettings("30;S", "63BEDWCQZKTQWPESARIERL5DTTQFCJTK");
    136. 

  136.     QCOMPARE(settings->key, QString("63BEDWCQZKTQWPESARIERL5DTTQFCJTK"));
    137. 

  137.     QCOMPARE(settings->encoder.shortName, Totp::STEAM_SHORTNAME);
    138. 

  138.     QCOMPARE(settings->format, Totp::StorageFormat::LEGACY);
    139. 

  139.     QCOMPARE(settings->digits, Totp::STEAM_DIGITS);
    140. 

  140.     QCOMPARE(settings->step, 30u);
    141. 

  141. 

  142.     // OTP URL Parsing
    143. 

  143.     QString secret = "otpauth://totp/"
    144. 

  144.                      "test:test@example.com?secret=63BEDWCQZKTQWPESARIERL5DTTQFCJTK&issuer=Valve&algorithm="
    145. 

  145.                      "SHA1&digits=5&period=30&encoder=steam";
    146. 

  146.     settings = Totp::parseSettings(secret);
    147. 

  147. 

  148.     QCOMPARE(settings->key, QString("63BEDWCQZKTQWPESARIERL5DTTQFCJTK"));
    149. 

  149.     QCOMPARE(settings->encoder.shortName, Totp::STEAM_SHORTNAME);
    150. 

  150.     QCOMPARE(settings->format, Totp::StorageFormat::OTPURL);
    151. 

  151.     QCOMPARE(settings->digits, Totp::STEAM_DIGITS);
    152. 

  152.     QCOMPARE(settings->step, 30u);
    153. 

  153. 

  154.     // These time/value pairs were created by running the Steam Guard function of the
    155. 

  155.     // Steam mobile app with a throw-away steam account. The above secret was extracted
    156. 

  156.     // from the Steam app's data for use in testing here.
    157. 

  157.     quint64 time = 1511200518;
    158. 

  158.     QCOMPARE(Totp::generateTotp(settings, time), QString("FR8RV"));
    159. 

  159.     time = 1511200714;
    160. 

  160.     QCOMPARE(Totp::generateTotp(settings, time), QString("9P3VP"));
    161. 

  161. }
    162. 

  162. 

  163. void TestTotp::testEntryHistory()
    164. 

  164. {
    165. 

  165.     Entry entry;
    166. 

  166.     uint step = 16;
    167. 

  167.     uint digits = 6;
    168. 

  168.     auto settings = Totp::createSettings("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ", digits, step);
    169. 

  169.     // Test that entry starts without TOTP
    170. 

  170.     QCOMPARE(entry.historyItems().size(), 0);
    171. 

  171.     QVERIFY(!entry.hasTotp());
    172. 

  172.     // Add TOTP to entry
    173. 

  173.     entry.setTotp(settings);
    174. 

  174.     QCOMPARE(entry.historyItems().size(), 1);
    175. 

  175.     QVERIFY(entry.hasTotp());
    176. 

  176.     QCOMPARE(entry.totpSettings()->key, QString("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"));
    177. 

  177.     // Change key and verify settings changed
    178. 

  178.     settings->key = "foo";
    179. 

  179.     entry.setTotp(settings);
    180. 

  180.     QCOMPARE(entry.historyItems().size(), 2);
    181. 

  181.     QCOMPARE(entry.totpSettings()->key, QString("foo"));
    182. 

  182.     // Nullptr Settings (expected reset of TOTP)
    183. 

  183.     entry.setTotp(nullptr);
    184. 

  184.     QVERIFY(!entry.hasTotp());
    185. 

  185.     QCOMPARE(entry.historyItems().size(), 3);
    186. 

  186. }
    187. 

  187. 

  188. void TestTotp::testKeePass2()
    189. 

  189. {
    190. 

  190.     Entry entry;
    191. 

  191.     auto attr = entry.attributes();
    192. 

  192. 

  193.     // Default settings
    194. 

  194.     attr->set("TimeOtp-Secret-Base32", "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ");
    195. 

  195. 

  196.     auto settings = entry.totpSettings();
    197. 

  197.     QVERIFY(settings);
    198. 

  198.     QCOMPARE(settings->key, QString("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"));
    199. 

  199.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha1);
    200. 

  200.     QCOMPARE(settings->digits, 6u);
    201. 

  201.     QCOMPARE(settings->step, 30u);
    202. 

  202.     QCOMPARE(Totp::hasCustomSettings(settings), false);
    203. 

  203. 

  204.     // Custom settings
    205. 

  205.     attr->set("TimeOtp-Algorithm", "HMAC-SHA-256");
    206. 

  206.     attr->set("TimeOtp-Length", "8");
    207. 

  207. 

  208.     settings = entry.totpSettings();
    209. 

  209.     QVERIFY(settings);
    210. 

  210.     QCOMPARE(settings->key, QString("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"));
    211. 

  211.     QCOMPARE(settings->algorithm, Totp::Algorithm::Sha256);
    212. 

  212.     QCOMPARE(settings->digits, 8u);
    213. 

  213.     QCOMPARE(settings->step, 30u);
    214. 

  214.     QCOMPARE(Totp::hasCustomSettings(settings), true);
    215. 

  215. 

  216.     // Base64 and other encodings are not supported
    217. 

  217.     attr->remove("TimeOtp-Secret-Base32");
    218. 

  218.     attr->set("TimeOtp-Secret-Base64", "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ");
    219. 

  219. 

  220.     settings = entry.totpSettings();
    221. 

  221.     QVERIFY(!settings);
    222. 

  222. }
    223. 

  223.