From 6a5323b12bfa2619e66d4f24171b58fc7fe5a96a Mon Sep 17 00:00:00 2001 From: Alexander Bakker Date: Mon, 7 Dec 2020 21:24:28 +0100 Subject: [PATCH] Make the Google Authenticator Protobuf parser more complete I don't think Google Authenticator actually currently supports any of these extra digit/algorithm options, but they're specified in the proto file, so we should support them for completeness sake. --- .../aegis/otp/GoogleAuthInfo.java | 41 +++++++++++++++++-- app/src/main/proto/google_auth.proto | 21 +++++++--- 2 files changed, 52 insertions(+), 10 deletions(-) diff --git a/app/src/main/java/com/beemdevelopment/aegis/otp/GoogleAuthInfo.java b/app/src/main/java/com/beemdevelopment/aegis/otp/GoogleAuthInfo.java index 227804be..ba5a2c0e 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/otp/GoogleAuthInfo.java +++ b/app/src/main/java/com/beemdevelopment/aegis/otp/GoogleAuthInfo.java @@ -216,13 +216,46 @@ public class GoogleAuthInfo implements Serializable { for (GoogleAuthProtos.MigrationPayload.OtpParameters params : payload.getOtpParametersList()) { OtpInfo otp; try { + int digits; + switch (params.getDigits()) { + case DIGIT_COUNT_UNSPECIFIED: + // intentional fallthrough + case DIGIT_COUNT_SIX: + digits = 6; + break; + case DIGIT_COUNT_EIGHT: + digits = 8; + break; + default: + throw new GoogleAuthInfoException(String.format("Unsupported digits: %d", params.getDigits().ordinal())); + } + + String algo; + switch (params.getAlgorithm()) { + case ALGORITHM_UNSPECIFIED: + // intentional fallthrough + case ALGORITHM_SHA1: + algo = "SHA1"; + break; + case ALGORITHM_SHA256: + algo = "SHA256"; + break; + case ALGORITHM_SHA512: + algo = "SHA512"; + break; + default: + throw new GoogleAuthInfoException(String.format("Unsupported hash algorithm: %d", params.getAlgorithm().ordinal())); + } + byte[] secret = params.getSecret().toByteArray(); switch (params.getType()) { - case OTP_HOTP: - otp = new HotpInfo(secret, params.getCounter()); + case OTP_TYPE_UNSPECIFIED: + // intentional fallthrough + case OTP_TYPE_TOTP: + otp = new TotpInfo(secret, algo, digits, 30); break; - case OTP_TOTP: - otp = new TotpInfo(secret); + case OTP_TYPE_HOTP: + otp = new HotpInfo(secret, algo, digits, params.getCounter()); break; default: throw new GoogleAuthInfoException(String.format("Unsupported algorithm: %d", params.getType().ordinal())); diff --git a/app/src/main/proto/google_auth.proto b/app/src/main/proto/google_auth.proto index 4346853f..e59f2d61 100644 --- a/app/src/main/proto/google_auth.proto +++ b/app/src/main/proto/google_auth.proto @@ -5,14 +5,23 @@ option java_outer_classname = "GoogleAuthProtos"; message MigrationPayload { enum Algorithm { - ALGO_INVALID = 0; - ALGO_SHA1 = 1; + ALGORITHM_UNSPECIFIED = 0; + ALGORITHM_SHA1 = 1; + ALGORITHM_SHA256 = 2; + ALGORITHM_SHA512 = 3; + ALGORITHM_MD5 = 4; + } + + enum DigitCount { + DIGIT_COUNT_UNSPECIFIED = 0; + DIGIT_COUNT_SIX = 1; + DIGIT_COUNT_EIGHT = 2; } enum OtpType { - OTP_INVALID = 0; - OTP_HOTP = 1; - OTP_TOTP = 2; + OTP_TYPE_UNSPECIFIED = 0; + OTP_TYPE_HOTP = 1; + OTP_TYPE_TOTP = 2; } message OtpParameters { @@ -20,7 +29,7 @@ message MigrationPayload { string name = 2; string issuer = 3; Algorithm algorithm = 4; - int32 digits = 5; + DigitCount digits = 5; OtpType type = 6; int64 counter = 7; }