re structure

lib/sha1/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Weravech
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

lib/sha1/README.md

@@ -0,0 +1,59 @@
+Sourced from https://github.com/Netthaw/TOTP-MCU
+
+TOTP Pure C Library for ALL MCU
+====================
+
+Library to generate Time-based One-Time Passwords.
+
+Implements the Time-based One-Time Password algorithm specified in [RFC 6238](https://tools.ietf.org/html/rfc6238). 
+Supports different time steps and is compatible with tokens that use the same standard (including software ones, like the Google Authenticator app).
+
+Tested on MCUs: MSP430, RP2040
+
+Installation & usage:
+--------------------
+First include header to your file
+```
+#include <totp.h>
+```
+After included, define key ex. Key is ```MyLegoDoor```
+- Note: The format of hmacKey is array of hexadecimal bytes.
+- Most websites provide the key encoded in base32 - RFC3548/RFC4648, either upper or lower case. You can use [this site](https://cryptii.com/pipes/base32-to-hex) to convert the base32 string to hex (make sure you upcase it first if it's lowercase and remove all whitespaces).
+```
+uint8_t hmacKey[] = {0x4d, 0x79, 0x4c, 0x65, 0x67, 0x6f, 0x44, 0x6f, 0x6f, 0x72};               // Secret key
+```
+Instantiate the TOTP class by providing the secret hmacKey, the length of the hmacKey and the Timestep between codes.
+```
+TOTP(hmacKey, 10, 30);                                     // Secret key, Secret key length, Timestep (30s)
+```
+Use the ```getCodeFromTimestamp()``` function to get a TOTP from a unix epoch timestamp
+```
+uint32_t newCode = getCodeFromTimestamp(1557414000);       // Current timestamp since Unix epoch in seconds
+```
+Or ```getCodeFromTimeStruct()``` if you want to get a TOTP from a tm struct (Time Struct in C), 
+```
+struct tm datetime;
+datetime.tm_hour = 9;
+datetime.tm_min = 0;
+datetime.tm_sec = 0;
+datetime.tm_mday = 13;
+datetime.tm_mon = 5;
+datetime.tm_year = 2019;
+uint32_t newCode = getCodeFromTimeStruct(datetime);
+```
+
+If the provided unix timestamp isn't in UTC±0, use ```setTimezone()``` before ```getCodeFromTimestamp()``` or ```getCodeFromTimeStruct()``` to offset the time.
+
+```
+setTimezone(9);                                            // Set timezone +9 Japan
+```
+
+You can see an example in blink.c
+
+Thanks to:
+----------
+
+* Jose Damico, https://github.com/damico/ARDUINO-OATH-TOKEN
+* Peter Knight, https://github.com/Cathedrow/Cryptosuite
+* Maniacbug, https://github.com/maniacbug/Cryptosuite
+* lucadentella, https://github.com/lucadentella/TOTP-Arduino

lib/sha1/sha1.cpp

@@ -0,0 +1,202 @@
+#include <string.h>
+#include "sha1.hpp"
+
+#define SHA1_K0 0x5a827999
+#define SHA1_K20 0x6ed9eba1
+#define SHA1_K40 0x8f1bbcdc
+#define SHA1_K60 0xca62c1d6
+
+union _buffer
+{
+  uint8_t b[BLOCK_LENGTH];
+  uint32_t w[BLOCK_LENGTH / 4];
+} buffer;
+
+union _state
+{
+  uint8_t b[HASH_LENGTH];
+  uint32_t w[HASH_LENGTH / 4];
+} state;
+
+uint8_t bufferOffset;
+uint32_t byteCount;
+uint8_t keyBuffer[BLOCK_LENGTH];
+uint8_t innerHash[HASH_LENGTH];
+
+uint8_t sha1InitState[] = {
+    0x01, 0x23, 0x45, 0x67, // H0
+    0x89, 0xab, 0xcd, 0xef, // H1
+    0xfe, 0xdc, 0xba, 0x98, // H2
+    0x76, 0x54, 0x32, 0x10, // H3
+    0xf0, 0xe1, 0xd2, 0xc3  // H4
+};
+
+void init(void)
+{
+  memcpy(state.b, sha1InitState, HASH_LENGTH);
+  byteCount = 0;
+  bufferOffset = 0;
+}
+
+uint32_t rol32(uint32_t number, uint8_t bits)
+{
+  return ((number << bits) | (uint32_t)(number >> (32 - bits)));
+}
+
+void hashBlock()
+{
+  uint8_t i;
+  uint32_t a, b, c, d, e, t;
+
+  a = state.w[0];
+  b = state.w[1];
+  c = state.w[2];
+  d = state.w[3];
+  e = state.w[4];
+  for (i = 0; i < 80; i++)
+  {
+    if (i >= 16)
+    {
+      t = buffer.w[(i + 13) & 15] ^ buffer.w[(i + 8) & 15] ^ buffer.w[(i + 2) & 15] ^ buffer.w[i & 15];
+      buffer.w[i & 15] = rol32(t, 1);
+    }
+    if (i < 20)
+    {
+      t = (d ^ (b & (c ^ d))) + SHA1_K0;
+    }
+    else if (i < 40)
+    {
+      t = (b ^ c ^ d) + SHA1_K20;
+    }
+    else if (i < 60)
+    {
+      t = ((b & c) | (d & (b | c))) + SHA1_K40;
+    }
+    else
+    {
+      t = (b ^ c ^ d) + SHA1_K60;
+    }
+    t += rol32(a, 5) + e + buffer.w[i & 15];
+    e = d;
+    d = c;
+    c = rol32(b, 30);
+    b = a;
+    a = t;
+  }
+  state.w[0] += a;
+  state.w[1] += b;
+  state.w[2] += c;
+  state.w[3] += d;
+  state.w[4] += e;
+}
+
+void addUncounted(uint8_t data)
+{
+  buffer.b[bufferOffset ^ 3] = data;
+  bufferOffset++;
+  if (bufferOffset == BLOCK_LENGTH)
+  {
+    hashBlock();
+    bufferOffset = 0;
+  }
+}
+
+void write(uint8_t data)
+{
+  ++byteCount;
+  addUncounted(data);
+
+  return;
+}
+
+void writeArray(uint8_t *buffer, uint8_t size)
+{
+  while (size--)
+  {
+    write(*buffer++);
+  }
+}
+
+void pad()
+{
+  // Implement SHA-1 padding (fips180-2 <20><>5.1.1)
+
+  // Pad with 0x80 followed by 0x00 until the end of the block
+  addUncounted(0x80);
+  while (bufferOffset != 56)
+    addUncounted(0x00);
+
+  // Append length in the last 8 bytes
+  addUncounted(0);               // We're only using 32 bit lengths
+  addUncounted(0);               // But SHA-1 supports 64 bit lengths
+  addUncounted(0);               // So zero pad the top bits
+  addUncounted(byteCount >> 29); // Shifting to multiply by 8
+  addUncounted(byteCount >> 21); // as SHA-1 supports bitstreams as well as
+  addUncounted(byteCount >> 13); // byte.
+  addUncounted(byteCount >> 5);
+  addUncounted(byteCount << 3);
+}
+
+uint8_t *result(void)
+{
+  // Pad to complete the last block
+  pad();
+
+  // Swap byte order back
+  uint8_t i;
+  for (i = 0; i < 5; i++)
+  {
+    uint32_t a, b;
+    a = state.w[i];
+    b = a << 24;
+    b |= (a << 8) & 0x00ff0000;
+    b |= (a >> 8) & 0x0000ff00;
+    b |= a >> 24;
+    state.w[i] = b;
+  }
+
+  // Return pointer to hash (20 characters)
+  return state.b;
+}
+
+#define HMAC_IPAD 0x36
+#define HMAC_OPAD 0x5c
+
+void initHmac(const uint8_t *key, uint8_t keyLength)
+{
+  uint8_t i;
+  memset(keyBuffer, 0, BLOCK_LENGTH);
+  if (keyLength > BLOCK_LENGTH)
+  {
+    // Hash long keys
+    init();
+    for (; keyLength--;)
+      write(*key++);
+    memcpy(keyBuffer, result(), HASH_LENGTH);
+  }
+  else
+  {
+    // Block length keys are used as is
+    memcpy(keyBuffer, key, keyLength);
+  }
+  // Start inner hash
+  init();
+  for (i = 0; i < BLOCK_LENGTH; i++)
+  {
+    write(keyBuffer[i] ^ HMAC_IPAD);
+  }
+}
+
+uint8_t *resultHmac(void)
+{
+  uint8_t i;
+  // Complete inner hash
+  memcpy(innerHash, result(), HASH_LENGTH);
+  // Calculate outer hash
+  init();
+  for (i = 0; i < BLOCK_LENGTH; i++)
+    write(keyBuffer[i] ^ HMAC_OPAD);
+  for (i = 0; i < HASH_LENGTH; i++)
+    write(innerHash[i]);
+  return result();
+}

lib/sha1/sha1.hpp

@@ -0,0 +1,16 @@
+#ifndef __SHA1_H__
+#define __SHA1_H__
+
+#include <inttypes.h>
+
+#define HASH_LENGTH 20
+#define BLOCK_LENGTH 64
+
+void init(void);
+void initHmac(const uint8_t *secret, uint8_t secretLength);
+uint8_t *result(void);
+uint8_t *resultHmac(void);
+void write(uint8_t);
+void writeArray(uint8_t *buffer, uint8_t size);
+
+#endif

lib/totp/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Weravech
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

lib/totp/README.md

@@ -0,0 +1,59 @@
+Sourced from https://github.com/Netthaw/TOTP-MCU
+
+TOTP Pure C Library for ALL MCU
+====================
+
+Library to generate Time-based One-Time Passwords.
+
+Implements the Time-based One-Time Password algorithm specified in [RFC 6238](https://tools.ietf.org/html/rfc6238). 
+Supports different time steps and is compatible with tokens that use the same standard (including software ones, like the Google Authenticator app).
+
+Tested on MCUs: MSP430, RP2040
+
+Installation & usage:
+--------------------
+First include header to your file
+```
+#include <totp.h>
+```
+After included, define key ex. Key is ```MyLegoDoor```
+- Note: The format of hmacKey is array of hexadecimal bytes.
+- Most websites provide the key encoded in base32 - RFC3548/RFC4648, either upper or lower case. You can use [this site](https://cryptii.com/pipes/base32-to-hex) to convert the base32 string to hex (make sure you upcase it first if it's lowercase and remove all whitespaces).
+```
+uint8_t hmacKey[] = {0x4d, 0x79, 0x4c, 0x65, 0x67, 0x6f, 0x44, 0x6f, 0x6f, 0x72};               // Secret key
+```
+Instantiate the TOTP class by providing the secret hmacKey, the length of the hmacKey and the Timestep between codes.
+```
+TOTP(hmacKey, 10, 30);                                     // Secret key, Secret key length, Timestep (30s)
+```
+Use the ```getCodeFromTimestamp()``` function to get a TOTP from a unix epoch timestamp
+```
+uint32_t newCode = getCodeFromTimestamp(1557414000);       // Current timestamp since Unix epoch in seconds
+```
+Or ```getCodeFromTimeStruct()``` if you want to get a TOTP from a tm struct (Time Struct in C), 
+```
+struct tm datetime;
+datetime.tm_hour = 9;
+datetime.tm_min = 0;
+datetime.tm_sec = 0;
+datetime.tm_mday = 13;
+datetime.tm_mon = 5;
+datetime.tm_year = 2019;
+uint32_t newCode = getCodeFromTimeStruct(datetime);
+```
+
+If the provided unix timestamp isn't in UTC±0, use ```setTimezone()``` before ```getCodeFromTimestamp()``` or ```getCodeFromTimeStruct()``` to offset the time.
+
+```
+setTimezone(9);                                            // Set timezone +9 Japan
+```
+
+You can see an example in blink.c
+
+Thanks to:
+----------
+
+* Jose Damico, https://github.com/damico/ARDUINO-OATH-TOKEN
+* Peter Knight, https://github.com/Cathedrow/Cryptosuite
+* Maniacbug, https://github.com/maniacbug/Cryptosuite
+* lucadentella, https://github.com/lucadentella/TOTP-Arduino

lib/totp/totp.cpp

@@ -0,0 +1,76 @@
+#include <sha1.hpp>
+#include "totp.hpp"
+
+uint8_t *_hmacKey;
+uint8_t _keyLength;
+uint8_t _timeZoneOffset = 0;
+uint32_t _timeStep;
+
+// Init the library with the private key, its length and the timeStep duration
+void TOTP(uint8_t *hmacKey, uint8_t keyLength, uint32_t timeStep)
+{
+    _hmacKey = hmacKey;
+    _keyLength = keyLength;
+    _timeStep = timeStep;
+}
+
+void setTimezone(uint8_t timezone)
+{
+    _timeZoneOffset = timezone;
+}
+
+uint32_t TimeStruct2Timestamp(struct tm time)
+{
+    // time.tm_mon -= 1;
+    // time.tm_year -= 1900;
+    return mktime(&(time)) - (_timeZoneOffset * 3600) - 2208988800;
+}
+
+// Generate a code, using the timestamp provided
+uint32_t getCodeFromTimestamp(uint32_t timeStamp)
+{
+    uint32_t steps = timeStamp / _timeStep;
+    return getCodeFromSteps(steps);
+}
+
+// Generate a code, using the timestamp provided
+uint32_t getCodeFromTimeStruct(struct tm time)
+{
+    return getCodeFromTimestamp(TimeStruct2Timestamp(time));
+}
+
+// Generate a code, using the number of steps provided
+uint32_t getCodeFromSteps(uint32_t steps)
+{
+    // STEP 0, map the number of steps in a 8-bytes array (counter value)
+    uint8_t _byteArray[8];
+    _byteArray[0] = 0x00;
+    _byteArray[1] = 0x00;
+    _byteArray[2] = 0x00;
+    _byteArray[3] = 0x00;
+    _byteArray[4] = (uint8_t)((steps >> 24) & 0xFF);
+    _byteArray[5] = (uint8_t)((steps >> 16) & 0xFF);
+    _byteArray[6] = (uint8_t)((steps >> 8) & 0XFF);
+    _byteArray[7] = (uint8_t)((steps & 0XFF));
+
+    // STEP 1, get the HMAC-SHA1 hash from counter and key
+    initHmac(_hmacKey, _keyLength);
+    writeArray(_byteArray, 8);
+    uint8_t *_hash = resultHmac();
+
+    // STEP 2, apply dynamic truncation to obtain a 4-bytes string
+    uint32_t _truncatedHash = 0;
+    uint8_t _offset = _hash[20 - 1] & 0xF;
+    uint8_t j;
+    for (j = 0; j < 4; ++j)
+    {
+        _truncatedHash <<= 8;
+        _truncatedHash |= _hash[_offset + j];
+    }
+
+    // STEP 3, compute the OTP value
+    _truncatedHash &= 0x7FFFFFFF; // Disabled
+    _truncatedHash %= 1000000;
+
+    return _truncatedHash;
+}

lib/totp/totp.hpp

@@ -0,0 +1,13 @@
+#ifndef __TOTP_H__
+#define __TOTP_H__
+
+#include <inttypes.h>
+#include <time.h>
+
+void TOTP(uint8_t *hmacKey, uint8_t keyLength, uint32_t timeStep);
+void setTimezone(uint8_t timezone);
+uint32_t getCodeFromTimestamp(uint32_t timeStamp);
+uint32_t getCodeFromTimeStruct(struct tm time);
+uint32_t getCodeFromSteps(uint32_t steps);
+
+#endif