mirror of
https://github.com/gchq/CyberChef
synced 2025-01-12 20:48:49 +00:00
Merge branch 'feature-otp'
This commit is contained in:
commit
8e8f6a0284
4 changed files with 120 additions and 1 deletions
|
@ -82,6 +82,7 @@
|
|||
"lodash": "^4.17.4",
|
||||
"moment": "^2.17.1",
|
||||
"moment-timezone": "^0.5.11",
|
||||
"otp": "^0.1.3",
|
||||
"sladex-blowfish": "^0.8.1",
|
||||
"sortablejs": "^1.5.1",
|
||||
"split.js": "^1.2.0",
|
||||
|
|
|
@ -300,6 +300,8 @@ const Categories = [
|
|||
"Detect File Type",
|
||||
"Scan for Embedded Files",
|
||||
"Generate UUID",
|
||||
"Generate TOTP",
|
||||
"Generate HOTP",
|
||||
"Render Image",
|
||||
"Remove EXIF",
|
||||
"Extract EXIF",
|
||||
|
|
|
@ -29,6 +29,7 @@ import MS from "../operations/MS.js";
|
|||
import NetBIOS from "../operations/NetBIOS.js";
|
||||
import Numberwang from "../operations/Numberwang.js";
|
||||
import OS from "../operations/OS.js";
|
||||
import OTP from "../operations/OTP.js";
|
||||
import PublicKey from "../operations/PublicKey.js";
|
||||
import Punycode from "../operations/Punycode.js";
|
||||
import QuotedPrintable from "../operations/QuotedPrintable.js";
|
||||
|
@ -3635,7 +3636,67 @@ const OperationConfig = {
|
|||
}
|
||||
]
|
||||
},
|
||||
|
||||
"Generate TOTP": {
|
||||
description: "The Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. It has been adopted as Internet Engineering Task Force standard RFC 6238, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems. A TOTP is an HOTP where the counter is the current time.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated. T0 and T1 are in seconds.",
|
||||
run: OTP.runTOTP,
|
||||
inputType: "byteArray",
|
||||
outputType: "string",
|
||||
args: [
|
||||
{
|
||||
name: "Name",
|
||||
type: "string",
|
||||
value: ""
|
||||
},
|
||||
{
|
||||
name: "Key size",
|
||||
type: "number",
|
||||
value: 32
|
||||
},
|
||||
{
|
||||
name: "Code length",
|
||||
type: "number",
|
||||
value: 6
|
||||
},
|
||||
{
|
||||
name: "Epoch offset (T0)",
|
||||
type: "number",
|
||||
value: 0
|
||||
},
|
||||
{
|
||||
name: "Interval (T1)",
|
||||
type: "number",
|
||||
value: 30
|
||||
}
|
||||
]
|
||||
},
|
||||
"Generate HOTP": {
|
||||
description: "The HMAC-based One-Time Password algorithm (HOTP) is an algorithm that computes a one-time password from a shared secret key and an incrementing counter. It has been adopted as Internet Engineering Task Force standard RFC 4226, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated.",
|
||||
run: OTP.runHOTP,
|
||||
inputType: "string",
|
||||
outputType: "string",
|
||||
args: [
|
||||
{
|
||||
name: "Name",
|
||||
type: "string",
|
||||
value: ""
|
||||
},
|
||||
{
|
||||
name: "Key size",
|
||||
type: "number",
|
||||
value: 32
|
||||
},
|
||||
{
|
||||
name: "Code length",
|
||||
type: "number",
|
||||
value: 6
|
||||
},
|
||||
{
|
||||
name: "Counter",
|
||||
type: "number",
|
||||
value: 0
|
||||
}
|
||||
]
|
||||
},
|
||||
};
|
||||
|
||||
export default OperationConfig;
|
||||
|
|
55
src/core/operations/OTP.js
Executable file
55
src/core/operations/OTP.js
Executable file
|
@ -0,0 +1,55 @@
|
|||
import otp from "otp";
|
||||
import Base64 from "./Base64.js";
|
||||
|
||||
/**
|
||||
* One-Time Password operations.
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2017
|
||||
* @license Apache-2.0
|
||||
*
|
||||
* @namespace
|
||||
*/
|
||||
const OTP = {
|
||||
|
||||
/**
|
||||
* Generate TOTP operation.
|
||||
*
|
||||
* @param {byteArray} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
runTOTP: function(input, args) {
|
||||
const otpObj = otp({
|
||||
name: args[0],
|
||||
keySize: args[1],
|
||||
codeLength: args[2],
|
||||
secret: Base64.runTo32(input, []),
|
||||
epoch: args[3],
|
||||
timeSlice: args[4]
|
||||
});
|
||||
return `URI: ${otpObj.totpURL}\n\nPassword: ${otpObj.totp()}`;
|
||||
},
|
||||
|
||||
|
||||
/**
|
||||
* Generate HOTP operation.
|
||||
*
|
||||
* @param {byteArray} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
runHOTP: function(input, args) {
|
||||
const otpObj = otp({
|
||||
name: args[0],
|
||||
keySize: args[1],
|
||||
codeLength: args[2],
|
||||
secret: Base64.runTo32(input, []),
|
||||
});
|
||||
const counter = args[3];
|
||||
return `URI: ${otpObj.hotpURL}\n\nPassword: ${otpObj.hotp(counter)}`;
|
||||
},
|
||||
|
||||
};
|
||||
|
||||
export default OTP;
|
Loading…
Reference in a new issue