Add TOTP support

2017-04-13 07:05:36 -03:00
parent 7040bef27e
commit bf57a28654
22 changed files with 1120 additions and 2 deletions
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -158,6 +158,9 @@ endif()
 add_unit_test(NAME testentry SOURCES TestEntry.cpp
              LIBS ${TEST_LIBRARIES})

+add_unit_test(NAME testtotp SOURCES TestTotp.cpp
+              LIBS ${TEST_LIBRARIES})
+
 add_unit_test(NAME testcsvparser SOURCES TestCsvParser.cpp
              LIBS ${TEST_LIBRARIES})

--- a/tests/TestTotp.cpp
+++ b/tests/TestTotp.cpp
@@ -0,0 +1,102 @@
+/*
+ *  Copyright (C) 2017 Weslly Honorato <weslly@protonmail.com>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "TestTotp.h"
+
+#include <QTest>
+#include <QTime>
+#include <QDateTime>
+#include <QtEndian>
+#include <QTextCodec>
+
+#include "crypto/Crypto.h"
+#include "totp/totp.h"
+
+QTEST_GUILESS_MAIN(TestTotp)
+
+void TestTotp::initTestCase()
+{
+    QVERIFY(Crypto::init());
+}
+
+
+void TestTotp::testSecret()
+{
+    quint8 digits = 0;
+    quint8 step = 0;
+    QString secret = "otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA1&digits=6&period=30";
+    QCOMPARE(QTotp::parseOtpString(secret, digits, step), QString("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ"));
+    QCOMPARE(digits, quint8(6));
+    QCOMPARE(step, quint8(30));
+
+    digits = QTotp::defaultDigits;
+    step = QTotp::defaultStep;
+    secret = "key=HXDMVJECJJWSRBY%3d&step=25&size=8";
+    QCOMPARE(QTotp::parseOtpString(secret, digits, step), QString("HXDMVJECJJWSRBY="));
+    QCOMPARE(digits, quint8(8));
+    QCOMPARE(step, quint8(25));
+
+    digits = 0;
+    step = 0;
+    secret = "gezdgnbvgy3tqojqgezdgnbvgy3tqojq";
+    QCOMPARE(QTotp::parseOtpString(secret, digits, step), QString("gezdgnbvgy3tqojqgezdgnbvgy3tqojq"));
+    QCOMPARE(digits, quint8(6));
+    QCOMPARE(step, quint8(30));
+}
+
+void TestTotp::testBase32()
+{
+    QByteArray key = QString("JBSW Y3DP EB3W 64TM MQXC 4LQA").toLatin1();
+    QByteArray secret = QTotp::base32_decode(key);
+    QCOMPARE(QString::fromLatin1(secret), QString("Hello world..."));
+
+    key = QString("gezdgnbvgy3tqojqgezdgnbvgy3tqojq").toLatin1();
+    secret = QTotp::base32_decode(key);
+    QCOMPARE(QString::fromLatin1(secret), QString("12345678901234567890"));
+
+    key = QString("ORSXG5A=").toLatin1();
+    secret = QTotp::base32_decode(key);
+    QCOMPARE(QString::fromLatin1(secret), QString("test"));
+
+    key = QString("MZXW6YTBOI======").toLatin1();
+    secret = QTotp::base32_decode(key);
+    QCOMPARE(QString::fromLatin1(secret), QString("foobar"));
+}
+
+void TestTotp::testTotpCode()
+{
+    // Test vectors from RFC 6238
+    // https://tools.ietf.org/html/rfc6238#appendix-B
+
+    QByteArray seed = QString("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ").toLatin1();
+
+    quint64 time = 1234567890;
+    QString output = QTotp::generateTotp(seed, time, 6, 30);
+    QCOMPARE(output, QString("005924"));
+
+    time = 1111111109;
+    output = QTotp::generateTotp(seed, time, 6, 30);
+    QCOMPARE(output, QString("081804"));
+
+    time = 1111111111;
+    output = QTotp::generateTotp(seed, time, 8, 30);
+    QCOMPARE(output, QString("14050471"));
+
+    time = 2000000000;
+    output = QTotp::generateTotp(seed, time, 8, 30);
+    QCOMPARE(output, QString("69279037"));
+}
--- a/tests/TestTotp.h
+++ b/tests/TestTotp.h
@@ -0,0 +1,36 @@
+/*
+ *  Copyright (C) 2017 Weslly Honorato <weslly@protonmail.com>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef KEEPASSX_TESTTOTP_H
+#define KEEPASSX_TESTTOTP_H
+
+#include <QObject>
+
+class Totp;
+
+class TestTotp : public QObject
+{
+    Q_OBJECT
+
+private slots:
+    void initTestCase();
+    void testSecret();
+    void testBase32();
+    void testTotpCode();
+};
+
+#endif // KEEPASSX_TESTTOTP_H
--- a/tests/gui/TestGui.cpp
+++ b/tests/gui/TestGui.cpp
@@ -48,6 +48,8 @@
 #include "gui/DatabaseTabWidget.h"
 #include "gui/DatabaseWidget.h"
 #include "gui/CloneDialog.h"
+#include "gui/TotpDialog.h"
+#include "gui/SetupTotpDialog.h"
 #include "gui/FileDialog.h"
 #include "gui/MainWindow.h"
 #include "gui/MessageBox.h"
@@ -441,6 +443,55 @@ void TestGui::testDicewareEntryEntropy()
    QCOMPARE(strengthLabel->text(), QString("Password Quality: Good"));
 }

+void TestGui::testTotp()
+{
+    QToolBar* toolBar = m_mainWindow->findChild<QToolBar*>("toolBar");
+    EntryView* entryView = m_dbWidget->findChild<EntryView*>("entryView");
+
+    QCOMPARE(entryView->model()->rowCount(), 1);
+
+    QCOMPARE(m_dbWidget->currentMode(), DatabaseWidget::ViewMode);
+    QModelIndex item = entryView->model()->index(0, 1);
+    Entry* entry = entryView->entryFromIndex(item);
+
+    clickIndex(item, entryView, Qt::LeftButton);
+
+    triggerAction("actionEntrySetupTotp");
+
+    SetupTotpDialog* setupTotpDialog = m_dbWidget->findChild<SetupTotpDialog*>("SetupTotpDialog");
+
+    Tools::wait(100);
+
+    QLineEdit* seedEdit = setupTotpDialog->findChild<QLineEdit*>("seedEdit");
+
+    QString exampleSeed = "gezdgnbvgy3tqojqgezdgnbvgy3tqojq";
+    QTest::keyClicks(seedEdit, exampleSeed);
+
+    QDialogButtonBox* setupTotpButtonBox = setupTotpDialog->findChild<QDialogButtonBox*>("buttonBox");
+    QTest::mouseClick(setupTotpButtonBox->button(QDialogButtonBox::Ok), Qt::LeftButton);
+
+    QAction* entryEditAction = m_mainWindow->findChild<QAction*>("actionEntryEdit");
+    QWidget* entryEditWidget = toolBar->widgetForAction(entryEditAction);
+    QTest::mouseClick(entryEditWidget, Qt::LeftButton);
+    QCOMPARE(m_dbWidget->currentMode(), DatabaseWidget::EditMode);
+    EditEntryWidget* editEntryWidget = m_dbWidget->findChild<EditEntryWidget*>("editEntryWidget");
+
+    editEntryWidget->setCurrentPage(1);
+    QPlainTextEdit* attrTextEdit = editEntryWidget->findChild<QPlainTextEdit*>("attributesEdit");
+    QTest::mouseClick(editEntryWidget->findChild<QAbstractButton*>("revealAttributeButton"), Qt::LeftButton);
+    QCOMPARE(attrTextEdit->toPlainText(), exampleSeed);
+
+    QDialogButtonBox* editEntryWidgetButtonBox = editEntryWidget->findChild<QDialogButtonBox*>("buttonBox");
+    QTest::mouseClick(editEntryWidgetButtonBox->button(QDialogButtonBox::Ok), Qt::LeftButton);
+
+    triggerAction("actionEntryTotp");
+
+    TotpDialog* totpDialog = m_dbWidget->findChild<TotpDialog*>("TotpDialog");
+    QLabel* totpLabel = totpDialog->findChild<QLabel*>("totpLabel");
+
+    QCOMPARE(totpLabel->text(), entry->totp());
+}
+
 void TestGui::testSearch()
 {
    // Add canned entries for consistent testing
--- a/tests/gui/TestGui.h
+++ b/tests/gui/TestGui.h
@@ -46,6 +46,7 @@ private slots:
    void testAddEntry();
    void testPasswordEntryEntropy();
    void testDicewareEntryEntropy();
+    void testTotp();
    void testSearch();
    void testDeleteEntry();
    void testCloneEntry();