实施TOTP 8086组装(TASM)

时间:2019-04-27 13:53:36

标签: assembly dos x86-16 google-authenticator totp

我正在尝试在8086装配体上实现TOTP。返回unix time / 30和HMAC-SHA1的程序运行正常(已选中)。 我正在使用键“ 0000000000”,它等于0x30303030303030030030(base32中的GAYDAMBQGAYDAMBQ),并且得到的结果与Google Authenticator应用程序不同。 这是我的代码:

proc GoogleAuthenticator
    call EpochTimeDiv30 ;get epoch time in seconds/30 in dx:ax
    xchg dh, dl ;we need it to be big endian in the memory
    xchg ah, al
;---------------------HMAC-SHA1 preparation------------------
    mov [word HmacMsg], dx 
    mov [word HmacMsg+2], ax ;msg is epoch time
    mov [HmacMsgLen], 4 ;msg length is 4bytes
    mov [HKeyLen], 10 ;key length is 10bytes
    lea bx, [HmacMsg]
    mov [HmacMsgOffset], bx ;put the offset of the msg
    call HMAC_SHA1 ;Key is already in Key var
;Now the result is in msgHash (result is big-endian)

    mov al, [msgHash+19] ;last byte of hashed msg
    and al, 0Fh ;we need only the last nibble
    xor ah, ah
    mov si, ax
    mov dx, [word msgHash+si] ;get offset, offset+1
    mov ax, [word msgHash+si+2] ;get offfset+2, offset+3
    xchg dh, dl ;back to big endian
    xchg ah, al ;back to big endian

    and dh, 7Fh ;removing the most significant bit(MSB)

    Mod32 0Fh, 4240h ;dx:ax modulo 1,000,000
    ret
endp GoogleAuthenticator

编辑: 我正在尝试实现的算法:

  function GoogleAuthenticatorCode(string secret)
      key := 5B5E7MMX344QRHYO
      message := floor(current Unix time / 30)
      hash := HMAC-SHA1(key, message)
      offset := last nibble of hash
      truncatedHash := hash[offset..offset+3]  //4 bytes starting at the offset
      Set the first bit of truncatedHash to zero  //remove the most significant bit
      code := truncatedHash mod 1000000
      pad code with 0 from the left until length of code is 6
      return code

1 个答案:

答案 0 :(得分:1)

我发现了问题。 消息长度应为8个字节。 这是工作代码:

proc GoogleAuthenticator
    call EpochTimeDiv30 ;get epoch time in seconds/30 in dx:ax
    xchg dh, dl ;we need it to be big endian in the memory
    xchg ah, al
;---------------------HMAC-SHA1 preparation------------------
    mov [word HmacMsg], 0
    mov [word HmacMsg+2], 0
    mov [word HmacMsg+4], dx 
    mov [word HmacMsg+6], ax ;msg is epoch time
    mov [HmacMsgLen], 8 ;msg length is 4bytes
    mov [HKeyLen], 10 ;key length is 10bytes
    lea bx, [HmacMsg]
    mov [HmacMsgOffset], bx ;put the offset of the msg
    call HMAC_SHA1 ;Key is already in Key var
;Now the result is in msgHash (result is big-endian)

    mov al, [msgHash+19] ;last byte of hashed msg
    and al, 0Fh ;we need only the last nibble
    xor ah, ah
    mov si, ax
    mov dx, [word msgHash+si] ;get offset, offset+1
    mov ax, [word msgHash+si+2] ;get offfset+2, offset+3
    xchg dh, dl ;back to big endian
    xchg ah, al ;back to big endian

    and dh, 7Fh ;removing the most significant bit(MSB)

    Mod32 0Fh, 4240h ;dx:ax modulo 1,000,000
    ret
endp GoogleAuthenticator
相关问题
最新问题