-
-
Save nmurthy/a5e7107671cf04529ac5f3a7471f2357 to your computer and use it in GitHub Desktop.
/* base32 */ | |
/* | |
Copyright (c) 2011, Chris Umbel | |
Permission is hereby granted, free of charge, to any person obtaining a copy | |
of this software and associated documentation files (the "Software"), to deal | |
in the Software without restriction, including without limitation the rights | |
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
copies of the Software, and to permit persons to whom the Software is | |
furnished to do so, subject to the following conditions: | |
The above copyright notice and this permission notice shall be included in | |
all copies or substantial portions of the Software. | |
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |
THE SOFTWARE. | |
*/ | |
var charTable = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"; | |
function quintetCount(buff) { | |
var quintets = Math.floor(buff.length / 5); | |
return buff.length % 5 === 0 ? quintets : quintets + 1; | |
} | |
encode = function(plain) { | |
var i = 0; | |
var j = 0; | |
var shiftIndex = 0; | |
var digit = 0; | |
var encoded = new Array(quintetCount(plain) * 8); | |
/* byte by byte isn't as pretty as quintet by quintet but tests a bit faster. will have to revisit. */ | |
while(i < plain.length) { | |
var current = plain[i]; | |
if(shiftIndex > 3) { | |
digit = current & (0xff >> shiftIndex); | |
shiftIndex = (shiftIndex + 5) % 8; | |
digit = (digit << shiftIndex) | ((i + 1 < plain.length) ? | |
plain[i + 1] : 0) >> (8 - shiftIndex); | |
i++; | |
} else { | |
digit = (current >> (8 - (shiftIndex + 5))) & 0x1f; | |
shiftIndex = (shiftIndex + 5) % 8; | |
if(shiftIndex === 0) i++; | |
} | |
encoded[j] = charTable.charCodeAt(digit); | |
j++; | |
} | |
for(i = j; i < encoded.length; i++) { | |
encoded[i] = 0x3d; //'='.charCodeAt(0) | |
} | |
return encoded.join(''); | |
}; | |
/* base32 end */ | |
function hexToInt(str) { | |
var result = []; | |
for (var i = 0; i < str.length; i += 2) { | |
result.push(parseInt(str.substr(i, 2), 16)); | |
} | |
return result; | |
} | |
function hexToB32(str) { | |
return encode(hexToInt(str)); | |
} | |
getTotps = function() { | |
var totps = []; | |
console.warn("Here's your Authy tokens:"); | |
appManager.getModel().forEach(function(i) { | |
var secret = (i.markedForDeletion === false || !i.secretSeed) ? i.decryptedSeed : hexToB32(i.secretSeed); | |
var totp_uri = 'otpauth://totp/' + encodeURIComponent(i.name) + '?secret=' + secret + '&issuer=' + i.accountType + '&digits=' + i.digits + '&period=10'; | |
console.group(i.name); | |
console.log('TOTP URI: ' + totp_uri); | |
var qr_code = 'https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=' + encodeURIComponent(totp_uri); | |
console.log('QR code: ' + qr_code); | |
totps.push({ | |
name: i.name, | |
totpURI: totp_uri, | |
qrCode: qr_code | |
}) | |
console.groupEnd(); | |
}); | |
console.log(JSON.stringify(totps)); | |
return totps; | |
} |
This isn't working for me. It keeps giving me a URL with a period of 10, but the code is clearly changing every 20 seconds. Changing the period to 20 is not giving me correct codes either.
I'm having this same issue, trying to move my twitch account over and I can't. The QR code imports into andOTP but doesn't work properly, and trying to use the secret with various settings doesn't either.
They are using non-standard timing, but its not a big deal - it will still work! (usually)
-The OTP codes are generated using the 10 second matrix, but the code is "good" for 20 seconds It's because Authy allows for 3 code skew.
- Because they allow 3 code skew, you can put Authy and your password manager side by side and see them narrowly miss each other or sometimes they're exactly aligned, your milage may vary depending on how exact your clock is.
- If you're synced exactly to NTP, try rolling your clock back 10 seconds. Authy appears to be running about 10 seconds behind (probably intentionally) but anyways, this will usually put you right in the middle of the Authy skew window while not messing with your other apps.
- Screw Authy for not having a standardized export function. Seriously.
They are using non-standard timing, but its not a big deal - it will still work! (usually)
-The OTP codes are generated using the 10 second matrix, but the code is "good" for 20 seconds It's because Authy allows for 3 code skew.
- Because they allow 3 code skew, you can put Authy and your password manager side by side and see them narrowly miss each other or sometimes they're exactly aligned, your milage may vary depending on how exact your clock is.
- If you're synced exactly to NTP, try rolling your clock back 10 seconds. Authy appears to be running about 10 seconds behind (probably intentionally) but anyways, this will usually put you right in the middle of the Authy skew window while not messing with your other apps.
- Screw Authy for not having a standardized export function. Seriously.
I think they changed the formula or something because I've been trying and both 10 and 20 seconds with the private key does not generate a valid code. Tested in website and collected a boat full of codes over time. No bueno.
This isn't working for me. It keeps giving me a URL with a period of 10, but the code is clearly changing every 20 seconds. Changing the period to 20 is not giving me correct codes either.