Secure TOTP password generator.

This is a project developed in the cursus of 42Madrid.

Subject:

In this project, the objective is to implement a TOTP system (Time-based One-Time Password), which is able to generate ephemeral passwords from a master key.

Bonus Part:

• Allow to choose the encryption password of the master key ft_otp.key and request it each time a new temporary password is generated.
• Develop a client that generates the master password and validates the results with a graphical interface.
• Any other feature that you consider useful.

Project

To understand the project it is necessary to read and understand the articles of the RFC:

• TOTP
• HOTP
• HMAC

These have helped me to form the algorithm to develop understanding that:

TOTP uses the HOTP algorithm, replacing the counter with a non-decreasing value based on the current time CT:

TOTP value(K) = truncated(HOTP value(K, CT))

When the tool is executed, a 6-digit pin is obtained which can be verified from another client application that shares the secret key and the timer.

TOTP key encryption was performed and some useful options were added as indicated in the bonus.

In the src directory of the repository, you can find the source code made in python and you will be able to modify the algorithm parameters.

The ft_otp(debian).zip file in the directory out contains a script with its dependencies for Linux systems which will run without the need of python3.

Script Options

# Generate a new TOTP key/pin
./ft_otp -k ft_otp.key

# Save a new key [hexadecimal - 64 characters] ft_otp.key.
./ft_otp -g key.hex

# Change the encryption Base64 password of the 'ft_otp.key' file
./ft_otp -p P_l1F4g7hC5o3UWD273fcCmVJrfeCDVEG3D4aDCXaCI=

# Interactive mode TOTP
./ft_otp -k ft_otp.key -i SECONDS

# Generate a 64-character hexadecimal random key in a 'key.hex' file.
./ft_otp -rk

# Generate a Base64 random password.
./ft_otp -rp

# Print help message
./ft_otp -h

Docker test

A Dockerfile has been configured that generates a docker container with the software dependencies, to speed up the deployment of the container a Makefile was configured.

1. Clone the repository

   git clone https://github.com/goldcod3/Ft_otp.git
   

2. Install Docker Desktop and run the app.
3. Install ‘make’ and use the Makefile for buid a container and get a bash:

   make && make exec
   

   
   

   # Build image and container
   ->> make
   # Get a bash from container
   ->> make exec
   # Build a new container
   ->> make dock
   # Build image
   ->> make image
   # Remove image and container
   ->> make fclean
   

4. When you are inside the container, two volumes will be created synchronizing the src and out with the user’s /home directory, allowing code editing and execution.

Enjoy it!

View the source code here

Project completed

Rating: