Uploaded image for project: 'Triplesec'
  1. Triplesec
  2. DIRTSEC-4

Offset value set to 0 when extracting DBC from hmac-sha1 output

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:
      JavaME mobile phone platform and validation server.

      Description

      Hotp.java class implements RFC4226 "HOTP: An HMAC-Based One-Time Password Algorithm".
      In that class,

      hotp.generate(secret, counter, digits) uses
      int offset = 0;

      Section 5.4 from RFC
      "The following code example describes the extraction of a dynamic
      binary code given that hmac_result is a byte array with the HMACSHA-1 result:
      int offset = hmac_result[19] & 0xf ;
      int bin_code = (hmac_result[offset] & 0x7f) << 24

      (hmac_result[offset+1] & 0xff) << 16
      (hmac_result[offset+2] & 0xff) << 8
      (hmac_result[offset+3] & 0xff)
      "

      that is, the offset is the least significant nibble from the last byte of
      hotp.stepOne() output (the 20 bytes from hmac-sha1(k,c))

      Solved by setting offset to this value

      int offset = hmac_result[19] & 0xf;

        Attachments

        1. DIRTSEC-4-1.patch
          0.6 kB
          javier tellez

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              aviguille javier tellez
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: