summaryrefslogtreecommitdiff
path: root/src/authorization/anastasis_authorization_plugin_totp.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/authorization/anastasis_authorization_plugin_totp.c')
-rw-r--r--src/authorization/anastasis_authorization_plugin_totp.c23
1 files changed, 18 insertions, 5 deletions
diff --git a/src/authorization/anastasis_authorization_plugin_totp.c b/src/authorization/anastasis_authorization_plugin_totp.c
index ee1ab3f..68e8def 100644
--- a/src/authorization/anastasis_authorization_plugin_totp.c
+++ b/src/authorization/anastasis_authorization_plugin_totp.c
@@ -141,9 +141,10 @@ compute_totp (int time_off,
struct GNUNET_TIME_Absolute now;
time_t t;
uint64_t ctr;
- uint8_t hmac[16]; /* SHA1: 16 bytes */
+ uint8_t hmac[20]; /* SHA1: 20 bytes */
now = GNUNET_TIME_absolute_get ();
+ (void) GNUNET_TIME_round_abs (&now);
while (time_off < 0)
{
now = GNUNET_TIME_absolute_subtract (now,
@@ -184,9 +185,11 @@ compute_totp (int time_off,
{
uint32_t code = 0;
+ int offset;
+ offset = hmac[sizeof (hmac) - 1] & 0x0f;
for (int count = 0; count < 4; count++)
- code += hmac[(hmac[sizeof (hmac) - 1] & 0x0f) + 3 - count] << 8 * count;
+ code |= hmac[offset + 3 - count] << (8 * count);
code &= 0x7fffffff;
#if VAR_DIGITS
@@ -237,12 +240,16 @@ totp_start (void *cls,
as->ac = ac;
as->truth_uuid = *truth_uuid;
for (int i = -TIME_INTERVAL_RANGE;
- i < TIME_INTERVAL_RANGE;
+ i <= TIME_INTERVAL_RANGE;
i++)
{
want = compute_totp (i,
data,
data_length);
+ fprintf (stderr,
+ "TOTP %d: %llu\n",
+ i,
+ (unsigned long long) want);
ANASTASIS_hash_answer (want,
&as->valid_replies[off++]);
}
@@ -309,10 +316,16 @@ totp_process (struct ANASTASIS_AUTHORIZATION_State *as,
struct GNUNET_TIME_Absolute now;
now = GNUNET_TIME_absolute_get ();
+ (void) GNUNET_TIME_round_abs (&now);
if (TALER_MHD_xmime_matches (mime,
"application/json"))
{
resp = TALER_MHD_MAKE_JSON_PACK (
+ GNUNET_JSON_pack_uint64 ("code",
+ TALER_EC_ANASTASIS_TRUTH_CHALLENGE_FAILED),
+ GNUNET_JSON_pack_string ("hint",
+ TALER_ErrorCode_get_hint (
+ TALER_EC_ANASTASIS_TRUTH_CHALLENGE_FAILED)),
GNUNET_JSON_pack_time_abs ("server_time",
now));
}
@@ -341,8 +354,8 @@ totp_process (struct ANASTASIS_AUTHORIZATION_State *as,
MHD_destroy_response (resp);
}
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
+ return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_RES_FAILED;
}