如何计算 R 中的谷歌身份验证器 TOTP 编号？

Question

I would like to add two-factor authentication to a shiny application, so I've been trying to work out the google authenticator implementation of TOTP in R. I can create a six-digit number, but mine doesn't match the app's. My best guess is that the SHA1 is not being executed properly, where I hash using the time-key and then use that hash as the key for a second hash.Or maybe I'm not getting the lower nibble or sign-bit mask right?

Can anyone see where I'm going wrong?

I'm using this site as a guide, including the link to his Go code: https://garbagecollected.org/2014/09/14/how-google-authenticator-works/

I've also tried digest::digest(x, algo="sha1", serialize=FALSE) , but it doesn't let me specify a key so I don't know if that can work.

library(qrcode)
library(openssl)
library(base64url)

secret <- "supersecret"
secret32 <- base64url::base32_encode(secret)
secretmsg <- paste0("otpauth://totp/R%20Authenticator%20test?secret=", secret32, "&issuer=test")
qrcode::qrcode_gen(secretmsg)

# use math to convert from raw to integer, allow for lower nibble and unsign
rawToInt <- function(x, part=NULL, bits=FALSE) {
    if(!bits) x <- rawToBits(x)
    logivect <- as.logical(x)
    if(length(part)) {
        if(part == "l") logivect <- logivect[1:4] # lower nibble
        else if(part == "m") logivect[length(logivect)] <- FALSE # mask most sig. bit
    }
    sum(2^(which(logivect)-1))
} 

# Generate a six-digit number
authenticator <- function(secret) {
    # Unix time
    n <- as.numeric(Sys.time())
    # The hash
    hmac <- openssl::sha1(secret, key=openssl::sha1(secret, key=format(n%/%30)))
    # Convert hash to raw
    hmac_raw <- charToRaw(hmac)
    # Take the last byte
    last_byte <- hmac_raw[(length(hmac_raw)-1):length(hmac_raw)]
    # Use only the first 4 bits (lower nibble), R puts least sig bits at left
    offset <- rawToInt(last_byte, part='l')
    # multiply by 2 because R reports each byte as 2 hex chars, 
    # add 1 because R indexes from 1
    offset <- (offset*2+1):(offset*2+8)
    four_bytes <- hmac_raw[offset]
    # Convert to int
    large_integer <- readBin(four_bytes, integer(), size=4)
    # Mask most sig. bit
    large_integer <- intToBits(large_integer)
    large_integer[length(large_integer)] <- as.raw(0)
    large_integer <- rawToInt(large_integer, bits=TRUE)
    small_integer <- large_integer %% 1e6
    # Make it print pretty
    nc <- nchar(small_integer)
    small_int_print <- paste0(paste0(rep(0, 6-nc), collapse=""), format(small_integer, big.mark=" "))
    # Time remaining
    remain <- round(30-n%%30)
    cat(
        remain, "seconds remaining\n",
        small_int_print, "\n"
    )
    invisible(small_integer)
}

authenticator(secret=secret)

Answer 1

Have you confirmed that the time is in sync on the server you are generating the 6 Digit Code and the Phone you are running the app on? Make sure to set up NTP op the Staging Server and sync the Time as well as possibly sync the Time in the Google Authenticator app on your phone.

From Google`s Docs:

By default, tokens are good for 30 seconds and in order to compensate for possible time-skew between the client and the server, we allow an extra token before and after the current time. If you experience problems with poor time synchronization, you can increase the window from its default size of 1:30min to about 4min.

Compare the minutes and seconds with some site links this: https://www.timeanddate.com/

Sync time on Android / iOS Google Authenticator App:

https://support.google.com/accounts/answer/185834?hl=en

Scroll to the very bottom section: "My Google Authenticator codes aren't working (Android)"