Author Topic: Authenticator App  (Read 6102 times)

0 Members and 2 Guests are viewing this topic.

Offline 1cook

  • LV1 Newcomer (Next: 20)
  • *
  • Posts: 5
  • Rating: +0/-0
    • View Profile
Authenticator App
« on: February 24, 2021, 04:47:36 am »
This is a Ti 89 program that provides 2-Factor authentication codes. It is compatible with google-authenticator.

How to get:
Download the binary (89z) on this page: https://github.com/1cook/ti89_authenticator/releases
This single binary works on the Ti-89 Titanium and the Voyage 200.

Follow the instructions in README.md: https://github.com/1cook/ti89_authenticator

Some parts of the code taken from outside sources:
Time conversion: http://howardhinnant.github.io/date_algorithms.html
SHA1: https://github.com/clibs/sha1
Base32: https://github.com/calzakk/CyoEncode

Offline Eeems

  • Mr. Dictator
  • Administrator
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 6266
  • Rating: +318/-36
  • little oof
    • View Profile
    • Eeems
Re: Authenticator App
« Reply #1 on: February 24, 2021, 10:55:35 am »
Are you planning to publish on ticalc?
/e

Offline Deep Toaster

  • So much to do, so much time, so little motivation
  • Administrator
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 8217
  • Rating: +758/-15
    • View Profile
    • ClrHome
Re: Authenticator App
« Reply #2 on: February 24, 2021, 02:32:18 pm »
Ohhh, that's a really clever use of a calculator (unfortunately not a model I have). I'd love to pull out my TI-84 for 2fa; maybe that'll be a fun project for me :)

How large does the binary come out to be?

EDIT: I see the 18 KB release now.




Offline 1cook

  • LV1 Newcomer (Next: 20)
  • *
  • Posts: 5
  • Rating: +0/-0
    • View Profile
Re: Authenticator App
« Reply #3 on: February 24, 2021, 08:43:11 pm »
Ohhh, that's a really clever use of a calculator (unfortunately not a model I have). I'd love to pull out my TI-84 for 2fa; maybe that'll be a fun project for me :)

How large does the binary come out to be?

EDIT: I see the 18 KB release now.

I'm not very familiar with programming on the z80 calculators, but I can say some things about this.
You would need to be able to do these on the calculator:
- Take the SHA1 hash for binary data as large as 64 bytes.
- Get the current time
- Read in secret keys from user input
- Store small secret keys in RAM or flash (likely as a variable)
- Display codes on the screen

I imagine that that first one will be the most difficult. You would need to use assembly language (I don't think that there is a C compiler for the Ti84 Plus, and basic is far too slow, although there is a C compiler for the color calculators). I also can't find any implementations of SHA1 in z80 assembly, so you may have to make one on your own.

From what I can remember, the Ti84 has a built in clock, the Ti83 does not. You would need to figure out if there is a particular ROM call that you can use to get the time. If not, maybe it is stored at some memory address.

If after considering all of this, you are still confident that you can write this, then you should read these specifications so you know exactly what it is that you are implementing:
- RFC 2104 HMAC: Keyed-Hashing for Message Authentication
- RFC 4226 HOTP: An HMAC-Based One-Time Password Algorithm
- RFC 6228 TOTP: Time-Based One-Time Password Algorithm
- RFC 4648 The Base16, Base32, and Base64 Data Encodings (Base32 is used to convert user input into binary secret keys)
You could also read the code that I have written, or that of some smartphone authenticator app.

Offline Xeda112358

  • they/them
  • Moderator
  • LV12 Extreme Poster (Next: 5000)
  • ************
  • Posts: 4704
  • Rating: +719/-6
  • Calc-u-lator, do doo doo do do do.
    • View Profile
Re: Authenticator App
« Reply #4 on: February 24, 2021, 09:01:12 pm »
@ACagliano just implemented sha1 and sha256 for the eZ80 calcs, so maybe Cags would be interested :P

As for the time, on the 84+ you can just read a byte from each port 0x41-0x44

Offline ACagliano

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 919
  • Rating: +32/-2
    • View Profile
    • ClrHome Productions
Re: Authenticator App
« Reply #5 on: February 24, 2021, 09:10:37 pm »
Well, me and beck are currently working on HASHLIB. It's a LibLoad compatible library that does general checksums, CRC, SHA-1, and SHA-256. That's already released, but it was done by me in C and converted to asm... Me and beckadamtheinventor (mostly him -- he's better with assembly) are re-implementing the existing routines in assembly to make them faster and smaller.

https://www.cemetech.net/downloads/files/2123/x2282

We also plan to implement a lightweight version of RSA, using an asymmetric 256-bit keypair. I've already implemented it in a python test server, now it needs to be done calc side so we can test. Essentially, the calculator would create a private key and a public key, and send that to a remote host. The remote host would do the same, sending its own public key back to the initiating calculator. Both local and remote hosts would dump the other host's pubkey into a buffer, and proceed to communicate over this psuedo-RSA framework. I say "pseudo" because RSA needs a minimum of 1024 bits to be considered secure, but this is a calculator after all...

It remains to be seen if we can feasibly pull this off without a great deal of speed-loss in transferring data.
« Last Edit: February 24, 2021, 09:16:46 pm by ACagliano »

Offline 1cook

  • LV1 Newcomer (Next: 20)
  • *
  • Posts: 5
  • Rating: +0/-0
    • View Profile
Re: Authenticator App
« Reply #6 on: February 24, 2021, 09:15:01 pm »
Are you planning to publish on ticalc?
No, sorry. They only have static file uploads and not any links to files. I would like to use github as a single place to upload source an binaries, so that I can make changes in a single place.

Offline NonstickAtom785

  • LV3 Member (Next: 100)
  • ***
  • Posts: 78
  • Rating: +4/-0
  • Just live life. Cal-cu-lat-or style!
    • View Profile
Re: Authenticator App
« Reply #7 on: February 25, 2021, 09:54:05 am »
Are you planning to publish on ticalc?
No, sorry. They only have static file uploads and not any links to files. I would like to use github as a single place to upload source an binaries, so that I can make changes in a single place.

Well you can always release major versions on TI-Calc.org. A lot of new people do go to that site.
Grammer2 is Good!

Offline Eeems

  • Mr. Dictator
  • Administrator
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 6266
  • Rating: +318/-36
  • little oof
    • View Profile
    • Eeems
Re: Authenticator App
« Reply #8 on: February 27, 2021, 06:12:34 pm »
Are you planning to publish on ticalc?
No, sorry. They only have static file uploads and not any links to files. I would like to use github as a single place to upload source an binaries, so that I can make changes in a single place.
I would recommend still putting major versions on ticalc as it's the primary location people get programs from in the calculator community.
/e

Offline 1cook

  • LV1 Newcomer (Next: 20)
  • *
  • Posts: 5
  • Rating: +0/-0
    • View Profile
Re: Authenticator App
« Reply #9 on: March 09, 2021, 06:43:54 pm »
Hi. I posted to ticalc because everyone said that I should.
https://www.ticalc.org/archives/files/fileinfo/476/47602.html

I know that I misspelled the title of the post. I can update it when I send the new release.