inabox/InABox.Core/Authenticator.cs

using System;
using System.Linq;
using System.Security.Cryptography;

namespace InABox.Core
{
    public static class Authenticator
    {
        
        public static readonly int CODE_LENGTH = 6;
        
        private static readonly int CODE_MODULO = (int)Math.Pow(10, CODE_LENGTH);
        
        private static byte[] FromHexString(string hex) {
            if (hex.Length % 2 == 1)
                throw new Exception("The binary key cannot have an odd number of digits");
        
            byte[] arr = new byte[hex.Length >> 1];
        
            for (int i = 0; i < hex.Length >> 1; ++i)
            {
                arr[i] = (byte)((GetHexVal(hex[i << 1]) << 4) + (GetHexVal(hex[(i << 1) + 1])));
            }
        
            return arr;
        }
        
        public static int GetHexVal(char hex) {
            int val = (int)hex;
            //For uppercase A-F letters:
            //return val - (val < 58 ? 48 : 55);
            //For lowercase a-f letters:
            //return val - (val < 58 ? 48 : 87);
            //Or the two combined, but a bit slower:
            return val - (val < 58 ? 48 : (val < 97 ? 55 : 87));
        }

        public static string GenerateGoogleAuthenticatorCode(byte[] key)
        {
            var _time = DateTimeOffset.Now.ToUnixTimeSeconds();
            return GenerateGoogleAuthenticatorCode(_time, key);
        }
        
        private static string GenerateGoogleAuthenticatorCode(long time, byte[] key)
        {
            var _window = time / 30;
            var _hex = _window.ToString("x");
            if (_hex.Length < 16)
            {
                _hex = _hex.PadLeft(16, '0');
            }
            var _bytes = FromHexString(_hex);
            var _hash = new HMACSHA1(key).ComputeHash(_bytes);

            var _offset = _hash.Last() & 0xf;
            var _selected = new byte[4];
            Buffer.BlockCopy(_hash, _offset, _selected, 0, 4);
            if (BitConverter.IsLittleEndian)
            {
                Array.Reverse(_selected);
            }

            var _integer = BitConverter.ToInt32(_selected, 0);
            var _truncated = _integer & 0x7fffffff;

            return (_truncated % CODE_MODULO).ToString().PadLeft(CODE_LENGTH, '0');
        }

        public static bool CheckAuthenticationCode(byte[] key, string code)
        {
            
            var _time = DateTimeOffset.Now.ToUnixTimeSeconds();
            for (long _l = _time - 30; _l <= _time; _l += 30)
            {
                if(GenerateGoogleAuthenticatorCode(_l, key) == code)
                {
                    return true;
                }
            }
            return false;
        }
    }
}