Help request - decode otpauth-migration://offline?data= uri

Question

Help request - decode otpauth-migration://offline?data= uri

hellozyemlya opened this issue 4 years ago · comments

Yevhenii Chekanskyi commented 4 years ago

Hi. I want to extract my original code to use it in third party apps. But offline migration url contains some strange info that I don't know how to extract. Can anyone help extract data in such url payload?

Omar Khashoggi · Answer 1 · Fri May 15 2020 19:40:41 GMT+0800 (China Standard Time)

The data is in google's protocol buffer format and encoded with base64.

Aegis is already able to decode it.

It would be nice to have more official documentation like the one for otpauth.

Alexander Bakker · Answer 2 · Sat May 23 2020 21:57:31 GMT+0800 (China Standard Time)

I wrote a brief article about the format here. That should have all the info you need to parse it.

Dimitri Sokolyuk · Answer 3 · Wed Jun 03 2020 09:11:29 GMT+0800 (China Standard Time)

I wrote a brief article about the format here. That should have all the info you need to parse it.

The digits field is however an enum. As far, as I could reverse-engineer the format, the proto file should read:

syntax = "proto3";

message MigrationPayload {
	enum Algorithm {
		ALGORITHM_UNSPECIFIED = 0;
		ALGORITHM_SHA1 = 1;
		ALGORITHM_SHA256 = 2;
		ALGORITHM_SHA512 = 3;
		ALGORITHM_MD5 = 4;
	}
	enum DigitCount {
		DIGIT_COUNT_UNSPECIFIED = 0;
		DIGIT_COUNT_SIX = 1;
		DIGIT_COUNT_EIGHT = 2;
	}
	enum OtpType {
		OTP_TYPE_UNSPECIFIED = 0;
		OTP_TYPE_HOTP = 1;
		OTP_TYPE_TOTP = 2;
	}
	message OtpParameters {
		bytes secret = 1;
		string name = 2;
		string issuer = 3;
		Algorithm algorithm = 4;
		DigitCount digits = 5;
		OtpType type = 6;
		int64 counter = 7;
	}
	repeated OtpParameters otp_parameters = 1;
	int32 version = 2;
	int32 batch_size = 3;
	int32 batch_index = 4;
	int32 batch_id = 5;
}

Crazygit · Answer 4 · Mon Jun 29 2020 10:18:45 GMT+0800 (China Standard Time)

as I could reverse-engineer the format,

Could you share how to reverse-engineer the format, thanks!

Dimitri Sokolyuk · Answer 5 · Tue Jun 30 2020 04:29:47 GMT+0800 (China Standard Time)

Careful thoughts and some help from apk decompiler for the clues. As far as I can tell, the version above is correct and complete.

If you like, take also look at my go implementation of link-extractor: https://github.com/dim13/otpauth

Crazygit · Answer 6 · Tue Jun 30 2020 13:55:17 GMT+0800 (China Standard Time)

Careful thoughts and some help from apk decompiler for the clues. As far as I can tell, the version above is correct and complete.

If you like, take also look at my go implementation of link-extractor: https://github.com/dim13/otpauth

thanks

Alexander Bakker · Answer 7 · Tue Dec 08 2020 04:31:43 GMT+0800 (China Standard Time)

@dim13 You're right, I checked again and it appears I missed some stuff. While Google Authenticator certainly doesn't support the extra digits/algorithm options, I've updated my post for completeness sake.

Dimitri Sokolyuk · Answer 8 · Tue Dec 08 2020 05:37:46 GMT+0800 (China Standard Time)

@alexbakker on a second thought, as it looks like, all int32 fields may be unsigned however. Not quite sure about counter filed too.
From compiled files in it is not quite clear which to choose, as they converge to same type in Java:
https://developers.google.com/protocol-buffers/docs/proto3#scalar
But I've run into negative version numbers, which indicates unsigned types.

Alexander Bakker · Answer 9 · Tue Dec 08 2020 05:59:56 GMT+0800 (China Standard Time)

@dim13 I've only seen negative batch id's. While more correctness would be nice, the other integers are unlikely to ever be large enough for sign to matter.

Dimitri Sokolyuk · Answer 10 · Tue Dec 08 2020 06:09:20 GMT+0800 (China Standard Time)

@alexbakker You're right, I think it was a batch_id, I've run into.