Implement FreeOTP+ exporter (#384)

Author: replydev

.github/workflows/build.yml

@@ -3,7 +3,7 @@ on:
   pull_request:
   push:
     branches:
-      - master
+      - main
 
 jobs:
   lints:

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "cotp"
-version = "1.3.0"
+version = "1.4.0"
 authors = ["replydev <[email protected]>"]
 edition = "2021"
 description = "Trustworthy, encrypted, command-line TOTP/HOTP authenticator app with import functionality."
@@ -29,7 +29,6 @@ strip = "symbols"
 [dependencies]
 serde = { version = "1.0.196", features = ["derive"] }
 serde_json = "1.0.113"
-serde = { version = "1.0.195", features = ["derive"] }
 dirs = "5.0.1"
 rpassword = "7.3.1"
 data-encoding = "2.5.0"

Cargo.toml

@@ -200,6 +200,10 @@ pub struct ExportFormat {
     /// Export into an OTP URI
     #[arg(short, long = "otp-uri")]
     pub otp_uri: bool,
+
+    /// Export into the FreeOTP+ database format
+    #[arg(short, long = "freeotp-plus")]
+    pub freeotp_plus: bool,
 }
 
 impl Default for ExportFormat {
@@ -208,6 +212,7 @@ impl Default for ExportFormat {
             cotp: true,
             andotp: false,
             otp_uri: false,
+            freeotp_plus: false,
         }
     }
 }

src/args.rs

@@ -149,6 +149,9 @@ pub fn export(matches: ExportArgs, database: OTPDatabase) -> color_eyre::Result<
     } else if export_format.otp_uri {
         let otp_uri_list: OtpUriList = (&database).into();
         do_export(&otp_uri_list, exported_path)
+    } else if export_format.freeotp_plus {
+        let freeotp_plus: FreeOTPPlusJson = (&database).try_into()?;
+        do_export(&freeotp_plus, exported_path)
     } else {
         unreachable!("Unreachable code");
     }

src/argument_functions.rs

@@ -0,0 +1,42 @@
+use color_eyre::eyre::{ErrReport, Result};
+use data_encoding::BASE32_NOPAD;
+
+use crate::{
+    importers::freeotp_plus::{FreeOTPElement, FreeOTPPlusJson},
+    otp::otp_element::{OTPDatabase, OTPElement},
+};
+
+impl TryFrom<&OTPDatabase> for FreeOTPPlusJson {
+    type Error = ErrReport;
+    fn try_from(otp_database: &OTPDatabase) -> Result<Self, Self::Error> {
+        otp_database
+            .elements
+            .iter()
+            .map(|e| e.try_into())
+            .collect::<Result<Vec<FreeOTPElement>, ErrReport>>()
+            .map(FreeOTPPlusJson::new)
+    }
+}
+
+impl TryFrom<&OTPElement> for FreeOTPElement {
+    type Error = ErrReport;
+    fn try_from(otp_element: &OTPElement) -> Result<Self, Self::Error> {
+        Ok(FreeOTPElement {
+            secret: decode_secret(otp_element.secret.clone())?,
+            algo: otp_element.algorithm.to_string(),
+            counter: otp_element.counter.unwrap_or(0),
+            digits: otp_element.digits,
+            issuer_ext: otp_element.issuer.clone(),
+            _label: otp_element.label.clone(),
+            period: otp_element.period,
+            _type: otp_element.type_.to_string(),
+        })
+    }
+}
+
+fn decode_secret(secret: String) -> Result<Vec<i8>> {
+    BASE32_NOPAD
+        .decode(secret.as_bytes())
+        .map(|v| v.into_iter().map(|n| n as i8).collect::<Vec<i8>>())
+        .map_err(ErrReport::from)
+}

src/exporters/freeotp_plus.rs

@@ -4,6 +4,7 @@ use serde::Serialize;
 use zeroize::Zeroize;
 
 pub mod andotp;
+pub mod freeotp_plus;
 pub mod otp_uri;
 
 pub fn do_export<T>(to_be_saved: &T, exported_path: PathBuf) -> Result<PathBuf, String>

src/exporters/mod.rs

@@ -1,28 +1,49 @@
 use data_encoding::BASE32_NOPAD;
-use serde::Deserialize;
+use serde::{Deserialize, Serialize};
 
 use crate::otp::{otp_algorithm::OTPAlgorithm, otp_element::OTPElement, otp_type::OTPType};
 
-#[derive(Deserialize)]
+#[derive(Serialize, Deserialize)]
 pub struct FreeOTPPlusJson {
     #[serde(rename = "tokenOrder")]
     token_order: Vec<String>,
     tokens: Vec<FreeOTPElement>,
 }
 
-#[derive(Deserialize)]
-struct FreeOTPElement {
-    algo: String,
-    counter: u64,
-    digits: u64,
+impl FreeOTPPlusJson {
+    /// Creates a new instance of FreeOTPPlusJSON. Currently we clone the tokens label to retrieve the tokens order.
+    pub fn new(tokens: Vec<FreeOTPElement>) -> Self {
+        let token_order: Vec<String> = tokens
+            .iter()
+            .map(|e| {
+                if e.issuer_ext.is_empty() {
+                    e._label.clone()
+                } else {
+                    format!("{}:{}", e.issuer_ext, e._label)
+                }
+            })
+            .collect();
+
+        Self {
+            token_order,
+            tokens,
+        }
+    }
+}
+
+#[derive(Serialize, Deserialize, PartialEq, Debug)]
+pub struct FreeOTPElement {
+    pub algo: String,
+    pub counter: u64,
+    pub digits: u64,
     #[serde(rename = "issuerExt")]
-    issuer_ext: String,
+    pub issuer_ext: String,
     #[serde(rename = "label")]
-    _label: String,
-    period: u64,
-    secret: Vec<i8>,
+    pub _label: String,
+    pub period: u64,
+    pub secret: Vec<i8>,
     #[serde(rename = "type")]
-    _type: String,
+    pub _type: String,
 }
 
 impl From<FreeOTPElement> for OTPElement {
@@ -49,20 +70,7 @@ impl From<FreeOTPElement> for OTPElement {
 impl TryFrom<FreeOTPPlusJson> for Vec<OTPElement> {
     type Error = String;
     fn try_from(freeotp: FreeOTPPlusJson) -> Result<Self, Self::Error> {
-        Ok(freeotp
-            .tokens
-            .into_iter()
-            .enumerate()
-            .map(|(i, mut token)| {
-                token._label = freeotp
-                    .token_order
-                    .get(i)
-                    .unwrap_or(&String::from("No Label"))
-                    .to_owned();
-                token
-            })
-            .map(|e| e.into())
-            .collect())
+        Ok(freeotp.tokens.into_iter().map(|e| e.into()).collect())
     }
 }
 
@@ -78,7 +86,19 @@ fn encode_secret(secret: &[i8]) -> String {
 
 #[cfg(test)]
 mod tests {
-    use super::encode_secret;
+    use std::path::PathBuf;
+
+    use crate::{
+        importers::{freeotp_plus::FreeOTPElement, importer::import_from_path},
+        otp::{otp_algorithm::OTPAlgorithm, otp_element::OTPElement, otp_type::OTPType},
+    };
+
+    use std::fs;
+
+    use crate::otp::otp_element::OTPDatabase;
+    use color_eyre::Result;
+
+    use super::{encode_secret, FreeOTPPlusJson};
 
     #[test]
     fn test_secret_conversion() {
@@ -92,4 +112,97 @@ mod tests {
             String::from("3ZUNXX2SU6RZP4QFMS32YAILJFS2I2T2UZXYSHSX7IIMPAQZAC753NG2")
         );
     }
+
+    #[test]
+    fn test_conversion() {
+        let imported = import_from_path::<FreeOTPPlusJson>(PathBuf::from(
+            "test_samples/freeotp_plus_example1.json",
+        ));
+
+        assert_eq!(
+            vec![
+                OTPElement {
+                    secret: "AAAAAAAAAAAAAAAA".to_string(),
+                    issuer: "Example2".to_string(),
+                    label: "Label2".to_string(),
+                    digits: 6,
+                    type_: OTPType::Totp,
+                    algorithm: OTPAlgorithm::Sha1,
+                    period: 30,
+                    counter: None,
+                    pin: None
+                },
+                OTPElement {
+                    secret: "AAAAAAAA".to_string(),
+                    issuer: "Example1".to_string(),
+                    label: "Label1".to_string(),
+                    digits: 6,
+                    type_: OTPType::Totp,
+                    algorithm: OTPAlgorithm::Sha256,
+                    period: 30,
+                    counter: None,
+                    pin: None
+                }
+            ],
+            imported.unwrap()
+        )
+    }
+
+    #[test]
+    fn test_freeotp_export() {
+        // Arrange
+        let input_json: String = fs::read_to_string(PathBuf::from("test_samples/cotp_input.json"))
+            .expect("Cannot read input file for test");
+        let input_cotp_database: OTPDatabase =
+            serde_json::from_str(input_json.as_str()).expect("Cannot deserialize into input JSON");
+
+        // Act
+        let converted: Result<FreeOTPPlusJson> = (&input_cotp_database).try_into();
+
+        // Assert
+        let free_otp = converted.unwrap();
+
+        assert_eq!(
+            vec!["label1".to_string(), "ciccio:label2".to_string()],
+            free_otp.token_order
+        );
+
+        assert_eq!(
+            vec![
+                FreeOTPElement {
+                    algo: "SHA1".to_string(),
+                    counter: 0,
+                    digits: 6,
+                    issuer_ext: String::default(),
+                    _label: "label1".to_string(),
+                    period: 30,
+                    secret: vec![
+                        7, -40, 73, 126, -112, -25, 37, 28, 72, -39, 115, 50, -127, 46, 74, 117,
+                        -40, 124, -109, 58, -19, 54, 35, 117, -120, -106, -40, -39, -116, 107,
+                        -123, 127, 111, -93, -71, 6, 92, -116, 31, 4, 103, -59, 75, -106, 57, 54,
+                        -3, 104, 103, -26, -57, 59, -69, 98, -16, -102, 91, 89, 98, 90, -100, -21,
+                        44, 28, -105, -45, 92, -128, 82, 30, -23, -105, -30, 91, 17, -51, 24, -7,
+                        -61, 75, -38, -116, -122, 106, 79, 37, 82, -62, -125, -30, -27, 116, 116,
+                        82, -55, 72, 87, 41, 15, -25, -27, 65, 6, -104, 49, -26, -111, 10
+                    ],
+                    _type: "TOTP".to_string()
+                },
+                FreeOTPElement {
+                    algo: "SHA256".to_string(),
+                    counter: 3,
+                    digits: 6,
+                    issuer_ext: "ciccio".to_string(),
+                    _label: "label2".to_string(),
+                    period: 30,
+                    secret: vec![
+                        35, -75, 13, 47, -2, -128, -100, -27, 64, -115, -72, 14, -78, -122, 88, 62,
+                        -32, 57, 37, -111, 90, -70, -58, -15, -113, 111, -94, 91, -90, 90, -91, 61,
+                        -9, -23, 54, 4, -31, -93, -8, -9, 27, 125, -21, 112, -80, -30, 64, 46, 10
+                    ],
+                    _type: "HOTP".to_string()
+                }
+            ],
+            free_otp.tokens
+        )
+    }
 }

src/importers/freeotp_plus.rs

@@ -15,7 +15,13 @@ pub enum OTPAlgorithm {
 
 impl fmt::Display for OTPAlgorithm {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-        write!(f, "{self:?}")
+        let to_string = match self {
+            OTPAlgorithm::Sha1 => "SHA1",
+            OTPAlgorithm::Sha256 => "SHA256",
+            OTPAlgorithm::Sha512 => "SHA512",
+            OTPAlgorithm::Md5 => "MD5",
+        };
+        write!(f, "{to_string}")
     }
 }
 

src/otp/otp_algorithm.rs

@@ -26,7 +26,14 @@ pub enum OTPType {
 
 impl fmt::Display for OTPType {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-        write!(f, "{self:?}")
+        let to_string = match self {
+            OTPType::Totp => "TOTP",
+            OTPType::Hotp => "HOTP",
+            OTPType::Steam => "STEAM",
+            OTPType::Yandex => "YANDEX",
+            OTPType::Motp => "MOTP",
+        };
+        write!(f, "{to_string}")
     }
 }
 

src/otp/otp_type.rs

@@ -0,0 +1,27 @@
+{
+    "version": 2,
+    "elements": [
+      {
+        "secret": "A7MES7UQ44SRYSGZOMZICLSKOXMHZEZ25U3CG5MIS3MNTDDLQV7W7I5ZAZOIYHYEM7CUXFRZG36WQZ7GY453WYXQTJNVSYS2TTVSYHEX2NOIAUQ65GL6EWYRZUMPTQ2L3KGIM2SPEVJMFA7C4V2HIUWJJBLSSD7H4VAQNGBR42IQU",
+        "issuer": "",
+        "label": "label1",
+        "digits": 6,
+        "type": "TOTP",
+        "algorithm": "SHA1",
+        "period": 30,
+        "counter": null,
+        "pin": null
+      },
+      {
+        "secret": "EO2Q2L76QCOOKQENXAHLFBSYH3QDSJMRLK5MN4MPN6RFXJS2UU67P2JWATQ2H6HXDN66W4FQ4JAC4CQ",
+        "issuer": "ciccio",
+        "label": "label2",
+        "digits": 6,
+        "type": "HOTP",
+        "algorithm": "SHA256",
+        "period": 30,
+        "counter": 3,
+        "pin": null
+      }
+    ]
+  }