-
Notifications
You must be signed in to change notification settings - Fork 472
Help request - decode otpauth-migration://offline?data= uri #118
Comments
The data is in google's protocol buffer format and encoded with base64. Aegis is already able to decode it. It would be nice to have more official documentation like the one for otpauth. |
I wrote a brief article about the format here. That should have all the info you need to parse it. |
The syntax = "proto3";
message MigrationPayload {
enum Algorithm {
ALGORITHM_UNSPECIFIED = 0;
ALGORITHM_SHA1 = 1;
ALGORITHM_SHA256 = 2;
ALGORITHM_SHA512 = 3;
ALGORITHM_MD5 = 4;
}
enum DigitCount {
DIGIT_COUNT_UNSPECIFIED = 0;
DIGIT_COUNT_SIX = 1;
DIGIT_COUNT_EIGHT = 2;
}
enum OtpType {
OTP_TYPE_UNSPECIFIED = 0;
OTP_TYPE_HOTP = 1;
OTP_TYPE_TOTP = 2;
}
message OtpParameters {
bytes secret = 1;
string name = 2;
string issuer = 3;
Algorithm algorithm = 4;
DigitCount digits = 5;
OtpType type = 6;
int64 counter = 7;
}
repeated OtpParameters otp_parameters = 1;
int32 version = 2;
int32 batch_size = 3;
int32 batch_index = 4;
int32 batch_id = 5;
} |
Could you share how to reverse-engineer the format, thanks! |
Careful thoughts and some help from apk decompiler for the clues. As far as I can tell, the version above is correct and complete. If you like, take also look at my go implementation of link-extractor: https://github.com/dim13/otpauth |
thanks |
@dim13 You're right, I checked again and it appears I missed some stuff. While Google Authenticator certainly doesn't support the extra digits/algorithm options, I've updated my post for completeness sake. |
@alexbakker on a second thought, as it looks like, all int32 fields may be unsigned however. Not quite sure about counter filed too. |
@dim13 I've only seen negative batch id's. While more correctness would be nice, the other integers are unlikely to ever be large enough for sign to matter. |
@alexbakker You're right, I think it was a |
Hi. I want to extract my original code to use it in third party apps. But offline migration url contains some strange info that I don't know how to extract. Can anyone help extract data in such url payload?
The text was updated successfully, but these errors were encountered: