Toggle menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

TOTP4PSP

From GameBrew
Revision as of 05:43, 29 August 2024 by HydeWing (talk | contribs) (Created page with " {{Infobox PSP Homebrews |title=TOTP4PSP |image=totp4psp.jpg |description=Implementation of Time-Based One-Time Password (TOTP) on the PlayStation Portable. |author=Arthur Leung |lastupdated=2024/01/02 |type=Other Apps |format= |version=0.01 |license=ISC |download=https://dlhb.gamebrew.org/psphomebrew/totp4psp.7z |website=https://www.reddit.com/r/PSP/comments/18wfg0j/totp4psp_use_your_psp_as_an_authentication_token/ |source=https://github.com/arcyleung/TOTP4PSP/ }} TOTP4...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
TOTP4PSP
Totp4psp.jpg
General
AuthorArthur Leung
TypeOther Apps
Version0.01
LicenseISC
Last Updated2024/01/02
Links
Download
Website
Source

TOTP4PSP is a proof-of-concept application that generates Time-based One-Time Passwords (TOTP) for two-factor authentication (2FA) systems. TOTP4PSP currently supports 6-digit TOTP codes and SHA-1 hashing.

User must provide their own OTPAUTH_KEYS file with each line as a separate TOTP authenticator URI, which can be exported from Google Authenticator for example with a tool such as otpauth. The exact format is explained here and the readme; an example OTPAUTH_KEYS file is also provided for reference.

A presentation on the project is also available at the PSP Homebrew Developer Conference 2024.

Installation

Prerequisites

  • A PSP 1000, 2000, or 3000 with any Custom Firmware.
  • A Memory Stick with enough free space for the EBOOT.PBP and your keyfile.

For emulators like PPSSPP, make sure the original PSP .pgf font files are present in "C:\Program Files\PPSSPP\assets\flash0\font".

Font files can be obtained from a physical PSP's flash0:/font/ directory, as intraFont 0.31 cannot use the .pgf fonts included with PPSSPP.

Instructions

Copy EBOOT.PBP into a new game folder on the Memory Stick (e.g. ms0:/PSP/GAME/TOTP4PSP/EBOOT.PBP).

Copy OTPAUTH_KEYS into ms0:/PSP/COMMON/OTPAUTH_KEYS.

An example OTPAUTH_KEYS file is provided. Note the format:

  • Each line corresponds to one OTP provider.
  • The secret= field should contain the base32-encoded secret, not the plaintext.
  • Example: For the RFC test vector:
    • Plaintext Secret: 12345678901234567890
    • Base32 Secret: GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
  • The issuer= field is optional, but all other fields are required.

Example format for OTPAUTH_KEYS:

otpauth://totp/<name1>?algorithm=SHA1&digits=6&period=30&secret=<base32_secret1> 
otpauth://totp/<name2>?algorithm=SHA1&digits=6&issuer=<issuer2>&period=30&secret=<base32_secret2>
...

Make sure the PSP system time is correctly set in "Settings" > "Date & Time Settings". And check Daylight Saving Time settings if applicable.

OTP Parameters

The following fields and parameters are currently supported:

  • algorithm=[SHA1]
  • digits=[6]
  • period=[30s]
  • issuer=<any string>
  • secret=<base32 secret>

User guide

Launch the app from the XMB (cross-media bar) like any other homebrew application.

The screen displays up to 12 OTP codes at once but you can scroll with Up/Down on the D-Pad.

Media

TOTP 4 PSP: Time-based One-Time Password for PlayStation Portable (Arthur Leung)

Credits

BenHur for intraFont

Akagi201 for hmac-sha1 implementation

Markus Gutschke for Base32 implementation

External links

Advertising: