More actions
| TOTP4PSP | |
|---|---|
 | |
| General | |
| Author | Arthur Leung |
| Type | Other Apps |
| Version | 0.01 |
| License | ISC |
| Last Updated | 2024/01/02 |
| Links | |
| Download | |
| Website | |
| Source | |
TOTP4PSP is a proof-of-concept application that generates Time-based One-Time Passwords (TOTP) for two-factor authentication (2FA) systems. TOTP4PSP currently supports 6-digit TOTP codes and SHA-1 hashing.
User must provide their own OTPAUTH_KEYS file with each line as a separate TOTP authenticator URI, which can be exported from Google Authenticator for example with a tool such as otpauth. The exact format is explained here and the readme; an example OTPAUTH_KEYS file is also provided for reference.
A presentation on the project is also available at the PSP Homebrew Developer Conference 2024.
Installation
Prerequisites
- A PSP 1000, 2000, or 3000 with any Custom Firmware.
- A Memory Stick with enough free space for the EBOOT.PBP and your keyfile.
For emulators like PPSSPP, make sure the original PSP .pgf font files are present in "C:\Program Files\PPSSPP\assets\flash0\font".
Font files can be obtained from a physical PSP's flash0:/font/ directory, as intraFont 0.31 cannot use the .pgf fonts included with PPSSPP.
Instructions
Copy EBOOT.PBP into a new game folder on the Memory Stick (e.g. ms0:/PSP/GAME/TOTP4PSP/EBOOT.PBP).
Copy OTPAUTH_KEYS into ms0:/PSP/COMMON/OTPAUTH_KEYS.
An example OTPAUTH_KEYS file is provided. Note the format:
- Each line corresponds to one OTP provider.
- The
secret=field should contain the base32-encoded secret, not the plaintext. - Example: For the RFC test vector:
- Plaintext Secret: 12345678901234567890
- Base32 Secret: GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
- The
issuer=field is optional, but all other fields are required.
Example format for OTPAUTH_KEYS:
otpauth://totp/<name1>?algorithm=SHA1&digits=6&period=30&secret=<base32_secret1> otpauth://totp/<name2>?algorithm=SHA1&digits=6&issuer=<issuer2>&period=30&secret=<base32_secret2> ...
Make sure the PSP system time is correctly set in "Settings" > "Date & Time Settings". And check Daylight Saving Time settings if applicable.
OTP Parameters
The following fields and parameters are currently supported:
algorithm=[SHA1]digits=[6]period=[30s]issuer=<any string>secret=<base32 secret>
User guide
Launch the app from the XMB (cross-media bar) like any other homebrew application.
The screen displays up to 12 OTP codes at once but you can scroll with Up/Down on the D-Pad.
Media
TOTP 4 PSP: Time-based One-Time Password for PlayStation Portable (Arthur Leung)
Credits
BenHur for intraFont
Akagi201 for hmac-sha1 implementation
Markus Gutschke for Base32 implementation