Toggle menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

TOTP4PSP

From GameBrew
TOTP4PSP
Totp4psp.jpg
General
AuthorArthur Leung
TypeOther Apps
Version0.01
LicenseISC
Last Updated2024/01/02
Links
Download
Website
Source

TOTP4PSP is a proof-of-concept application that generates Time-based One-Time Passwords (TOTP) for two-factor authentication (2FA) systems. TOTP4PSP currently supports 6-digit TOTP codes and SHA-1 hashing.

User must provide their own OTPAUTH_KEYS file with each line as a separate TOTP authenticator URI, which can be exported from Google Authenticator for example with a tool such as otpauth. The exact format is explained here and the readme; an example OTPAUTH_KEYS file is also provided for reference.

A presentation on the project is also available at the PSP Homebrew Developer Conference 2024.

Installation

Prerequisites

  • A PSP 1000, 2000, or 3000 with any Custom Firmware.
  • A Memory Stick with enough free space for the EBOOT.PBP and your keyfile.

For emulators like PPSSPP, make sure the original PSP .pgf font files are present in "C:\Program Files\PPSSPP\assets\flash0\font".

Font files can be obtained from a physical PSP's flash0:/font/ directory, as intraFont 0.31 cannot use the .pgf fonts included with PPSSPP.

Instructions

Copy EBOOT.PBP into a new game folder on the Memory Stick (e.g. ms0:/PSP/GAME/TOTP4PSP/EBOOT.PBP).

Copy OTPAUTH_KEYS into ms0:/PSP/COMMON/OTPAUTH_KEYS.

An example OTPAUTH_KEYS file is provided. Note the format:

  • Each line corresponds to one OTP provider.
  • The secret= field should contain the base32-encoded secret, not the plaintext.
  • Example: For the RFC test vector:
    • Plaintext Secret: 12345678901234567890
    • Base32 Secret: GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
  • The issuer= field is optional, but all other fields are required.

Example format for OTPAUTH_KEYS:

otpauth://totp/<name1>?algorithm=SHA1&digits=6&period=30&secret=<base32_secret1> 
otpauth://totp/<name2>?algorithm=SHA1&digits=6&issuer=<issuer2>&period=30&secret=<base32_secret2>
...

Make sure the PSP system time is correctly set in "Settings" > "Date & Time Settings". And check Daylight Saving Time settings if applicable.

OTP Parameters

The following fields and parameters are currently supported:

  • algorithm=[SHA1]
  • digits=[6]
  • period=[30s]
  • issuer=<any string>
  • secret=<base32 secret>

User guide

Launch the app from the XMB (cross-media bar) like any other homebrew application.

The screen displays up to 12 OTP codes at once but you can scroll with Up/Down on the D-Pad.

Media

TOTP 4 PSP: Time-based One-Time Password for PlayStation Portable (Arthur Leung)

Credits

BenHur for intraFont

Akagi201 for hmac-sha1 implementation

Markus Gutschke for Base32 implementation

External links

Advertising: