This homebrew program implements TOTP (RFC 6238) and lets you use your PSP as a hardware token generator to many 2FA authentication systems. Other 2FA methods are weaker (SMS-based 2FA is susceptible to SIM swapping attacks for instance) and so the safest option is still to have an offline generator.
The user must provide their own OTPAUTH_KEYS file with each line as a seperate TOTP authenticator URI, which can be exported from Google Authenticator for example with a tool such as otpauth. The exact format is explained here and is discussed further under Installation; an example OTPAUTH_KEYS file is also provided for reference.
Here is a YouTube link to my PSPHDC24' talk: https://www.youtube.com/live/0rxTPSFSC-k?t=2512s
- A PSP 1000/2000/3000 with any CFW
- A memory stick and sufficient free space for EBOOT.PBP and your keyfile
- For emulators like PPSSPP: The original PSP .pgf font files should be present under "C:\Program Files\PPSSPP\assets\flash0\font", which you must copy from a physical PSP's flash0:/font/ directory, or obtain them elsewhere ;). (This is because intraFont 0.31 cannot load the "open source" .pgf alternative fonts shipped with PPSSPP)
- Copy the EBOOT.PBP into a new game folder on the memory stick ie.
ms0:/PSP/GAME/TOTP4PSP/EBOOT.PBP
- Copy the OTPAUTH_KEYS file into
ms0:/PSP/COMMON/OTPAUTH_KEYS
An example OTPAUTH_KEYS is provided for reference, please note the following format:
- one line per OTP provider
secret=
field is the base32 encoded representation of the secret, and not the plaintext secret itself!- Ex. Using the RFC doc's test vector example:
Plaintext Secret:12345678901234567890
-> Base32 Secret:GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
- Ex. Using the RFC doc's test vector example:
issuer=
field is optional, everything else is required
OTPAUTH_KEYS
otpauth://totp/<name1>?algorithm=SHA1&digits=6&period=30&secret=<base32_secret1>
otpauth://totp/<name2>?algorithm=SHA1&digits=6&issuer=<issuer2>&period=30&secret=<base32_secret2>
...
- Ensure the system time of the PSP is correctly set in "Settings" > "Date & Time Settings", either set manually or via internet, and also paying attention to whether Daylight Saving Time is enabled.
- Launch the app from the XMB as you would with any homebrew. The screen displays up to 12 OTP codes at once but you can scroll with Up/Down on the Dpad.
The following fields and parameters are currently supported:
algorithm=[SHA1] <- TODO: Implement SHA256|SHA512
digits=[6] <- TODO: Implement 8 digits
period=[30s] <- TODO: Implement 60s
issuer=<any string> <- TODO: Display it in some useful way
secret=<base32 secret>
Prerequisites: a working installation of the psptoolchain (psp-gcc)
- Clone this repo and its submodules with
git clone --recurse-submodules https://github.com/arcyleung/TOTP4PSP.git TOTP4PSP/
cd ./TOTP4PSP
- Verify that
psp-gcc
is accessible in your current shell (psptoolchain should have set up your PATH automatically) - Run
make
and use the generatedEBOOT.PBP
for the steps in Installation
BenHur for intraFont
Akagi201 for hmac-sha1 implementation
Markus Gutschke for Base32 implementation
Please reach out at [email protected] for feature requests or consider supporting my work over at ko-fi.