From 32722eb3a03d80b7052d5dc9a51b8a937878d245 Mon Sep 17 00:00:00 2001 From: Matheus Afonso Martins Moreira Date: Wed, 20 Mar 2024 11:35:58 -0300 Subject: [PATCH] faces/totp: avoid displaying when key is invalid Fixes a division by zero bug caused by calling getCodeFromTimestamp without having initialized the TOTP library with a secret first. This was happening because the face calls totp_display on activation, meaning the validity of the secret was not checked since this is done in the generate function. Now the validity of the key is determined solely by the size of the current decoded key. A general display function checks it and decides whether to display the code or just the error message. The size of the current decoded key is initialized to zero on watch face activation, ensuring fail safe operation. Tested-by: Matheus Afonso Martins Moreira Tested-on-hardware-by: madhogs <59648482+madhogs@users.noreply.github.com> Signed-off-by: Matheus Afonso Martins Moreira GitHub-Pull-Request: https://github.com/joeycastillo/Sensor-Watch/pull/385 --- movement/watch_faces/complication/totp_face.c | 22 +++++++++++-------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/movement/watch_faces/complication/totp_face.c b/movement/watch_faces/complication/totp_face.c index 2938337e8..a593e9c91 100644 --- a/movement/watch_faces/complication/totp_face.c +++ b/movement/watch_faces/complication/totp_face.c @@ -94,12 +94,13 @@ static void totp_validate_key_lengths(void) { } } -static bool totp_generate(totp_state_t *totp_state) { +static void totp_generate(totp_state_t *totp_state) { totp_t *totp = totp_current(totp_state); if (totp->encoded_key_length <= 0) { // Key exceeded static limits and was turned off - return false; + totp_state->current_decoded_key_length = 0; + return; } totp_state->current_decoded_key_length = base32_decode(totp->encoded_key, totp_state->current_decoded_key); @@ -107,7 +108,7 @@ static bool totp_generate(totp_state_t *totp_state) { if (totp_state->current_decoded_key_length == 0) { // Decoding failed for some reason // Not a base 32 string? - return false; + return; } TOTP( @@ -116,8 +117,6 @@ static bool totp_generate(totp_state_t *totp_state) { totp->period, totp->algorithm ); - - return true; } static void totp_display_error(totp_state_t *totp_state) { @@ -128,7 +127,7 @@ static void totp_display_error(totp_state_t *totp_state) { watch_display_string(buf, 0); } -static void totp_display(totp_state_t *totp_state) { +static void totp_display_code(totp_state_t *totp_state) { char buf[14]; div_t result; uint8_t valid_for; @@ -145,14 +144,19 @@ static void totp_display(totp_state_t *totp_state) { watch_display_string(buf, 0); } -static void totp_generate_and_display(totp_state_t *totp_state) { - if (totp_generate(totp_state)) { - totp_display(totp_state); +static void totp_display(totp_state_t *totp_state) { + if (totp_state->current_decoded_key_length > 0) { + totp_display_code(totp_state); } else { totp_display_error(totp_state); } } +static void totp_generate_and_display(totp_state_t *totp_state) { + totp_generate(totp_state); + totp_display(totp_state); +} + static inline uint32_t totp_compute_base_timestamp(movement_settings_t *settings) { return watch_utility_date_time_to_unix_time(watch_rtc_get_date_time(), movement_timezone_offsets[settings->bit.time_zone] * 60); }