An Open Source TOTP based hardware authenticator using ESP32.
To make the experience fit your profile, pick a username and tell us what interests you.
I was always amazed at these small devices. My dad uses these to log into his work laptop, I couldn't understand how can it generate a code without being connected to any network.
I fired up google and tried to search about it, and surprisingly it used a pretty amazing concept. It had a shared key with the server and then it did some computation on the shared key and current UTC time to get a 6-digit number. So, the remote device just had to be accurate at timekeeping. It uses a algorithm called TOTP (Time based one time password), it's been standardized and there's no point in getting into the details, here's the standard if anyone wants to take a look. You can read this article on freecodecamp.org for more layman-ish approach to the whole algorithm.
First Prototype
Coming back, so I decided to implement this using ESP32, because I had a devkit lying around, and the OLED and RTC libraries were solid, and I could use WiFi to get accurate time, which is absolutely need to generate the codes, here's a picture of the first prototype.
Second Prototype
I wanted to take this to next level, make something like those RSA key id devices, but more configurable and not exactly use and throw like those and ESP32 was the right tool for it. So, I designed a PCB for the same. It was a long process, I had to handle my summer internship, finally by October I finished designing it and after getting it reviewed and rerouting again after two weeks, my PCB was ready to be ordered.
Thanks to guys at OSHpark, I got these PCBs for free, you can order it from here.
Thanks to PCBway for sponsoring the PCBA of final prototype.
You can checkout the project on PCBway here: https://www.pcbway.com/project/sponsor/Open_Authenticator.html
Details of the device
Adobe Portable Document Format - 182.60 kB - 01/21/2021 at 16:16
After a long time, I feel great to say that. The design is done down to perfection. Here are some snaps with gorgeous yellow looking 3D Printed case.
This case was designed using Fusion 360, it was super easy to get started. Soon this will launch on tindie for all those interested stay tuned :P
3D files of the case will be open sourced soon, after a few finishing touches.
A project log after so long, I was busy with academic commitments, so I couldn't log here. Sorry for the delay :)
I am done with the firmware and going to launch on tindie for small quantity. Currently working on the 3d-case, here's some spoiler for you.
Also, I have finalized logo for Open-Authenticator, let me know if you like it.
After I received the board, soldered the passive components on it. Checked for any shorts, there weren't any. Connected USB and flashed the firmware onto it, and it booted fine, except for one problem. The OLED was all white like this. I was not sure what the issue was.
I rechecked all the solder joints, and it seemed fine. Likewise, I was puzzled as to what went wrong. So, just started fiddling with the reset button and power switch, and then by some random action it started working.
Upon further investigation, I realized that there was some issue with the reset circuit. So, according to the data sheet, we need to hold the RES pin low while on power up to execute the reset on OLED, and then pull it high thereafter.
So the core problem was that the RC Circuit on the reset. The value of capacitor and resistor was too small, so the time required for charging the cap was too small, as a result RES# pin was pulled low for only
The Relevant circuit is C14 and R17, they form an RC circuit. So, after rumbling through the stock I had a dozen 310k resistors, plugged it into the equation.
It's been a month since I had ordered PCBA for final prototypes from PCBWay, and finally they are being assembled. I was sent some snaps to verify, overall the board looks good, surprisingly even the silkscreen is decent enough. I still didn't like the HASL finish board, uneven pads are clearly visible, can't blame the manufacturer, the process itself is to blame.
Some components are not soldered, as I have those in excess with me, didn't want to spend money on them when I can solder them at home relatively easily.
After getting the orders from OSHPark and assembling the board, I wrote simple apps to test all the functionality and it works like a charm. But there are certain issues in the current design, some of which to begin with are, using a OLED module, directly soldering battery wires, dirty looking silkscreen, no mouting holes, etc.
As you can see, how thick it was. Almost like a brick. It is okay for a prototype but for a professional design, big no no. So went forward with using a OLED display panel rather than a module.
Even the battery connector was awful, so swapped it with a JST-PH 2 pin connector. Moved the USB-C port further. Even the routing was a bit awful, fixed it and made the board look much better. Here are the final renders of the board.
PCB render with 3d model
PCB render without 3d models
Thanks to PCBway for sponsoring this design, you can check out the project on PCBway site and order the PCB from there
https://www.pcbway.com/project/sponsor/Open_Authenticator.html
After all the tools arrived required for soldering, it was time for some action. I started with applying solder paste on the board, since I didn't have a stencil, I used sewing needle to apply paste on to the pads, it was a cumbersome process and I had to wipe the board twice, but once I got the hang of it, all went good
I was a bit worried about TPS63001 regulator, as it was the smallest with WSON package. Next I placed components on it one by one, and then turned on the makeshift reflow oven. Preheated it till it reached 100 C and then placed the board on sand, and let it cook for some time.
As soon as the temperature reached 185, the solder started turning silvery, I let it be as such for a few minutes to make sure all joints were soldered appropriately. Then turned it off and let it cool for half a hour. Here's the final board, there were several bridges here and there, I removed all the visible ones using flux and solder wick.
Solder bridges are visible if you look closely, check on the RTC chip, USB terminal and the WSON regulator (there's a small bead). These were easily fixed, but there was a demon sitting on the ESP32 and worst part is that it was not visible to the bare eye and hence I missed it. What followed was 2 days of hell debugging, as to why the ESP32 wasn't getting flashed. It went into boot mode, but as soon as bootloader was flashed it failed to write to the flash chip, reason being a solder bridge shorting pins in the bottom row. I had to clean it up and boom, it worked like that.
Now, that ESP32 was working, I checked the other peripherals, buttons, battery charger and OLED worked fine. But the RTC just won't work, apparently reason being solder bridges on ESP32 side. But little did I know this, eventually found a short, SDA and SCL pins were shorted. So I removed the chip and replaced it, also removed the pull-up resistors, still it won't work, finally it clicked, the ESP32 side was shorted. The solder joints were invisible to eye, nevertheless, fixed it and it worked great. So, it took 3 days just to get working, only if I had used a stencil it would have been much better.
Quickly developed a basic app, to test working of the RTC and OLED. It displayed the time and battery voltage that was read from the voltage divider.
Yeah !! I assembled a 2nd board and this time, I got it running it just 2 hr.
Follow my project for more updates :)
As some of you might know, I am still a student and I have to manage costs of all these equipment/parts on a pocket money. Before doing this project, I was sure I won't be able to reflow soldering as I didn't have the skill nor did I have the money to buy costly reflow over or hot air guns. If the lockdown wasn't there I could just visit Lab in my university and my work would be done. I started looking for a cheap way to do it, and realised that reflow soldering is pretty straight forward. I thought I can simply heat the board to 190 C and it would work fine, and found a few lads doing this on youtube too.
The tools used in these are pretty cheap, so basically I used a induction cooktop, old pan and some sand. I also bought a infrared temperature gun to have a crude temperature control. Please check below to see it in action
You can see the solder melting pic.twitter.com/wIJ9j36jZf
— Vedant Paranjape (@ve0x10) December 22, 2020
And here it goes pic.twitter.com/bUUstrrpDF
— Vedant Paranjape (@ve0x10) December 22, 2020
Create an account to leave a comment. Already have an account? Log In.
Hi!
This idea is really cute, and I was thinking of doing something similar with an upcoming project of mine (more as a side-idea, but it still involves generating a TOTP token)
Did you write an ESP IDF component to generate the token?
And does it perhaps use the secure ESP storage to prevent readout of the token (which would be a bit unnecessary for something like this, but certainly a fun practice in security :>)
to follow this project and never miss any updates
please add power to this device. and a month working time on one charge