otpcli/cli.c

/*
 * otpcli - command-line interface for HOTP and TOTP
 * Written in 2020-2021 by Lucas
 *
 * To the extent possible under law, the author(s) have dedicated all
 * copyright and related and neighboring rights to this software to the
 * public domain worldwide. This software is distributed without any
 * warranty.
 *
 * You should have received a copy of the CC0 Public Domain Dedication
 * along with this software. If not, see
 * <http://creativecommons.org/publicdomain/zero/1.0/>.
 */

#include <errno.h>
#include <inttypes.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

#include "base32.h"
#include "err.h"
#include "strtonum.h"
#include "otp.h"

extern const char *__progname;

static void
usage(void)
{
	fprintf(stderr, "Usage:\n"
	    "    %s [-a HMAC] [-d digits] -H counter SECRET\n"
	    "    %s [-a HMAC] [-d digits] [-p period] [-T time] SECRET\n",
	    __progname, __progname);
	exit(1);
}

int
main(int argc, char *argv[])
{
	const char *errstr;
	unsigned char *secret;
	char *in, *line;
	struct otpcfg otpcfg;
	size_t inlen, linesz;
	ssize_t linelen;
	uint64_t counter;
	unsigned int period;
	int32_t r;
	int ch, digits, do_hotp, do_totp, secretlen;
	enum otp_hmac hmac;

	counter = (uint64_t)time(NULL);
	digits = 6;
	do_hotp = do_totp = 0;
	hmac = OTP_HMAC_SHA1;
	period = 30;
	while ((ch = getopt(argc, argv, "a:d:H:p:T:")) != -1) {
		switch (ch) {
		case 'a':
			if (strcasecmp(optarg, "sha1") == 0)
				hmac = OTP_HMAC_SHA1;
			else if (strcasecmp(optarg, "sha256") == 0)
				hmac = OTP_HMAC_SHA256;
			else if (strcasecmp(optarg, "sha512") == 0)
				hmac = OTP_HMAC_SHA512;
			else
				usage();
			break;
		case 'd':
			digits = strtonum(optarg, 6, 10, &errstr);
			if (errstr != NULL)
				errx(1, "digits is %s: %s", errstr, optarg);
			break;
		case 'H':
			counter = strtonum(optarg, 0, LLONG_MAX, &errstr);
			if (errstr != NULL)
				errx(1, "counter is %s: %s", errstr, optarg);
			do_hotp = 1;
			break;
		case 'p':
			period = strtonum(optarg, 1, UINT_MAX, &errstr);
			if (errstr != NULL)
				errx(1, "period is %s: %s", errstr, optarg);
			break;
		case 'T':
			counter = strtonum(optarg, 0, LLONG_MAX, &errstr);
			if (errstr != NULL)
				errx(1, "counter is %s: %s", errstr, optarg);
			do_totp = 1;
			break;
		default:
			usage();
		}
	}
	argc -= optind;
	argv += optind;

	if (do_hotp && do_totp) {
		warnx("-H and -T are mutually exclusive");
		usage();
	}

	if (argc > 1)
		usage();

	if (argc == 1) {
		in = argv[0];
		inlen = strlen(in);
	} else {
		line = NULL;
		linesz = 0;
		linelen = getline(&line, &linesz, stdin);
		if (linelen == -1 && ferror(stdin))
			err(1, "getline");
		if (linelen > 0 && line[linelen - 1] == '\n') {
			line[linelen - 1] = '\0';
			linelen--;
		}
		in = line;
		inlen = linelen;
	}

	secretlen = b32_decoded_len(in, inlen);
	if (secretlen == -1)
		errx(1, "invalid base32 string: %s", in);
	secret = malloc(secretlen);
	if (secret == NULL)
		err(1, "malloc");
	if (!b32_decode(secret, secretlen, in, inlen))
		errx(1, "error decoding base32 string");

	otpcfg.algorithm = hmac;
	otpcfg.digits = digits;
	otpcfg.secret = secret;
	otpcfg.secretlen = secretlen;
	if (do_hotp) {
		otpcfg.type = OTP_HOTP;
		otpcfg.u.hotp.counter = counter;
	} else {
		otpcfg.type = OTP_TOTP;
		otpcfg.u.totp.time = counter;
		otpcfg.u.totp.period = period;
	}

	r = otp(&otpcfg);
	free(secret);
	if (r == -1)
		errx(1, "couldn't calculate %cOTP", do_hotp ? 'H' : 'T');
	printf("%0*" PRId32 "\n", digits, r);

	return 0;
}
Initial commit 2020-06-14 05:23:29 +02:00			`/*`
Fixes regarding CC0 license headers 2021-02-13 00:05:40 +01:00			`* otpcli - command-line interface for HOTP and TOTP`
Rework copyright notices While at it, rename mystrtonum.[ch] to strtonum.[ch]. 2021-02-11 22:02:02 +01:00			`* Written in 2020-2021 by Lucas`
Initial commit 2020-06-14 05:23:29 +02:00			`*`
			`* To the extent possible under law, the author(s) have dedicated all`
			`* copyright and related and neighboring rights to this software to the`
			`* public domain worldwide. This software is distributed without any`
			`* warranty.`
			`*`
			`* You should have received a copy of the CC0 Public Domain Dedication`
			`* along with this software. If not, see`
			`* <http://creativecommons.org/publicdomain/zero/1.0/>.`
			`*/`

Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`#include <errno.h>`
			`#include <inttypes.h>`
			`#include <limits.h>`
Initial commit 2020-06-14 05:23:29 +02:00			`#include <stdio.h>`
			`#include <stdlib.h>`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`#include <string.h>`
Default counter to current seconds since epoch 2020-06-14 20:11:59 +02:00			`#include <time.h>`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`#include <unistd.h>`
Initial commit 2020-06-14 05:23:29 +02:00
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`#include "base32.h"`
Initial commit 2020-06-14 05:23:29 +02:00			`#include "err.h"`
Rework copyright notices While at it, rename mystrtonum.[ch] to strtonum.[ch]. 2021-02-11 22:02:02 +01:00			`#include "strtonum.h"`
Initial commit 2020-06-14 05:23:29 +02:00			`#include "otp.h"`

Small update to err.[ch] 2020-06-14 17:00:33 +02:00			`extern const char *__progname;`

Initial commit 2020-06-14 05:23:29 +02:00			`static void`
			`usage(void)`
			`{`
Add -h flag for using a HMAC other than SHA1 2020-06-14 19:57:42 +02:00			`fprintf(stderr, "Usage:\n"`
Change -h to -a 2021-02-12 02:41:54 +01:00			`" %s [-a HMAC] [-d digits] -H counter SECRET\n"`
			`" %s [-a HMAC] [-d digits] [-p period] [-T time] SECRET\n",`
Add options for configuring digits and time step Default digits to 6 and time step to 30 seconds. This implies passing `-d 8' to all TOTP test cases. 2020-06-14 20:06:25 +02:00			`__progname, __progname);`
Initial commit 2020-06-14 05:23:29 +02:00			`exit(1);`
			`}`

			`int`
			`main(int argc, char *argv[])`
			`{`
Use strtonum-like functions for parsing numeric arguments 2020-06-14 17:15:29 +02:00			`const char *errstr;`
cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`unsigned char *secret;`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`char in, line;`
Provide a single OTP function that accepts a configuration struct 2021-02-16 17:59:56 +01:00			`struct otpcfg otpcfg;`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`size_t inlen, linesz;`
Use getline 2021-02-12 00:13:08 +01:00			`ssize_t linelen;`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`uint64_t counter;`
Rename step -> period 2021-02-12 02:38:22 +01:00			`unsigned int period;`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`int32_t r;`
cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`int ch, digits, do_hotp, do_totp, secretlen;`
Add -h flag for using a HMAC other than SHA1 2020-06-14 19:57:42 +02:00			`enum otp_hmac hmac;`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00
Default counter to current seconds since epoch 2020-06-14 20:11:59 +02:00			`counter = (uint64_t)time(NULL);`
Add options for configuring digits and time step Default digits to 6 and time step to 30 seconds. This implies passing `-d 8' to all TOTP test cases. 2020-06-14 20:06:25 +02:00			`digits = 6;`
Be noisy when both -H and -T are given 2020-06-14 20:23:14 +02:00			`do_hotp = do_totp = 0;`
Add -h flag for using a HMAC other than SHA1 2020-06-14 19:57:42 +02:00			`hmac = OTP_HMAC_SHA1;`
Rename step -> period 2021-02-12 02:38:22 +01:00			`period = 30;`
Change -h to -a 2021-02-12 02:41:54 +01:00			`while ((ch = getopt(argc, argv, "a:d:H:p:T:")) != -1) {`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`switch (ch) {`
Change -h to -a 2021-02-12 02:41:54 +01:00			`case 'a':`
			`if (strcasecmp(optarg, "sha1") == 0)`
			`hmac = OTP_HMAC_SHA1;`
			`else if (strcasecmp(optarg, "sha256") == 0)`
			`hmac = OTP_HMAC_SHA256;`
			`else if (strcasecmp(optarg, "sha512") == 0)`
			`hmac = OTP_HMAC_SHA512;`
			`else`
			`usage();`
			`break;`
Add options for configuring digits and time step Default digits to 6 and time step to 30 seconds. This implies passing `-d 8' to all TOTP test cases. 2020-06-14 20:06:25 +02:00			`case 'd':`
Rework copyright notices While at it, rename mystrtonum.[ch] to strtonum.[ch]. 2021-02-11 22:02:02 +01:00			`digits = strtonum(optarg, 6, 10, &errstr);`
Add options for configuring digits and time step Default digits to 6 and time step to 30 seconds. This implies passing `-d 8' to all TOTP test cases. 2020-06-14 20:06:25 +02:00			`if (errstr != NULL)`
			`errx(1, "digits is %s: %s", errstr, optarg);`
			`break;`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`case 'H':`
Rework copyright notices While at it, rename mystrtonum.[ch] to strtonum.[ch]. 2021-02-11 22:02:02 +01:00			`counter = strtonum(optarg, 0, LLONG_MAX, &errstr);`
Use strtonum-like functions for parsing numeric arguments 2020-06-14 17:15:29 +02:00			`if (errstr != NULL)`
			`errx(1, "counter is %s: %s", errstr, optarg);`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`do_hotp = 1;`
			`break;`
Rename step -> period 2021-02-12 02:38:22 +01:00			`case 'p':`
			`period = strtonum(optarg, 1, UINT_MAX, &errstr);`
Add options for configuring digits and time step Default digits to 6 and time step to 30 seconds. This implies passing `-d 8' to all TOTP test cases. 2020-06-14 20:06:25 +02:00			`if (errstr != NULL)`
Rename step -> period 2021-02-12 02:38:22 +01:00			`errx(1, "period is %s: %s", errstr, optarg);`
Add options for configuring digits and time step Default digits to 6 and time step to 30 seconds. This implies passing `-d 8' to all TOTP test cases. 2020-06-14 20:06:25 +02:00			`break;`
Add TOTP support Add all the test vectors from RFC 6238, but comment the non-SHA1 ones for the time being. 2020-06-14 19:29:45 +02:00			`case 'T':`
Rework copyright notices While at it, rename mystrtonum.[ch] to strtonum.[ch]. 2021-02-11 22:02:02 +01:00			`counter = strtonum(optarg, 0, LLONG_MAX, &errstr);`
Add TOTP support Add all the test vectors from RFC 6238, but comment the non-SHA1 ones for the time being. 2020-06-14 19:29:45 +02:00			`if (errstr != NULL)`
			`errx(1, "counter is %s: %s", errstr, optarg);`
Be noisy when both -H and -T are given 2020-06-14 20:23:14 +02:00			`do_totp = 1;`
Add TOTP support Add all the test vectors from RFC 6238, but comment the non-SHA1 ones for the time being. 2020-06-14 19:29:45 +02:00			`break;`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`default:`
			`usage();`
			`}`
			`}`
			`argc -= optind;`
			`argv += optind;`

Be noisy when both -H and -T are given 2020-06-14 20:23:14 +02:00			`if (do_hotp && do_totp) {`
			`warnx("-H and -T are mutually exclusive");`
			`usage();`
			`}`

Read key from standard input if there are no arguments 2020-06-16 01:57:28 +02:00			`if (argc > 1)`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`usage();`

Read key from standard input if there are no arguments 2020-06-16 01:57:28 +02:00			`if (argc == 1) {`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`in = argv[0];`
			`inlen = strlen(in);`
Read key from standard input if there are no arguments 2020-06-16 01:57:28 +02:00			`} else {`
Use getline 2021-02-12 00:13:08 +01:00			`line = NULL;`
			`linesz = 0;`
			`linelen = getline(&line, &linesz, stdin);`
			`if (linelen == -1 && ferror(stdin))`
			`err(1, "getline");`
			`if (linelen > 0 && line[linelen - 1] == '\n') {`
			`line[linelen - 1] = '\0';`
			`linelen--;`
Read key from standard input if there are no arguments 2020-06-16 01:57:28 +02:00			`}`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`in = line;`
			`inlen = linelen;`
Read key from standard input if there are no arguments 2020-06-16 01:57:28 +02:00			`}`

cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`secretlen = b32_decoded_len(in, inlen);`
			`if (secretlen == -1)`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`errx(1, "invalid base32 string: %s", in);`
cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`secret = malloc(secretlen);`
			`if (secret == NULL)`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`err(1, "malloc");`
cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`if (!b32_decode(secret, secretlen, in, inlen))`
Assume the secret is in base32 by default 2021-02-12 04:04:25 +01:00			`errx(1, "error decoding base32 string");`

Provide a single OTP function that accepts a configuration struct 2021-02-16 17:59:56 +01:00			`otpcfg.algorithm = hmac;`
			`otpcfg.digits = digits;`
cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`otpcfg.secret = secret;`
			`otpcfg.secretlen = secretlen;`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00			`if (do_hotp) {`
Provide a single OTP function that accepts a configuration struct 2021-02-16 17:59:56 +01:00			`otpcfg.type = OTP_HOTP;`
			`otpcfg.u.hotp.counter = counter;`
Add TOTP support Add all the test vectors from RFC 6238, but comment the non-SHA1 ones for the time being. 2020-06-14 19:29:45 +02:00			`} else {`
Provide a single OTP function that accepts a configuration struct 2021-02-16 17:59:56 +01:00			`otpcfg.type = OTP_TOTP;`
			`otpcfg.u.totp.time = counter;`
			`otpcfg.u.totp.period = period;`
Add TOTP support Add all the test vectors from RFC 6238, but comment the non-SHA1 ones for the time being. 2020-06-14 19:29:45 +02:00			`}`
Add basic CLI support for HOTP 2020-06-14 06:02:43 +02:00
Provide a single OTP function that accepts a configuration struct 2021-02-16 17:59:56 +01:00			`r = otp(&otpcfg);`
cli.c: rename key{,len} -> secret{,len} and free after use 2021-02-16 18:01:25 +01:00			`free(secret);`
Provide a single OTP function that accepts a configuration struct 2021-02-16 17:59:56 +01:00			`if (r == -1)`
			`errx(1, "couldn't calculate %cOTP", do_hotp ? 'H' : 'T');`
			`printf("%0*" PRId32 "\n", digits, r);`

Initial commit 2020-06-14 05:23:29 +02:00			`return 0;`
			`}`