From 3093486c9fbf1f3a5d7899eb39f745ffb759e674 Mon Sep 17 00:00:00 2001 From: Lucas Date: Fri, 12 Feb 2021 03:04:25 +0000 Subject: [PATCH] Assume the secret is in base32 by default --- cli.c | 29 ++++++++++++++++++++--------- run-tests.sh | 6 +++--- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/cli.c b/cli.c index 980bcea..cfcf17d 100644 --- a/cli.c +++ b/cli.c @@ -22,6 +22,7 @@ #include #include +#include "base32.h" #include "err.h" #include "strtonum.h" #include "otp.h" @@ -42,13 +43,14 @@ int main(int argc, char *argv[]) { const char *errstr; - char *key, *line; - size_t key_len, linesz; + unsigned char *key; + char *in, *line; + size_t inlen, linesz; ssize_t linelen; uint64_t counter; unsigned int period; int32_t r; - int ch, digits, do_hotp, do_totp; + int ch, digits, do_hotp, do_totp, keylen; enum otp_hmac hmac; counter = (uint64_t)time(NULL); @@ -106,8 +108,8 @@ main(int argc, char *argv[]) usage(); if (argc == 1) { - key = argv[0]; - key_len = strlen(key); + in = argv[0]; + inlen = strlen(in); } else { line = NULL; linesz = 0; @@ -118,17 +120,26 @@ main(int argc, char *argv[]) line[linelen - 1] = '\0'; linelen--; } - key = line; - key_len = linelen; + in = line; + inlen = linelen; } + keylen = b32_decoded_len(in, inlen); + if (keylen == -1) + errx(1, "invalid base32 string: %s", in); + key = malloc(keylen); + if (key == NULL) + err(1, "malloc"); + if (!b32_decode(key, keylen, in, inlen)) + errx(1, "error decoding base32 string"); + if (do_hotp) { - r = hotp(hmac, key, key_len, counter, digits); + r = hotp(hmac, key, keylen, counter, digits); if (r == -1) errx(1, "couldn't calculate HOTP"); printf("%0*" PRId32 "\n", digits, r); } else { - r = totp(hmac, key, key_len, counter, period, digits); + r = totp(hmac, key, keylen, counter, period, digits); if (r == -1) errx(1, "couldn't calculate TOTP"); printf("%0*" PRId32 "\n", digits, r); diff --git a/run-tests.sh b/run-tests.sh index a6e54c5..db49a80 100644 --- a/run-tests.sh +++ b/run-tests.sh @@ -47,11 +47,11 @@ case_stdin_eq() fi } -b="1234567890" +b="GEZDGNBVGY3TQOJQ" HOTP_SECRET=$b$b TOTP_SECRET=$b$b -TOTP_SHA256_SECRET=$b$b$b"12" -TOTP_SHA512_SECRET=$b$b$b$b$b$b"1234" +TOTP_SHA256_SECRET=$b$b$b"GEZA" +TOTP_SHA512_SECRET=$b$b$b$b$b$b"GEZDGNA" case_eq 755224 ./otpcli -H 0 "$HOTP_SECRET" case_eq 287082 ./otpcli -H 1 "$HOTP_SECRET"