mirror of https://github.com/ericonr/get-otp.git
Add README and license.
This commit is contained in:
parent
fa759a0c4b
commit
0f1ccd703c
|
@ -0,0 +1,13 @@
|
|||
Copyright (c) 2020 Érico Nogueira
|
||||
|
||||
Permission to use, copy, modify, and distribute this software for any
|
||||
purpose with or without fee is hereby granted, provided that the above
|
||||
copyright notice and this permission notice appear in all copies.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
@ -0,0 +1,55 @@
|
|||
# get-otp
|
||||
|
||||
This repository holds a combination of tools that can be used to (comfortably)
|
||||
generate TOTP 2FA access tokens on the desktop, instead of depending on a phone
|
||||
app.
|
||||
|
||||
## get-otp
|
||||
|
||||
Main tool, depends on:
|
||||
|
||||
- [jq](https://stedolan.github.io/jq/)
|
||||
- [fzf](https://github.com/junegunn/fzf)
|
||||
- [OATH Toolkit](https://www.nongnu.org/oath-toolkit/)
|
||||
- [wl-clipboard](https://github.com/bugaevc/wl-clipboard) (optional)
|
||||
|
||||
It will use the `cbc-file` executable from this project to decrypt a
|
||||
`~/.local/share/otp_accounts` file, whose decrypted contents should be in the
|
||||
same format as exported by [andOTP](https://github.com/andOTP/andOTP). It can
|
||||
then run a menu, using `fzf`, to let you choose the account for which you want
|
||||
an access token. If running on Wayland, the token will also be copied to the
|
||||
clipboard.
|
||||
|
||||
```
|
||||
$ get-otp [account_name]
|
||||
```
|
||||
|
||||
## encrypt-otp
|
||||
|
||||
This tool doesn't depend on anything besides `cbc-file`. What it does is encrypt
|
||||
the file passed to it (which should be in the format exported by andOTP, as
|
||||
mentioned above) and put the encrypted file in the correct place.
|
||||
|
||||
```
|
||||
$ encrypt-otp otp_accounts.json
|
||||
```
|
||||
|
||||
## cbc-file
|
||||
|
||||
Hidden utility, does the encryption magic. Despite the name, uses
|
||||
[ChaCha20+Poly1305](https://tools.ietf.org/html/rfc7539) for encryption, as
|
||||
implemented by [BearSSL](https://www.bearssl.org/), together with
|
||||
[argon2](https://github.com/p-h-c/phc-winner-argon2) for key derivation.
|
||||
|
||||
Both of the mentioned libraries are necessary for building this utility. On
|
||||
Linux, a kernel which implements the
|
||||
[getrandom(2)](https://man.voidlinux.org/getrandom.2) syscall is necessary,
|
||||
since it is the backend for
|
||||
[getentropy(3)](https://man.voidlinux.org/getentropy.3), which is the only
|
||||
random number backend implemented.
|
||||
|
||||
## Disclaimer
|
||||
|
||||
This is experimental code and ideas, and shouldn't be put anywhere near any sort
|
||||
of production. However, I am open to suggestions and improvements, so feel free
|
||||
to reach out.
|
Loading…
Reference in New Issue