mirror of https://github.com/ericonr/get-otp.git
Add README and license.
This commit is contained in:
parent
fa759a0c4b
commit
0f1ccd703c
|
@ -0,0 +1,13 @@
|
||||||
|
Copyright (c) 2020 Érico Nogueira
|
||||||
|
|
||||||
|
Permission to use, copy, modify, and distribute this software for any
|
||||||
|
purpose with or without fee is hereby granted, provided that the above
|
||||||
|
copyright notice and this permission notice appear in all copies.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||||
|
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||||
|
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||||
|
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||||
|
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||||
|
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||||
|
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
@ -0,0 +1,55 @@
|
||||||
|
# get-otp
|
||||||
|
|
||||||
|
This repository holds a combination of tools that can be used to (comfortably)
|
||||||
|
generate TOTP 2FA access tokens on the desktop, instead of depending on a phone
|
||||||
|
app.
|
||||||
|
|
||||||
|
## get-otp
|
||||||
|
|
||||||
|
Main tool, depends on:
|
||||||
|
|
||||||
|
- [jq](https://stedolan.github.io/jq/)
|
||||||
|
- [fzf](https://github.com/junegunn/fzf)
|
||||||
|
- [OATH Toolkit](https://www.nongnu.org/oath-toolkit/)
|
||||||
|
- [wl-clipboard](https://github.com/bugaevc/wl-clipboard) (optional)
|
||||||
|
|
||||||
|
It will use the `cbc-file` executable from this project to decrypt a
|
||||||
|
`~/.local/share/otp_accounts` file, whose decrypted contents should be in the
|
||||||
|
same format as exported by [andOTP](https://github.com/andOTP/andOTP). It can
|
||||||
|
then run a menu, using `fzf`, to let you choose the account for which you want
|
||||||
|
an access token. If running on Wayland, the token will also be copied to the
|
||||||
|
clipboard.
|
||||||
|
|
||||||
|
```
|
||||||
|
$ get-otp [account_name]
|
||||||
|
```
|
||||||
|
|
||||||
|
## encrypt-otp
|
||||||
|
|
||||||
|
This tool doesn't depend on anything besides `cbc-file`. What it does is encrypt
|
||||||
|
the file passed to it (which should be in the format exported by andOTP, as
|
||||||
|
mentioned above) and put the encrypted file in the correct place.
|
||||||
|
|
||||||
|
```
|
||||||
|
$ encrypt-otp otp_accounts.json
|
||||||
|
```
|
||||||
|
|
||||||
|
## cbc-file
|
||||||
|
|
||||||
|
Hidden utility, does the encryption magic. Despite the name, uses
|
||||||
|
[ChaCha20+Poly1305](https://tools.ietf.org/html/rfc7539) for encryption, as
|
||||||
|
implemented by [BearSSL](https://www.bearssl.org/), together with
|
||||||
|
[argon2](https://github.com/p-h-c/phc-winner-argon2) for key derivation.
|
||||||
|
|
||||||
|
Both of the mentioned libraries are necessary for building this utility. On
|
||||||
|
Linux, a kernel which implements the
|
||||||
|
[getrandom(2)](https://man.voidlinux.org/getrandom.2) syscall is necessary,
|
||||||
|
since it is the backend for
|
||||||
|
[getentropy(3)](https://man.voidlinux.org/getentropy.3), which is the only
|
||||||
|
random number backend implemented.
|
||||||
|
|
||||||
|
## Disclaimer
|
||||||
|
|
||||||
|
This is experimental code and ideas, and shouldn't be put anywhere near any sort
|
||||||
|
of production. However, I am open to suggestions and improvements, so feel free
|
||||||
|
to reach out.
|
Loading…
Reference in New Issue