int main(int argc, char *argv[])
{
int ret;
struct stat sbuf;
uint32_t parhandle; /* handle of parent key */
unsigned char blob[4096]; /* resulting sealed blob */
unsigned int bloblen; /* blob length */
unsigned char passptr1[20] = {0};
int fd, outlen;
char totp[7];
parhandle = 0x40000000;
fd = open(argv[1], O_RDONLY);
if (fd < 0) {
perror("Unable to open file");
return -1;
}
ret = fstat(fd, &sbuf);
if (ret) {
perror("Unable to stat file");
return -1;
}
bloblen = sbuf.st_size;
ret = read(fd, blob, bloblen);
if (ret != bloblen) {
fprintf(stderr, "Unable to read data\n");
return -1;
}
ret = TPM_Unseal(parhandle, /* KEY Entity Value */
passptr1, /* Key Password */
NULL,
blob, bloblen,
key, &outlen);
if (ret == 24) {
fprintf(stderr, "TPM refused to decrypt key - boot process attests that it is modified\n");
return -1;
}
if (ret != 0) {
printf("Error %s from TPM_Unseal\n", TPM_GetErrMsg(ret));
exit(6);
}
if (outlen != keylen) {
fprintf(stderr, "Returned buffer is incorrect length\n");
return -1;
}
ret = oath_totp_generate(key, keylen, time(NULL), 30, 0, 6, totp);
if (ret != 0) {
fprintf(stderr, "Error generating totp value\n");
return -1;
}
printf("%s\n", totp);
}
static void display_totp() {
int ret;
char totp[7];
ret = oath_totp_generate(key, keylen, time(NULL), 30, 0, 6, totp);
if (ret != 0) {
fprintf(stderr, "Error generating totp value\n");
exit(-1);
}
ply_boot_client_tell_daemon_to_display_message (ply_client,
totp, NULL,
(ply_boot_client_response_handler_t) on_failure, NULL);
}
int32_t svc_otp_get_token(uint8_t index) {
timeout = g_timeout;
otp_item_t *it = &(otp_store[index]);
uint8_t secret[32];
hal_aes_decrypt(secret, it->secret);
hal_aes_decrypt(secret+16, it->secret+16);
int32_t out = -1;
oath_totp_generate (secret,
it->secret_len,
time_counter, //now
30,
0, 6, &out);
secure_memset(secret, 0, sizeof(secret));
return out;
}
unsigned long generateTOTP(unsigned char const * secret, size_t const * secretLength) {
if(*secretLength < 1) {
printf("Secret is zero-length, cannot generate TOTP\n");
return INVALID_DECODED_SECRET;
}
if(!InitializeClockOffset) {
printf("Failed to initializ clock offset, cannot generate TOTP\n");
return INVALID_DECODED_SECRET;
}
unsigned long timerightnow = currentTimeUTC();
unsigned char otp[REQUESTED_OTP_DIGITS+1]; /* must allocate for trailing NULL */
int ret = oath_totp_generate(secret, (size_t)*secretLength, timerightnow, OATH_TOTP_DEFAULT_TIME_STEP_SIZE, OATH_TOTP_DEFAULT_START_TIME, REQUESTED_OTP_DIGITS, (char*)&otp);
if(ret != OATH_OK) {
printf("Error generating TOTP: %s\n", oath_strerror(ret));
return INVALID_DECODED_SECRET;
}
return atol(otp);
}
