int main(int argc, char *argv[]) { int ret; struct stat sbuf; uint32_t parhandle; /* handle of parent key */ unsigned char blob[4096]; /* resulting sealed blob */ unsigned int bloblen; /* blob length */ unsigned char passptr1[20] = {0}; int fd, outlen; char totp[7]; parhandle = 0x40000000; fd = open(argv[1], O_RDONLY); if (fd < 0) { perror("Unable to open file"); return -1; } ret = fstat(fd, &sbuf); if (ret) { perror("Unable to stat file"); return -1; } bloblen = sbuf.st_size; ret = read(fd, blob, bloblen); if (ret != bloblen) { fprintf(stderr, "Unable to read data\n"); return -1; } ret = TPM_Unseal(parhandle, /* KEY Entity Value */ passptr1, /* Key Password */ NULL, blob, bloblen, key, &outlen); if (ret == 24) { fprintf(stderr, "TPM refused to decrypt key - boot process attests that it is modified\n"); return -1; } if (ret != 0) { printf("Error %s from TPM_Unseal\n", TPM_GetErrMsg(ret)); exit(6); } if (outlen != keylen) { fprintf(stderr, "Returned buffer is incorrect length\n"); return -1; } ret = oath_totp_generate(key, keylen, time(NULL), 30, 0, 6, totp); if (ret != 0) { fprintf(stderr, "Error generating totp value\n"); return -1; } printf("%s\n", totp); }
static void display_totp() { int ret; char totp[7]; ret = oath_totp_generate(key, keylen, time(NULL), 30, 0, 6, totp); if (ret != 0) { fprintf(stderr, "Error generating totp value\n"); exit(-1); } ply_boot_client_tell_daemon_to_display_message (ply_client, totp, NULL, (ply_boot_client_response_handler_t) on_failure, NULL); }
int32_t svc_otp_get_token(uint8_t index) { timeout = g_timeout; otp_item_t *it = &(otp_store[index]); uint8_t secret[32]; hal_aes_decrypt(secret, it->secret); hal_aes_decrypt(secret+16, it->secret+16); int32_t out = -1; oath_totp_generate (secret, it->secret_len, time_counter, //now 30, 0, 6, &out); secure_memset(secret, 0, sizeof(secret)); return out; }
unsigned long generateTOTP(unsigned char const * secret, size_t const * secretLength) { if(*secretLength < 1) { printf("Secret is zero-length, cannot generate TOTP\n"); return INVALID_DECODED_SECRET; } if(!InitializeClockOffset) { printf("Failed to initializ clock offset, cannot generate TOTP\n"); return INVALID_DECODED_SECRET; } unsigned long timerightnow = currentTimeUTC(); unsigned char otp[REQUESTED_OTP_DIGITS+1]; /* must allocate for trailing NULL */ int ret = oath_totp_generate(secret, (size_t)*secretLength, timerightnow, OATH_TOTP_DEFAULT_TIME_STEP_SIZE, OATH_TOTP_DEFAULT_START_TIME, REQUESTED_OTP_DIGITS, (char*)&otp); if(ret != OATH_OK) { printf("Error generating TOTP: %s\n", oath_strerror(ret)); return INVALID_DECODED_SECRET; } return atol(otp); }