static SwkbdCallbackResult swkbdCallbackThing(void* user, const char** ppMessage, const char* text, size_t textlen) { char *secret; signed short secretLength; int ret = oath_base32_decode(text, strlen(text), &secret, &secretLength); if(ret != OATH_OK) { printf("Error decoding secret: %s\n", oath_strerror(ret)); sprintf(*ppMessage, "Error decoding: %s", oath_strerror(ret)); return SWKBD_CALLBACK_CONTINUE; }else{ unsigned long otp = generateTOTP(secret, &secretLength); if(otp == 0) { *ppMessage = "OTP generation failed."; printf("\nOTP generation failed.\n"); return SWKBD_CALLBACK_CONTINUE; }else{ sprintf(*ppMessage, "OTP: %06lu", otp); printf("*** OTP: %06lu ***\n\n", otp); return SWKBD_CALLBACK_CONTINUE; } } return SWKBD_CALLBACK_OK; }
int main() { gfxInitDefault(); consoleInit(GFX_BOTTOM, NULL); printf("%s %s by %s\n", APP_TITLE, APP_VERSION, APP_AUTHOR); printf("Build date: %s %s\n\n", __DATE__, __TIME__); //printf("Current time: %d\n\n", (int)time(NULL)); printf("Calculating time difference from UTC... make sure you are connected to the Internet. "); Result InitClockOffsetResult = InitializeClockOffset(); if (!InitClockOffsetResult) { printf("Error initializing time offset: %08x", InitClockOffsetResult); return 1; } printf("OK\n"); int ret = oath_init(); if(ret != OATH_OK) { printf("Error initializing liboath: %s\n", oath_strerror(ret)); return 1; } char encoded_secret[1024]; FILE *secretFile; signed short secretTxtDecLength; if((secretFile = fopen("secret.txt", "r")) == NULL) { printf("warning: Secret.txt not found in application directory (SD root if installed as CIA)"); /*while(aptMainLoop()) { gspWaitForVBlank(); hidScanInput(); unsigned long kDown = hidKeysDown(); if(kDown & KEY_A) break; gfxFlushBuffers(); gfxSwapBuffers(); } return 1;*/ }else{ printf("Opened secret.txt\n"); fscanf(secretFile, "%[^\n]", encoded_secret); fclose(secretFile); if(strlen(encoded_secret) < 1){ printf("warning: secret.txt exists but is empty.\n"); }else{ printf("Read secret.txt: %s\n", encoded_secret); ret = oath_base32_decode(&encoded_secret, strlen(&encoded_secret), NULL, &secretTxtDecLength); if(ret != OATH_OK) { printf("Error decoding secret.txt: %s\n", oath_strerror(ret)); memset(&encoded_secret[0], 0, sizeof(encoded_secret)); // wipe the copy we have in memory, to avoid prefilling the swkbd with undecodable stuff }else{ printf("Read secret.txt successfully."); } } } char inputSecret[1024]; bool quit = false; bool ask = false; printf("Press A to begin, or start to exit.\n\n"); // Main loop while (aptMainLoop()) { gspWaitForVBlank(); hidScanInput(); unsigned long kDown = hidKeysDown(); if (kDown & KEY_A) ask = true; if(ask && !quit) { static SwkbdState swkbd; static SwkbdStatusData swkbdStatus; SwkbdButton button = SWKBD_BUTTON_NONE; swkbdInit(&swkbd, SWKBD_TYPE_WESTERN, 2, 512); swkbdSetHintText(&swkbd, "Enter your TOTP secret."); swkbdSetButton(&swkbd, SWKBD_BUTTON_LEFT, "Quit", false); swkbdSetButton(&swkbd, SWKBD_BUTTON_MIDDLE, "Load txt", true); swkbdSetButton(&swkbd, SWKBD_BUTTON_RIGHT, "Go", true); swkbdSetInitialText(&swkbd, inputSecret); swkbdSetFeatures(&swkbd, SWKBD_DEFAULT_QWERTY); swkbdSetFilterCallback(&swkbd, swkbdCallbackThing, NULL); swkbdInputText(&swkbd, inputSecret, sizeof(inputSecret)); switch(button) { case SWKBD_BUTTON_LEFT: // quit quit = true; break; case SWKBD_BUTTON_MIDDLE: // read secret.txt strcpy(inputSecret, encoded_secret); break; case SWKBD_BUTTON_RIGHT: // go (this is handled in filter callback) break; default: break; } if(quit) break; // quit to HBL } if (kDown & KEY_START) { break; // break in order to return to hbmenu } // Flush and swap framebuffers gfxFlushBuffers(); gfxSwapBuffers(); } gfxExit(); return 0; }
int main (int argc, char *argv[]) { struct gengetopt_args_info args_info; char *secret; size_t secretlen = 0; int rc; size_t window; uint64_t moving_factor; unsigned digits; char otp[10]; time_t now, when, t0, time_step_size; int totpflags = 0; set_program_name (argv[0]); if (cmdline_parser (argc, argv, &args_info) != 0) return EXIT_FAILURE; if (args_info.version_given) { char *p; int l = -1; if (strcmp (oath_check_version (NULL), OATH_VERSION) != 0) l = asprintf (&p, "OATH Toolkit liboath.so %s oath.h %s", oath_check_version (NULL), OATH_VERSION); else if (strcmp (OATH_VERSION, PACKAGE_VERSION) != 0) l = asprintf (&p, "OATH Toolkit %s", oath_check_version (NULL), OATH_VERSION); version_etc (stdout, "oathtool", l == -1 ? "OATH Toolkit" : p, PACKAGE_VERSION, "Simon Josefsson", (char *) NULL); if (l != -1) free (p); return EXIT_SUCCESS; } if (args_info.help_given) usage (EXIT_SUCCESS); if (args_info.inputs_num == 0) { cmdline_parser_print_help (); emit_bug_reporting_address (); return EXIT_SUCCESS; } rc = oath_init (); if (rc != OATH_OK) error (EXIT_FAILURE, 0, "liboath initialization failed: %s", oath_strerror (rc)); if (args_info.base32_flag) { rc = oath_base32_decode (args_info.inputs[0], strlen (args_info.inputs[0]), &secret, &secretlen); if (rc != OATH_OK) error (EXIT_FAILURE, 0, "base32 decoding failed: %s", oath_strerror (rc)); } else { secretlen = 1 + strlen (args_info.inputs[0]) / 2; secret = malloc (secretlen); if (!secret) error (EXIT_FAILURE, errno, "malloc"); rc = oath_hex2bin (args_info.inputs[0], secret, &secretlen); if (rc != OATH_OK) error (EXIT_FAILURE, 0, "hex decoding of secret key failed"); } if (args_info.counter_orig) moving_factor = args_info.counter_arg; else moving_factor = 0; if (args_info.digits_orig) digits = args_info.digits_arg; else digits = 6; if (args_info.window_orig) window = args_info.window_arg; else window = 0; if (digits != 6 && digits != 7 && digits != 8) error (EXIT_FAILURE, 0, "only digits 6, 7 and 8 are supported"); if (validate_otp_p (args_info.inputs_num) && !args_info.digits_orig) digits = strlen (args_info.inputs[1]); else if (validate_otp_p (args_info.inputs_num) && args_info.digits_orig && args_info.digits_arg != strlen (args_info.inputs[1])) error (EXIT_FAILURE, 0, "given one-time password has bad length %d != %ld", args_info.digits_arg, strlen (args_info.inputs[1])); if (args_info.inputs_num > 2) error (EXIT_FAILURE, 0, "too many parameters"); if (args_info.verbose_flag) { char *tmp; tmp = malloc (2 * secretlen + 1); if (!tmp) error (EXIT_FAILURE, errno, "malloc"); oath_bin2hex (secret, secretlen, tmp); printf ("Hex secret: %s\n", tmp); free (tmp); rc = oath_base32_encode (secret, secretlen, &tmp, NULL); if (rc != OATH_OK) error (EXIT_FAILURE, 0, "base32 encoding failed: %s", oath_strerror (rc)); printf ("Base32 secret: %s\n", tmp); free (tmp); if (args_info.inputs_num == 2) printf ("OTP: %s\n", args_info.inputs[1]); printf ("Digits: %d\n", digits); printf ("Window size: %ld\n", window); } if (args_info.totp_given) { now = time (NULL); when = parse_time (args_info.now_arg, now); t0 = parse_time (args_info.start_time_arg, now); time_step_size = parse_duration (args_info.time_step_size_arg); if (when == BAD_TIME) error (EXIT_FAILURE, 0, "cannot parse time `%s'", args_info.now_arg); if (t0 == BAD_TIME) error (EXIT_FAILURE, 0, "cannot parse time `%s'", args_info.start_time_arg); if (time_step_size == BAD_TIME) error (EXIT_FAILURE, 0, "cannot parse time `%s'", args_info.time_step_size_arg); if (strcmp (args_info.totp_arg, "sha256") == 0) totpflags = OATH_TOTP_HMAC_SHA256; else if (strcmp (args_info.totp_arg, "sha512") == 0) totpflags = OATH_TOTP_HMAC_SHA512; if (args_info.verbose_flag) verbose_totp (t0, time_step_size, when); } else { if (args_info.verbose_flag) verbose_hotp (moving_factor); } if (generate_otp_p (args_info.inputs_num) && !args_info.totp_given) { size_t iter = 0; do { rc = oath_hotp_generate (secret, secretlen, moving_factor + iter, digits, false, OATH_HOTP_DYNAMIC_TRUNCATION, otp); if (rc != OATH_OK) error (EXIT_FAILURE, 0, "generating one-time password failed (%d)", rc); printf ("%s\n", otp); } while (window - iter++ > 0); } else if (generate_otp_p (args_info.inputs_num) && args_info.totp_given) { size_t iter = 0; do { rc = oath_totp_generate2 (secret, secretlen, when + iter * time_step_size, time_step_size, t0, digits, totpflags, otp); if (rc != OATH_OK) error (EXIT_FAILURE, 0, "generating one-time password failed (%d)", rc); printf ("%s\n", otp); } while (window - iter++ > 0); } else if (validate_otp_p (args_info.inputs_num) && !args_info.totp_given) { rc = oath_hotp_validate (secret, secretlen, moving_factor, window, args_info.inputs[1]); if (rc == OATH_INVALID_OTP) error (EXIT_OTP_INVALID, 0, "password \"%s\" not found in range %ld .. %ld", args_info.inputs[1], (long) moving_factor, (long) moving_factor + window); else if (rc < 0) error (EXIT_FAILURE, 0, "validating one-time password failed (%d)", rc); printf ("%d\n", rc); } else if (validate_otp_p (args_info.inputs_num) && args_info.totp_given) { rc = oath_totp_validate4 (secret, secretlen, when, time_step_size, t0, window, NULL, NULL, totpflags, args_info.inputs[1]); if (rc == OATH_INVALID_OTP) error (EXIT_OTP_INVALID, 0, "password \"%s\" not found in range %ld .. %ld", args_info.inputs[1], (long) ((when - t0) / time_step_size - window / 2), (long) ((when - t0) / time_step_size + window / 2)); else if (rc < 0) error (EXIT_FAILURE, 0, "validating one-time password failed (%d)", rc); printf ("%d\n", rc); } free (secret); oath_done (); return EXIT_SUCCESS; }