Exemplo n.º 1
0
func (c App) loadHOTP() (*hotp.HOTP, error) {
	encoded, ok := c.Session["otp"]
	if !ok {
		c.Flash.Error("Oh no! I couldn't store the HOTP key value!")
		revel.ERROR.Println("HOTP key value not present")
		c.FlashParams()
		return nil, errors.New("failed to restore HOTP")
	}

	in, err := base64.StdEncoding.DecodeString(encoded)
	if err != nil {
		c.Flash.Error("Oh no! I couldn't store the HOTP key value!")
		revel.ERROR.Printf("failed to store HOTP key value: %v", err)
		c.FlashParams()
		return nil, err
	}

	otp, err := hotp.Unmarshal(in)
	if err != nil {
		c.Flash.Error("Oh no! I couldn't store the HOTP key value!")
		revel.ERROR.Printf("failed to store HOTP key value: %v", err)
		c.FlashParams()
		return nil, err
	}
	return otp, err
}
Exemplo n.º 2
0
func (a *Authenticator) Verify(data []string, input string) (bool, error) {
	// obviously broken
	hotp, err := hotp.Unmarshal([]byte(data[0]))
	if err != nil {
		return false, err
	}

	return hotp.Check(input), nil
}
Exemplo n.º 3
0
func main() {
	check := flag.Bool("c", false, "do integrity check")
	noUpdate := flag.Bool("n", false, "don't update counter")
	keyFile := flag.String("k", "hotp.key", "key file")
	url := flag.String("u", "", "URL to load new key from")
	write := flag.Bool("w", false, "only write URL-loaded key to file")
	flag.Parse()

	var otp *hotp.HOTP
	if *url != "" {
		var err error
		otp, _, err = hotp.FromURL(*url)
		if err != nil {
			fmt.Printf("[!] %v\n", err.Error())
			return
		}

		if *write {
			out, err := hotp.Marshal(otp)
			if err != nil {
				fmt.Printf("[!] %v\n", err.Error())
				return
			}

			err = ioutil.WriteFile(*keyFile, out, 0600)
			if err != nil {
				fmt.Printf("[!] %v\n", err.Error())
				return
			}

			return
		}
	} else {
		in, err := ioutil.ReadFile(*keyFile)
		if err != nil {
			fmt.Printf("[!] %v\n", err.Error())
			return
		}

		otp, err = hotp.Unmarshal(in)
		if err != nil {
			fmt.Printf("[!] %v\n", err.Error())
			return
		}
	}

	if *check {
		code, counter := otp.IntegrityCheck()
		fmt.Println("   code:", code)
		fmt.Println("counter:", counter)
	} else {
		fmt.Println(otp.OTP())
	}

	if !*noUpdate {
		out, err := hotp.Marshal(otp)
		if err != nil {
			fmt.Printf("[!] %v\n", err.Error())
			return
		}

		err = ioutil.WriteFile(*keyFile, out, 0600)
		if err != nil {
			fmt.Printf("[!] %v\n", err.Error())
			return
		}
	}
}