/
main.go
61 lines (52 loc) · 1.18 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package main
import (
"crypto/hmac"
"crypto/sha1"
"encoding/base32"
"encoding/binary"
"fmt"
"io"
"os"
"strings"
"time"
)
func main() {
if err := print(os.Stderr, os.Args[1:]...); err != nil {
fmt.Fprintf(os.Stderr, "mfa: %v\n", err)
os.Exit(1)
}
}
// service is used to identify this service when interacting with the keychain.
const service = "mfa"
func print(w io.Writer, accounts ...string) error {
for _, account := range accounts {
s, err := secret(service, account)
if err != nil {
return err
}
n, err := totp(s, now())
if err != nil {
return err
}
fmt.Printf("%06d\n", n)
}
return nil
}
// now returns a TOTP challenge for now.
func now() int64 { return int64(time.Now().Unix() / 30) }
// totp computes the response code for a challenge using the secret.
func totp(secret string, c int64) (int, error) {
k, err := base32.StdEncoding.DecodeString(strings.ToUpper(secret))
if err != nil {
return -1, err
}
hash := hmac.New(sha1.New, k)
if err := binary.Write(hash, binary.BigEndian, c); err != nil {
return -1, err
}
p := hash.Sum(nil)
i := p[19] & 0x0f
n := binary.BigEndian.Uint32(p[i : i+4])
n &= 0x7fffffff
return int(n % 1000000), nil
}