░▒▓██████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓██████▓▒░
░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓█▓▒░ ░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓█▓▒░ ░▒▓██████▓▒░░▒▓██████▓▒░░▒▓████████▓▒░
░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓██████▓▒░░▒▓████████▓▒░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
C TOTP (Time-based One Time Password) implementation for a code-generation software similar to Google Authenticator, Authy or Aegis.
You will need the following packages (Please, do your homework and choose based on your system):
- libcotp.h (Build instructions there)
- SSL lib (
libssl-dev or openssl-devel) - ncursesw (
libncursesw5-dev or ncurses or ncurses-devel) - GPGME (
libgpgme-dev or gpgme or gpgme-devel)
For debian-based I would run # apt install libssl-dev libncursesw5-dev libgpgme-dev and build libcotp.h from source.
You will need pass and a GPG key so in order:
sudo apt install pass #(Or whatever your packet manager is)
gpg --full-generate-key
...
pass init
After this you are ready to go, but you don't have any secrets to use, so you must import them like:
c2fa --import /your/export.csv --issuer (AEGIS | GOOGLE) --gpg-id example@domain.com
Important
Every secret is stored as an individual file with it's name as identifier. Also, all of this will be erased since i've did the readme then everything changed, i am fast-prototyped minded (sadly).
- Signal handling frees memory securely
-
- SIGINT
-
- SIGTERM
- Sanitization of inputs
-
- Filepath (From command line)
-
- Passphrase (For the input of passphrase of GPG)
-
- CSV Reader (This is half done if Filepath is done)
-
- Email sanitization?
- GPG ME (GPG Made Easy) Implementation reading the files from password-store (generated by pass)
- Autolock-timer after 30-secs.
- UI with ncurses (not a priority yet)
- Import from Aegis
- Import from Google Authenticator