2015-09-15 01:49:40 +00:00
|
|
|
import base32
|
|
|
|
import nuuid
|
2015-09-15 02:10:07 +00:00
|
|
|
import os
|
2015-09-15 02:40:48 +00:00
|
|
|
import osproc
|
2015-09-15 01:49:40 +00:00
|
|
|
import otp
|
|
|
|
import random
|
|
|
|
import strutils
|
2015-09-15 02:40:48 +00:00
|
|
|
import uri
|
2015-09-15 01:49:40 +00:00
|
|
|
|
2015-09-15 02:10:07 +00:00
|
|
|
const genUsage =
|
|
|
|
"""Usage: totptool gen <name>
|
2015-09-15 01:49:40 +00:00
|
|
|
|
2015-09-15 02:10:07 +00:00
|
|
|
This will generate a new secret and recovery codes
|
|
|
|
for a given service name. This will then write it
|
|
|
|
to your configured secret store and make it
|
|
|
|
available for `totptool code` instantly.
|
|
|
|
"""
|
2015-09-15 01:49:40 +00:00
|
|
|
|
2015-09-15 02:40:48 +00:00
|
|
|
proc help*()
|
2015-09-15 02:10:07 +00:00
|
|
|
echo genUsage
|
|
|
|
quit 2
|
|
|
|
|
|
|
|
proc gen*(root: string, args: seq[string]) =
|
2015-09-15 02:21:58 +00:00
|
|
|
if args.len != 1:
|
2015-09-15 02:10:07 +00:00
|
|
|
quit "I need a machine name"
|
|
|
|
|
|
|
|
|
|
|
|
var
|
2015-09-15 02:40:48 +00:00
|
|
|
res = generateUUID()[0 .. 19]
|
2015-09-15 02:10:07 +00:00
|
|
|
body: string
|
|
|
|
name = args[0]
|
2015-09-15 02:40:48 +00:00
|
|
|
reccodes: seq[int]
|
2015-09-15 02:10:07 +00:00
|
|
|
|
|
|
|
try:
|
|
|
|
discard newTOTP(encode res).now()
|
|
|
|
except:
|
|
|
|
quit "it failed"
|
|
|
|
|
2015-09-15 02:40:48 +00:00
|
|
|
body = (encode res) & "\n"
|
2015-09-15 02:10:07 +00:00
|
|
|
body = body & """" RATE_LIMIT 3 30 1441950209
|
|
|
|
" WINDOW_SIZE 3
|
|
|
|
" DISALLOW_REUSE 48065007
|
|
|
|
" TOTP_AUTH""" & "\n"
|
|
|
|
|
|
|
|
for i in countup(0, 4, 1):
|
2015-09-15 02:40:48 +00:00
|
|
|
var code = randomInt(10000000, 99999999)
|
|
|
|
body = body & $code & "\n"
|
|
|
|
reccodes = reccodes & code
|
2015-09-15 02:10:07 +00:00
|
|
|
|
|
|
|
try:
|
|
|
|
writeFile(root / name, body)
|
|
|
|
except:
|
|
|
|
quit getCurrentExceptionMsg()
|
2015-09-15 02:40:48 +00:00
|
|
|
|
|
|
|
var
|
|
|
|
clienturl = parseURI "otpauth://totp/" / name / "?secret=" & encode res
|
|
|
|
|
|
|
|
discard execShellCmd "qrencode -t ansiutf8 '" & $clienturl & "'"
|
|
|
|
|
|
|
|
echo "Success! ", clienturl, "\n"
|
|
|
|
echo "Your recovery codes are:"
|
|
|
|
|
|
|
|
for code in reccodes:
|
|
|
|
echo " ", code
|