commit - 87986040c34281a3660bec9a65057f5a6aabfd1d
commit + f31cd5a448ae963454d16aeaaf1766feff159bfa
blob - c44a7fcb1e7af1dbd2a1bdb9efc83c8237e8c13b
blob + b201ae6ed769bb76d9c28d34bbfb8ba97dcb80fa
--- totp.c
+++ totp.c
/*
- * Copyright (c) 2022 Omar Polo <op@openbsd.org>
+ * Copyright (c) 2022, 2023 Omar Polo <op@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
return (q - t);
}
+static int
+uri2secret(char *s)
+{
+ char *q, *t;
+
+ if ((q = strchr(s, '?')) == NULL)
+ return (-1);
+ if ((t = strstr(q, "?secret=")) == NULL &&
+ (t = strstr(q, "&secret=")) == NULL)
+ return (-1);
+ t += 8;
+ while (*t != '\0' && *t != '&' && *t != '#')
+ *s++ = *t++;
+ *s = '\0';
+ return (0);
+}
+
int
main(int argc, char **argv)
{
if (linelen < 1)
errx(1, "no secret provided");
+ if (!strncmp(line, "otpauth://", 10) && uri2secret(line) == -1)
+ errx(1, "failed to decode otpauth URI");
+
if ((buflen = b32decode(line, buf, sizeof(buf))) == 0)
err(1, "can't base32 decode the secret");