v0.1-prealpha-rc1-prerelease

This commit is contained in:
Amarpreet Minhas 2022-10-19 22:39:48 -04:00
parent d842c19231
commit e15f56019d
2 changed files with 87 additions and 3 deletions

View file

@ -1,7 +1,9 @@
# otpish # otpish
OTPish is a bash script that wraps oathtool and age to provide a workflow to manage totp codes. OTPish is a bash script that wraps oathtool and age to provide a workflow to manage totp codes.
This is just thrown together and should probably not be used in production. This is just thrown together and should probably not be used in production.
YMMV. YMMV.
`otpish help` should be useful

82
otpish Executable file
View file

@ -0,0 +1,82 @@
#!/usr/bin/env bash
COMMAND=$1
NAME=$2
DEPENDS=("age" "oathtool")
OTPISH_HOME=${HOME}/.otpish
OTP=${OTPISH_HOME}/otp
PRIVKEY=${OTPISH_HOME}/privkey
PUBKEY=${OTPISH_HOME}/pubkey
print_help() {
echo otpish is a little wrapper around oathtool
echo this was just thrown together an is probably not prod ready
echo it stores your password encrypted key at ~/.otpish/key
echo it stores your encrypted otp secret keys in ~/.otpish/otp
echo depends on: $(for i in ${DEPENDS[@]}; do echo -n "${i} "; done)
echo commands:
echo help print this help
echo dump dump out all raw otpauth uris
echo get get otp code with passed name
}
if [ "${COMMAND}" = "help" ]; then
print_help
fi
# check if dependent packages exist
for pkg in ${DEPENDS[@]}; do
if ! command -v ${pkg} &> /dev/null; then
echo "please install ${pkg}"
echo "install using apt? y/N"
read install_pkg
if [ "${install_pkg}" = "y" ] || [ "${install_pkg}" = "Y"]; then
sudo apt install ${pkg}
fi
fi
done
# check if key exists
if ! [ -d "${OTPISH_HOME}" ]; then
mkdir ${OTPISH_HOME}
fi
if ! [ -f "${PRIVKEY}" ]; then
echo creating keypair
age-keygen 2> ${PUBKEY} | age --passphrase --output ${PRIVKEY}
sed -i 's/Public key: //' ${PUBKEY}
fi
if [ "${COMMAND}" = "dump" ]; then
if ! [ -f ${OTP} ]; then echo no otps configured add one first; exit; fi
age -i ${PRIVKEY} -d ${OTP}
exit
fi
if [ "${COMMAND}" = "get" ]; then
if [ -z ${NAME} ]; then echo get requires a name; exit; fi
if ! [ -f ${OTP} ]; then echo no otps configured add one first; exit; fi
uri=$(age -i ${PRIVKEY} -d ${OTP} | grep "${NAME}?")
otp_info=$(echo -n ${uri} | cut -d '?' -f 2)
oIFS=${IFS}
IFS="&"
declare -a fields=(${otp_info})
IFS=${oIFS}
for i in ${fields[@]}; do
if [ "$(echo ${i} | cut -d'=' -f1)" = "secret" ]; then secret=$(echo ${i} | cut -d'=' -f2); fi
if [ "$(echo ${i} | cut -d'=' -f1)" = "digits" ]; then digits=$(echo ${i} | cut -d'=' -f2); fi
if [ "$(echo ${i} | cut -d'=' -f1)" = "period" ]; then period=$(echo ${i} | cut -d'=' -f2); fi
done
oathtool --totp -b -s "${period}s" -d ${digits} ${secret}
exit
fi
if [ "${COMMAND}" = "add" ]; then
echo input otpauth uri
read otp_uri
uri=${otp_uri}
if [ -f ${OTP} ]; then echo unlocking otp file; uris=$(age -i ${PRIVKEY} -d ${OTP}); else uris=""; fi
uris=(${uris} ${uri})
echo ${uris[@]} | sed 's/ /\n/g' | age -r $(cat ${PUBKEY}) -o ${OTP}
exit
fi