App::OATH - Simple OATH authenticator
Simple command line OATH authenticator written in Perl.
Implements the Open Authentication (OATH) time-based one time password (TOTP) two factor authentication standard as a simple command line programme.
Allows storage of multiple tokens, which are kept encrypted on disk.
Google Authenticator is a popular example of this standard, and this project can be used with the same tokens.
usage: oath --add string --file filename --help --init --list --newpass --search string
add a new password to the database, the format can be one of the following text: identifier:secret url: otpauth://firstname.lastname@example.org?secret=JBSWY3DPEHPK3PXP
filename for database, default ~/.oath.json
show this help
initialise the database, file must not exist
list keys in database
resave database with a new password
search database for keys matching string
Tokens are encrypted on disk, the identifiers are not encrypted and can be read in plaintext from the file.
This is intended to secure against casual reading of the file, but as always, if you have specific security requirements you should do your own research with regard to relevant attack vectors and use an appropriate solution.
You most likely won't ever want to call these directly, you should use the included command line programme instead.
Instantiate a new object
Display usage and exit
Show the raw OATH code rather than decoding
Show the raw OATH code as a QR code rather than decoding
Set the search parameter
Get the search parameter
Initialise a new file
Add an entry to the file
Display a list of keys in the current file
Get the current time based counter
Display a list of codes
- make_qr( $srting )
Format the given string as a QR code
Perform the authentication calculations
Set the filename
Get the filename
Load in data from file
Save data to file
Encrypt the data
Decrypt the data
Get the plaintext version of the data
Get the encrypted version of the data
Signal that we would like to set a new password
Drop the password
Get the current password (from user or cache)
Return a filename for the lock file, typically this is filename appended with .lock
Drop the lock (unlock)
Get a lock, return 1 on success or 0 on failure
Convert::Base32 Digest::HMAC_SHA1 English Fcntl File::HomeDir JSON POSIX Term::ReadPassword Term::ReadPassword::Win32
Marc Bradshaw <email@example.com>
This library is free software; you may redistribute it and/or modify it under the same terms as Perl itself.