totp

commit fe3ac5b82b7a8a7630afdedfe354df37e837c71b
parent 05e32ad33737a0d76c628f31ccea0fd841ee85d8
Author: Santtu Lakkala <inz@inz.fi>
Date:   Fri,  2 Jul 2021 13:22:03 +0300

Add some documentation

Diffstat:
M
Makefile
 | 
17
++++++++++++++++-
M
main.c
 | 
2
++
A
totp.1
 | 
83
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

3 files changed, 101 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
@@ -5,7 +5,14 @@ OBJS = ${SOURCES:.c=.o}
 TEST_SOURCES = sha1.c sha256.c sha512.c util.c test.c
 TEST_OBJS = ${TEST_SOURCES:.c=.o}
 
-all: totp
+VERSION = 0.1
+PREFIX = /usr/local
+BINDIR = ${PREFIX}/bin
+MANDIR = ${PREFIX}/share/man/man1
+
+NAME=totp
+
+all: ${NAME}
 
 totp: ${OBJS}
 	${CC} -o $@ ${OBJS} ${LDFLAGS}
@@ -18,3 +25,11 @@ test: ${TEST_OBJS};
 
 clean:
 	rm ${OBJS}
+
+install: all
+	mkdir -p "${DESTDIR}${BINDIR}"
+	cp -f "${NAME}" "${DESTDIR}${BINDIR}"
+	chmod 755 "${DESTDIR}${BINDIR}/${NAME}"
+	mkdir -p "${DESTDIR}${MANDIR}"
+	cp -f "${NAME}.1" "${DESTDIR}${MANDIR}"
+	chmod 644 "${DESTDIR}${MANDIR}/${NAME}.1"
diff --git a/main.c b/main.c
@@ -412,6 +412,8 @@ void usage()
 {
 	fprintf(stderr,
 		"Usage: totp [OPTIONS]\n"
+		"-k <pass>\tpassphrase for database encryption\n"
+		"-K <file>\tread encryption passphrase from file\n"
 		"-l\tlist known secrets\n"
 		"-a <uri>\tadd uri to secrets\n"
 		"-d <filter>\tremove secrets matching filter\n"
diff --git a/totp.1 b/totp.1
@@ -0,0 +1,83 @@
+.Dd Jul 2, 2021
+.Dt TOTP 1
+.Os
+.
+.Sh NAME
+.Nm totp
+.Nd authentication token manager
+.
+.Sh SYNOPSIS
+.Nm
+.Bk -words
+.Op Fl k Ar passphrase
+.Op Fl K Ar file
+.Op Fl l
+.Op Fl a Ar uri
+.Op Fl d Ar filter
+.Op Fl t Ar filter
+.Op Fl e
+.Ek
+.
+.Sh DESCRIPTION
+.Bd -filled
+.Nm
+is a TOTP secret manager and token generator.
+.Ed
+.
+.Sh OPTIONS
+totp options:
+.Bl -tag -width -k_passphrase
+.
+.It Fl k Ar passphrase
+Use provided passphrase for encrypting and decrypting the secret database.
+.
+.It Fl K Ar file
+Read encryption/decryption passphrase from file, - for standard input.
+.
+.It Fl l
+List names and providers of all secrets in database.
+.
+.It Fl a Ar uri
+Add uri to secrets database.
+.
+.It Fl d Ar filter
+Remove secrets from database that match filter.
+.
+.It Fl t Ar filter
+Generate authentication tokens with all secrets that match filter.
+.
+.It Fl e
+Export all secrets from database as uris.
+.
+.Sh URI FORMAT
+URIs follow the google-authenticator Key Uri Format with otpauth protocol:
+otpauth://totp/accountname?secret=<secret>
+.
+The secret should be encoded in RFC3548 Base32 format, without padding.
+Supported URI query string parameters:
+.Bl -tag -width "algorithm"
+.It Ar issuer
+Defines the issuing organisation of the secret.
+.It Ar algorithm
+Defines the digest algorithm used to generate tokens, should be one of SHA1,
+SHA256, SHA512; defaults to SHA1.
+.It Ar digits
+Defines how many digits the generated token should have, should be 6 or 8.
+Defaults to 6.
+.It Ar period
+Defines the validity period of a token in seconds. Defaults to 30.
+.
+.Sh FILTER
+In deletion and token generation the secret is chosen by matching the
+accountname against the provided filter. The matching is done with fnmatch()
+so asterisks can be used, but the accountname must fully match the filter.
+For substring matches, use leading and trailing asterisks.
+.
+If an issuer: prefix is present in accountname during addition, then it will
+be included in the matching, but a query string parameter issuer is excluded.
+.
+.Sh KNOWN BUGS
+If multiple secrets match a filter in token generation, a token will be
+generated with each, in the same order as the keys were added. There is no
+output indicating which key was used.
+