Improve support for YK5

This commit is contained in:
IamTheFij 2021-01-18 17:29:20 -08:00
parent 481c885be9
commit 73b6aef9d9
2 changed files with 26 additions and 13 deletions

37
main.go
View File

@ -25,32 +25,43 @@ func setPassword(s *ykoath.Select) error {
bytePassword, err := term.ReadPassword(syscall.Stdin) bytePassword, err := term.ReadPassword(syscall.Stdin)
if err != nil { if err != nil {
slog.Error("failed reading password from input") return fmt.Errorf("failed reading password from input: %w", err)
return err
} }
// get password password := string(bytePassword)
key := s.DeriveKey(string(bytePassword))
// get key
key := s.DeriveKey(password)
// verify password is correct with a validate call
ok, err := oath.Validate(s, key) ok, err := oath.Validate(s, key)
if err != nil { if err != nil {
return err return fmt.Errorf("error in validate: %w", err)
} }
if !ok { if !ok {
return errFailedValidation return errFailedValidation
} }
return keyring.Set( err = keyring.Set(
serviceName, serviceName,
s.DeviceID(), s.DeviceID(),
string(key), password,
) )
if err != nil {
return fmt.Errorf("error saving password in keyring: %w", err)
} }
func getPassword(s *ykoath.Select) (string, error) { return nil
return keyring.Get(serviceName, s.DeviceID()) }
func getPasskey(s *ykoath.Select) ([]byte, error) {
password, err := keyring.Get(serviceName, s.DeviceID())
if err != nil {
return nil, fmt.Errorf("error retrieving key from keyring: %w", err)
}
return s.DeriveKey(password), nil
} }
func main() { func main() {
@ -88,15 +99,17 @@ func main() {
// If required, authenticate with password from keychain // If required, authenticate with password from keychain
if s.Challenge != nil { if s.Challenge != nil {
passKey, err := getPassword(s) passKey, err := getPasskey(s)
slog.FatalOnErr(err, "failed retrieving password key") slog.FatalOnErr(err, "failed retrieving password key")
ok, err := oath.Validate(s, []byte(passKey)) ok, err := oath.Validate(s, passKey)
slog.FatalOnErr(err, "validation failed") slog.FatalOnErr(err, "validation failed")
if !ok { if !ok {
slog.Fatal("failed validation, password is incorrect") slog.Fatal("failed validation, password is incorrect")
} }
} else {
slog.Debug("no challenge required")
} }
if flag.Arg(0) == "list" { if flag.Arg(0) == "list" {

2
ykoath

@ -1 +1 @@
Subproject commit b083034539df4a37cb676af7afd7abd3d9f3ec4f Subproject commit fd081cb213d030585bfdd03305e03bff4d6e7a09