With this change token secrets are encrypted prior to writing them to storage, and decrypted as and when needed to generate tokens. Additional validation is performed to verify that token secrets can be decrypted successfully when loading accounts from storage. With this change issue #6 should finally be resolved. |
||
---|---|---|
.reuse | ||
LICENSES | ||
android | ||
autotests | ||
cmake | ||
src | ||
.gitignore | ||
.gitlab-ci.yml | ||
CMakeLists.txt | ||
COPYING | ||
CTestConfig.cmake | ||
Messages.sh | ||
README.md | ||
keysmith.svg | ||
org.kde.keysmith.appdata.xml | ||
org.kde.keysmith.desktop | ||
org.kde.keysmith.json | ||
org.kde.keysmith.json.license |
README.md
Keysmith
It uses the oath-toolkit provided library liboath to generate the 2FA codes, both TOTP and HOTP based. Currently it is largely untested. From initial rough testing it seems that auto-refreshing of code is not working. Also button to refresh token for HOTP is also dummy at moment.
Some todo items include,
- QR code scanning
- Backup and Restore of accounts
This code is largely based on the authenticator-ng application by the Rodney Dawes and Michael Zanetti for the Ubuntu Touch.