[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug#839278: oathtool: has no secure way to provide a key
|
From: |
Simon Josefsson |
|
Subject: |
Bug#839278: oathtool: has no secure way to provide a key |
|
Date: |
Sat, 26 Dec 2020 22:17:12 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Ilkka Virta <itvirta@gmail.com> writes:
> On Fri, Nov 13, 2020 at 2:06 AM Simon Josefsson via OATH Toolkit general
> discussions <oath-toolkit-help@nongnu.org> wrote:
>
>> Thank you for the patch -- this makes sense. I'm not fond of the name
>> 'args-from-files' though. How about this behaviour: if the supplied
>> strings for KEY and/or OTP contain '/' or '\' the strings are treated as
>> names of files to be read, instead of data strings? And if the string
>> is '-' stdin is used.
>
> '@filename' would be somewhat common, I think.
I have pushed Ian's patch, but I dropped his newly introduced
command-line parameter and instead allowed for KEY and OTP parameters to
be - to mean stdin or @filename like you suggested Ilkka.
A string of '-' is not valid hex, base32 or base64, and @filename is not
valid hex, base32 or base64 either.
If someone wants to add support for reading from a numbered file
descriptor, I'm happy to merge that -- how about '*42'? Just don't pick
a character that is in the base64 alphabet (right now only hex and
base32 are supported, but maybe base64 support will be added in the
future). The '*' character would work. Is this useful though?
https://gitlab.com/oath-toolkit/oath-toolkit/-/commit/56f28bde2059ebb87fead40fb371168ee44d840c
/Simon
signature.asc
Description: PGP signature
- Bug#839278: oathtool: has no secure way to provide a key,
Simon Josefsson <=