diff options
author | Robin Krahl <robin.krahl@ireas.org> | 2018-12-31 00:06:06 +0100 |
---|---|---|
committer | Daniel Mueller <deso@posteo.net> | 2019-01-01 17:14:43 -0800 |
commit | ec298ea1fc7d2339ef44d283644d6ee2ebcd54bd (patch) | |
tree | ae93437a53105bf3075c1812d77970ab4e0fc771 /nitrocli/src/commands.rs | |
parent | cf7218436686ed06852836e79e89971ac4f34c8e (diff) | |
download | nitrocli-ec298ea1fc7d2339ef44d283644d6ee2ebcd54bd.tar.gz nitrocli-ec298ea1fc7d2339ef44d283644d6ee2ebcd54bd.tar.bz2 |
Set the time before generating a TOTP
This patch changes the otp get command to set the Nitrokey's time before
generating a one-time password using the TOTP algorithm. Per default,
it sets the time to the current system time. If the --time option is
set, it uses its value instead. See issue #34 [0] for a discussion of
this change.
[0] https://github.com/d-e-s-o/nitrocli/issues/34
Diffstat (limited to 'nitrocli/src/commands.rs')
-rw-r--r-- | nitrocli/src/commands.rs | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/nitrocli/src/commands.rs b/nitrocli/src/commands.rs index 17426cd..47a955d 100644 --- a/nitrocli/src/commands.rs +++ b/nitrocli/src/commands.rs @@ -19,6 +19,7 @@ use std::fmt; use std::result; +use std::time; use nitrokey::ConfigureOtp; use nitrokey::Device; @@ -338,9 +339,28 @@ fn get_otp<T: GenerateOtp>(slot: u8, algorithm: args::OtpAlgorithm, device: &T) .map_err(|err| get_error("Could not generate OTP", &err)) } +fn get_unix_timestamp() -> Result<u64> { + time::SystemTime::now() + .duration_since(time::UNIX_EPOCH) + .or_else(|_| { + Err(Error::Error( + "Current system time is before the Unix epoch".to_string(), + )) + }) + .map(|duration| duration.as_secs()) +} + /// Generate a one-time password on the Nitrokey device. -pub fn otp_get(slot: u8, algorithm: args::OtpAlgorithm) -> Result<()> { +pub fn otp_get(slot: u8, algorithm: args::OtpAlgorithm, time: Option<u64>) -> Result<()> { let device = get_device()?; + if algorithm == args::OtpAlgorithm::Totp { + device + .set_time(match time { + Some(time) => time, + None => get_unix_timestamp()?, + }) + .map_err(|err| get_error("Could not set time", &err))?; + } let config = device .get_config() .map_err(|err| get_error("Could not get device configuration", &err))?; |