From 10fcd3a946a270fc6d111252b2de08dcd625a2b8 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Wed, 14 Feb 2018 11:12:45 +0100
Subject: Initial commit with support for OTP generation

---
 .gitignore  |   4 +
 LICENSE     |  21 +++
 Makefile    |  32 +++++
 README.md   |  49 +++++++
 TODO.md     |  12 ++
 config.mk   |  18 +++
 nkotp.1.pod | 141 ++++++++++++++++++++
 nkotp.c     | 331 +++++++++++++++++++++++++++++++++++++++++++++
 options.c   | 436 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 options.h   |  44 ++++++
 10 files changed, 1088 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 LICENSE
 create mode 100644 Makefile
 create mode 100644 README.md
 create mode 100644 TODO.md
 create mode 100644 config.mk
 create mode 100644 nkotp.1.pod
 create mode 100644 nkotp.c
 create mode 100644 options.c
 create mode 100644 options.h

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..5cdb1cb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/nkotp.1
+/nkotp.1.html
+/pod2htmd.tmp
+*.o
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..1a3601d
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Robin Krahl <robin.krahl@ireas.org>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..2d5b6c8
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,32 @@
+include config.mk
+
+VERSION := $(VERSION_MAJOR).$(VERSION_MINOR).$(VERSION_PATCH)
+
+CPPFLAGS += -DNKOTP_VERSION_MAJOR=$(VERSION_MAJOR) \
+	    -DNKOTP_VERSION_MINOR=$(VERSION_MINOR) \
+	    -DNKOTP_VERSION_PATCH=$(VERSION_PATCH) \
+	    -DNKOTP_VERSION=\"$(VERSION)\"
+CPPFLAGS += $(CPPFLAGS_CONFUSE)
+CPPFLAGS += $(CPPFLAGS_NITROKEY)
+LDFLAGS += $(LDFLAGS_CONFUSE)
+LDFLAGS += $(LDFLAGS_NITROKEY)
+
+P2MFLAGS += --release=$(VERSION)
+
+OBJECTS := nkotp.o options.o
+TARGETS := nkotp nkotp.1 nkotp.1.html
+
+.PHONY: all clean
+
+all: $(TARGETS)
+
+clean:
+	rm -f $(OBJECTS) $(TARGETS) pod2htmd.tmp
+
+nkotp: $(OBJECTS)
+
+nkotp.1: nkotp.1.pod
+	pod2man $(P2MFLAGS) $^ > $@
+
+nkotp.1.html: nkotp.1.pod
+	pod2html $(P2HFLAGS) $^ > $@
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..83792d7
--- /dev/null
+++ b/README.md
@@ -0,0 +1,49 @@
+# nkotp -- one-time password generator for Nitrokey devices on the command line
+
+`nkotp` provides access to the one-time password (OTP) generator on
+[Nitrokey][nk] devices on the command line.  Both the Nitrokey Pro and the
+Nitrokey Storage support the generation of one-time passwords based on the
+[HOTP][hotp] and [TOTP][totp] algorithms.  `nkotp` uses [`libnitrokey`][libnk]
+to configure the OTP slots and generate OTPs on a Nitrokey device.
+
+## Dependencies
+
+`nkotp` requires a POSIX-compliant operating system such as Linux or macOS.
+
+### Runtime dependencies
+
+- `libc` with `getopt_long` support
+- [`libconfuse`][libconfuse] v3.0.0 or later
+- [`libnitrokey`][libnk] v3.0 or later
+
+### Additional build dependencies
+
+- `gcc` or any other C99 compiler
+- GNU `make`
+- `pod2html`, `pod2man` (usually distributed with `perl`)
+
+## Compilation
+
+Build `nkotp` with `make`.  You can configure the build in `config.mk` if you
+have non-standard library paths or compiler flags.
+
+## Usage
+
+For usage information, consult the man page [`nkotp(1)`][man].
+
+## Bugs and hacking
+
+If you encouter a bug or if you want to contribute to nkotp, please send an
+email to [nkotp-dev@ireas.org][nkotp-dev].
+
+## License
+
+This program is published under the terms of the MIT/X11 license (see LICENSE).
+
+[nk]: https://www.nitrokey.com/
+[hotp]: https://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm
+[totp]: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
+[libconfuse]: https://github.com/martinh/libconfuse
+[libnk]: https://github.com/Nitrokey/libnitrokey
+[man]: https://code.ireas.org/nkotp/doc/
+[nkotp-dev]: mailto:nkotp-dev@ireas.org
diff --git a/TODO.md b/TODO.md
new file mode 100644
index 0000000..19d1eb7
--- /dev/null
+++ b/TODO.md
@@ -0,0 +1,12 @@
+- Decide what we want to do if passwords are too long:  truncate, fail
+  silently, fail with error message (current solution).  Affects
+  `read_user_password` and `read_password` in `nkotp.c`.
+- Consider moving some constants to `libnitrokey`, especially the maximum
+  password lengths and the number of HOTP and TOTP slots.
+- Find out the appropriate values to pass to `NK_get_totp_code` and
+  `NK_get_totp_code_PIN`.  Affects `otp_generate` and `otp_generate_password`
+  in `nkotp.c`.
+- Use a better seed than the current time stamp for the generation of the
+  temporary password (`generate_tmp_password` in `nkotp.c`).  Consider
+  switching to a better random number generator in the first place
+  (`getrandom` for Linux).
diff --git a/config.mk b/config.mk
new file mode 100644
index 0000000..549bac5
--- /dev/null
+++ b/config.mk
@@ -0,0 +1,18 @@
+# Version information
+VERSION_MAJOR := 0
+VERSION_MINOR := 0
+VERSION_PATCH := 1
+
+# Dependencies
+CPPFLAGS_CONFUSE :=
+CPPFLAGS_NITROKEY :=
+LDFLAGS_CONFUSE := -lconfuse
+LDFLAGS_NITROKEY := -lnitrokey
+
+# Compiler flags
+CFLAGS += -std=c99 -pedantic -Wall
+CPPFLAGS += -D_XOPEN_SOURCE=700 -D_GNU_SOURCE
+
+# Man page generation
+P2MFLAGS += --section=1 --center=nkotp --name=NKOTP
+P2HFLAGS += --noindex --title="nkotp(1)"
diff --git a/nkotp.1.pod b/nkotp.1.pod
new file mode 100644
index 0000000..875042e
--- /dev/null
+++ b/nkotp.1.pod
@@ -0,0 +1,141 @@
+=head1 NAME
+
+nkotp - one-time password generator for Nitrokey devices
+
+=head1 SYNOPSIS
+
+B<nkotp>
+S<[B<-a> I<algorithm>]>
+S<[B<-c> I<file>]>
+S<[B<-m> I<model>]>
+S<[B<-s> I<slot>]>
+S<B<-g> | B<-h> | B<-v>>
+
+=head1 DESCRIPTION
+
+B<nkotp> provides access to the one-time password (OTP) generator on Nitrokey
+devices.  Currently, B<nkotp> only supports the generation of OTPs.
+
+If an action requires the user password, it is prompted from the standard
+input or read from the environment variable B<NKOTP_USER_PASSWORD> (if set).
+
+=head1 OPTIONS
+
+=head2 General options
+
+=over
+
+=item B<-a> I<algorithm>, B<--algorithm> I<algorithm>
+
+Set the algorithm to use for one-time password operations.  I<algorithm> can be
+B<h> for HOTP and B<t> for TOTP (default).
+
+=item B<-c> I<file>, B<--config> I<file>
+
+Read the configuration from I<file>.  See the B<FILES> section for the default
+configuration files.
+
+=item B<-m> I<model>, B<--model> I<model>
+
+Set the Nitrokey model to connect to.  I<model> can be B<p> for a Nitrokey Pro,
+B<s> for a Nitrokey Storage and B<a> for automatic selection (default).
+
+=item B<-s> I<slot>, B<--slot> I<slot>
+
+Set the slot to use for one-time password operations.  The available slots
+depend on the OTP algorithm (see B<--algorithm>).  Currently, Nitrokey devices
+provide three HOTP and 15 TOTP slots.  The slot numbering starts at one.  The
+default value for this option is one.
+
+=back
+
+=head2 Modes of operation
+
+=over
+
+=item B<-g>, B<--generate>
+
+Generate a one-time password on the Nitrokey device and output it.  The OTP
+algorithm is set with the B<--algorithm> option.  The OTP slot on the Nitrokey
+device is set with the B<--slot> option.
+
+=item B<-h>, B<--help>
+
+Print a help message and exit.
+
+=item B<-v>, B<--version>
+
+Print version information and exit.
+
+=back
+
+=head1 CONFIGURATION
+
+B<nkotp> can read default values for the command-line options from a
+configuration file.  See the B<FILES> section for more information on the
+possible locations for the configuration file.
+
+The configuration file may assign values to the following options:
+
+=over
+
+=item B<algorithm>
+
+=item B<device>
+
+=item B<slot>
+
+=back
+
+Each option corresponds to the command-line option with the same name.  Values
+set in the configuration file take precedence over environment variables.
+
+The configuration file should contain one assignment per line.  Assignments
+have the form C<option = value>.  String values must be enclosed in quotes.
+Use the C<#> character for comments.
+
+A valid configuration file could have the following content:
+
+	# configuration example
+	algorithm = "t"
+	slot = 3
+
+=head1 ENVIRONMENT
+
+=over
+
+=item B<NKOTP_ALGORITHM>
+
+=item B<NKOTP_CONFIG>
+
+=item B<NKOTP_DEVICE>
+
+=item B<NKOTP_SLOT>
+
+If these environment variables are set, they override the default value for
+the corresponding command-line option.  Values that are set in the
+configuration file take precedence over environment variables.
+
+=item B<NKOTP_USER_PASSWORD>
+
+If an action requires the user password, it is read from this environment
+variable (if set).
+
+=back
+
+=head1 FILES
+
+=over
+
+=item B<${XDG_CONFIG_HOME}/nkotp/config>
+
+User configuration file.  If the environment variable B<XDG_CONFIG_HOME> is
+not set, B<${HOME}/.config> is used instead.  A different configuration file
+can be set with the B<NKOTP_CONFIG> environment variable or the B<--config>
+option.
+
+=back
+
+=head1 AUTHOR
+
+Robin Krahl E<lt>robin.krahl@ireas.orgE<gt>
diff --git a/nkotp.c b/nkotp.c
new file mode 100644
index 0000000..2c8e251
--- /dev/null
+++ b/nkotp.c
@@ -0,0 +1,331 @@
+/*
+ * Copyright (c) 2018 Robin Krahl <robin.krahl@ireas.org>
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+#include <stdbool.h> /* libnitrokey needs stdbool.h */
+#include <libnitrokey/NK_C_API.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <termios.h>
+#include <time.h>
+
+#include "options.h"
+
+static const size_t MAX_PWLEN = 25;
+static const size_t MAX_TMP_PWLEN = 25;
+
+/* operation modes */
+static int mod_generate(struct options *options);
+
+/* device communication */
+static int authenticate_user(char *tmp_pw, size_t len);
+static int connect(enum model model);
+static int otp_needs_password(void);
+static int otp_generate(enum algorithm alg, unsigned int slot,
+		const char **otp);
+static int otp_generate_password(enum algorithm alg, unsigned int slot,
+		const char **otp);
+
+/* helpers */
+static int generate_tmp_password(char *tmp_pw, size_t len);
+static int read_user_password(char *pw, size_t len);
+static int read_password(const char *prompt, char *pw, size_t len,
+		FILE *stream);
+static int read_password_line(char *pw, size_t len, FILE *stream);
+
+int main(int argc, char **argv)
+{
+	int err;
+	struct options options = {0};
+
+	err = parse_options(argc, argv, &options);
+	if (err > 0)
+		goto cleanup;
+
+	switch (options.mode) {
+	case MODE_GENERATE:
+		err = mod_generate(&options);
+		break;
+	case MODE_NONE:
+		break;
+	}
+
+cleanup:
+	free_options(&options);
+
+	return err;
+}
+
+static int mod_generate(struct options *options)
+{
+	int err = 0;
+	const char *otp = NULL;
+	
+	err = connect(options->model);
+	if (err)
+		return err;
+
+	if (otp_needs_password())
+		err = otp_generate_password(options->alg, options->slot, &otp);
+	else
+		err = otp_generate(options->alg, options->slot, &otp);
+
+	if (!err)
+		printf("%s\n", otp);
+
+	free((char *) otp);
+
+	return err;
+}
+
+static int authenticate_user(char *tmp_pw, size_t len)
+{
+	int err = 0;
+	char pw[MAX_PWLEN];
+
+	err = read_user_password(pw, MAX_PWLEN);
+	if (err)
+		return err;
+
+	err = generate_tmp_password(tmp_pw, len);
+	if (err)
+		goto cleanup;
+
+	err = NK_user_authenticate(pw, tmp_pw);
+	if (err) {
+		memset(tmp_pw, 0, len);
+		fprintf(stderr, "User authentication failed.\n");
+	}
+
+cleanup:
+	memset(pw, 0, MAX_PWLEN);
+
+	return err;
+}
+
+static int connect(enum model model)
+{
+	int nk_err = 0;
+
+	switch (model) {
+	case MODEL_AUTO:
+		printf("Trying to connect in automatic mode ...\n");
+		nk_err = NK_login_auto();
+		break;
+	case MODEL_PRO:
+		printf("Trying to connect to a Nitrokey Pro ...\n");
+		nk_err = NK_login("P");
+		break;
+	case MODEL_STORAGE:
+		printf("Trying to connect to a Nitrokey Storage ...\n");
+		nk_err = NK_login("S");
+		break;
+	case MODEL_DEFAULT:
+	default:
+		fprintf(stderr, "Programming error: invalid model.\n");
+		return 1;
+	}
+
+	if (nk_err == 0) {
+		fprintf(stderr, "Could not connect to the Nitrokey device.\n");
+		return 1;
+	}
+
+	printf("successfully connected.\n");
+
+	return 0;
+}
+
+static int otp_needs_password(void)
+{
+	/*
+	 * config = {numlock, capslock, scrollock, enable_user_password,
+	 *           disable_user_password}
+	 */
+	const uint8_t *config = NK_read_config();
+	return config[3];
+}
+
+static int otp_generate(enum algorithm alg, unsigned int slot,
+		const char **otp)
+{
+	int err = 0;
+
+	*otp = NULL;
+	switch (alg) {
+	case ALGORITHM_HOTP:
+		if (slot < 1 || slot > MAX_SLOT_HOTP) {
+			fprintf(stderr, "Programming error: invalid slot.\n");
+			err = 1;
+		} else {
+			*otp = NK_get_hotp_code(slot);
+		}
+		break;
+	case ALGORITHM_TOTP:
+		if (slot < 1 || slot > MAX_SLOT_TOTP) {
+			fprintf(stderr, "Programming error: invalid slot.\n");
+			err = 1;
+		} else {
+			/* TODO: pass appropriate values */
+			*otp = NK_get_totp_code(slot, 0, 0, 0);
+		}
+		break;
+	default:
+		fprintf(stderr, "Programming error: invalid algorithm.\n");
+		err = 1;
+	}
+
+	return err;
+}
+
+static int otp_generate_password(enum algorithm alg, unsigned int slot,
+		const char **otp)
+{
+	int err = 0;
+	char tmp_pw[MAX_TMP_PWLEN];
+
+	err = authenticate_user(tmp_pw, MAX_TMP_PWLEN);
+	if (err)
+		return err;
+
+	*otp = NULL;
+	switch (alg) {
+	case ALGORITHM_HOTP:
+		if (slot < 1 || slot > MAX_SLOT_HOTP) {
+			fprintf(stderr, "Programming error: invalid slot.\n");
+			err = 1;
+		} else {
+			*otp = NK_get_hotp_code_PIN(slot, tmp_pw);
+		}
+		break;
+	case ALGORITHM_TOTP:
+		if (slot < 1 || slot > MAX_SLOT_TOTP) {
+			fprintf(stderr, "Programming error: invalid slot.\n");
+			err = 1;
+		} else {
+			/* TODO: pass appropriate values */
+			*otp = NK_get_totp_code_PIN(slot, 0, 0, 0, tmp_pw);
+		}
+		break;
+	default:
+		fprintf(stderr, "Programming error: invalid algorithm.\n");
+		err = 1;
+	}
+
+	memset(tmp_pw, 0, MAX_TMP_PWLEN);
+
+	return err;
+}
+
+static int generate_tmp_password(char *tmp_pw, size_t len)
+{
+	static const char *charset = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmn"
+		"opqrstuvwxyz0123456789";
+	size_t charset_len = strlen(charset);
+
+	/* TODO: use a better seed, maybe even a better generator */
+	srandom(time(NULL));
+
+	for (size_t i = 0; i < len - 1; i++) {
+		size_t j = random() / (RAND_MAX / charset_len);
+		tmp_pw[i] = charset[j];
+	}
+	tmp_pw[len - 1] = '\0';
+
+	return 0;
+}
+
+static int read_user_password(char *pw, size_t len)
+{
+	int err = 0;
+	char *env = NULL;
+
+	env = getenv("NKOTP_USER_PASSWORD");
+	if (env) {
+		/* TODO: rethink policy for overlong password inputs */
+		strncpy(pw, env, len);
+		if (pw[len - 1] != '\0') {
+			memset(pw, 0, len);
+			fprintf(stderr, "The user password is too long.\n");
+			err = 1;
+		}
+	} else {
+		err = read_password("User password: ", pw, len, stdin);
+	}
+
+	return err;
+}
+
+static int read_password(const char *prompt, char *pw, size_t len,
+		FILE *stream)
+{
+	int err = 0;
+	struct termios old, new;
+
+	/* get and store current terminal state */
+	err = tcgetattr(fileno(stdin), &old);
+	if (err)
+		goto cleanup;
+
+	/* surpress echo for password input */
+	new = old;
+	new.c_lflag &= ~ECHO;
+	err = tcsetattr(fileno(stdin), TCSAFLUSH, &new);
+	if (err)
+		goto cleanup;
+
+	printf(prompt);
+	fflush(stdout);
+
+	/* TODO: rethink policy for overlong password inputs */
+	err = read_password_line(pw, len, stream);
+
+	/* reset terminal state */
+	tcsetattr(fileno(stdin), TCSAFLUSH, &old);
+
+cleanup:
+	if (err)
+		fprintf(stderr, "Could not read password.  Aborting.\n");
+
+	return err;
+}
+
+static int read_password_line(char *pw, size_t len, FILE *stream)
+{
+	int err = 0;
+	char *line = NULL;
+	size_t n = 0;
+	int nread = 0;
+
+	nread = getline(&line, &n, stdin);
+	/* no echo, so manually print the newline before doing anything */
+	printf("\n");
+	if (nread < 0) {
+		fprintf(stderr, "Could not read user input.\n");
+		err = 1;
+		goto cleanup;
+	}
+	if (nread == 0) {
+		fprintf(stderr, "Empty password provided.  Aborting.\n");
+		err = 1;
+		goto cleanup;
+	}
+	line[nread - 1] = '\0';
+
+	/* TODO: rethink policy for overlong password inputs */
+	strncpy(pw, line, len);
+	if (pw[len - 1] != '\0') {
+		memset(pw, 0, len);
+		fprintf(stderr, "The user password is too long.\n");
+		err = 1;
+	}
+
+cleanup:
+	free(line);
+
+	return err;
+}
diff --git a/options.c b/options.c
new file mode 100644
index 0000000..3f82560
--- /dev/null
+++ b/options.c
@@ -0,0 +1,436 @@
+/*
+ * Copyright (c) 2018 Robin Krahl <robin.krahl@ireas.org>
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+#include "options.h"
+
+#include <confuse.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+static cfg_opt_t cfg_opts[] = {
+	CFG_STR("algorithm", NULL, CFGF_NONE),
+	CFG_STR("model", NULL, CFGF_NONE),
+	CFG_INT("slot", 0, CFGF_NONE),
+	CFG_END()
+};
+
+static const char *optstr = "a:c:m:s:ghv";
+static struct option long_options[] = {
+	{"algorithm", required_argument, 0, 'a'},
+	{"config",    required_argument, 0, 'c'},
+	{"model",     required_argument, 0, 'm'},
+	{"slot",      required_argument, 0, 's'},
+	{"generate",  no_argument,       0, 'g'},
+	{"help",      no_argument,       0, 'h'},
+	{"version",   no_argument,       0, 'v'},
+	{0}
+};
+
+static const char *DESCRIPTION =
+"nkotp -- one-time password generator for Nitrokey devices\n";
+static const char *USAGE =
+"Usage:  nkotp [options] --generate | --help | --version\n";
+static const char *OPTIONS_GENERAL = "General options:\n"
+"    -a algorithm, --algorithm algorithm\n"
+"        set the OTP algorithm ('h' for HTOP, 't' for TOPT, default: 't')\n"
+"    -c file, --config file\n"
+"        set the configuration file\n"
+"    -m model, --model model\n"
+"        set the model to connect to ('a' for automatic, 'p' for Nitrokey\n"
+"        Pro, 's' for Nitrokey Storage, default: 'a')\n"
+"    -s slot, --slot slot\n"
+"        set the OTP slot (default: 1)\n";
+static const char *OPTIONS_MODES = "Modes of operation:\n"
+"    -g, --generate\n"
+"        generate a one-time password\n"
+"    -h, --help\n"
+"        print this help message\n"
+"    -v, --version\n"
+"        print version information\n";
+
+static const char *ERRMSG_ALGORITHM = "Unsupported algorithm '%s'.  Supported "
+"values are 'h' (HTOP) and 't' (TOTP).\n";
+static const char *ERRMSG_MODEL = "Unsupported model '%s'.  Supported values "
+"are 'a' (automatic), 'p' (Nitrokey Pro) and 's' (Nitrokey Storage).\n";
+
+/* parse options from cli, config file or environment variables */
+static int parse_options_cli(int argc, char **argv, struct options *options);
+static int parse_options_config(struct options *options);
+static int parse_options_env(struct options *options);
+
+/* print help, usage or version messages */
+static void print_help(void);
+static void print_usage(void);
+static void print_version(void);
+
+/* set options */
+static int set_algorithm(struct options *options, const char *arg);
+static int set_config(struct options *options, const char *arg);
+static int set_mode(struct options *options, enum mode mode);
+static int set_model(struct options *options, const char *arg);
+static int set_slot(struct options *options, int arg);
+
+/* helpers */
+static char *get_home(void);
+static char *get_xdg_config_home(void);
+static char *get_default_config_file(void);
+
+int parse_options(int argc, char **argv, struct options *options)
+{
+	int err = 0;
+	
+	if (!options)
+		return 1;
+
+	*options = (struct options) {0};
+
+	err = parse_options_cli(argc, argv, options);
+	if (!err)
+		err = parse_options_config(options);
+	if (!err)
+		err = parse_options_env(options);
+
+	/* set defaults */
+	if (options->alg == ALGORITHM_DEFAULT)
+		options->alg = ALGORITHM_TOTP;
+	if (options->model == MODEL_DEFAULT)
+		options->model = MODEL_AUTO;
+	if (options->slot == 0)
+		options->slot = 1;
+
+	/* check consistency */
+	if (options->slot < 0) {
+		fprintf(stderr, "The OTP slot must be positive!\n");
+		err = 1;
+	}
+	switch (options->alg) {
+	case ALGORITHM_HOTP:
+		if (options->slot > MAX_SLOT_HOTP) {
+			fprintf(stderr, "Nitrokey only supports %lu HOTP "
+					"slots.\n", MAX_SLOT_HOTP);
+			err = 1;
+		}
+		break;
+	case ALGORITHM_TOTP:
+		if (options->slot > MAX_SLOT_TOTP) {
+			fprintf(stderr, "Nitrokey only supports %lu TOTP "
+					"slots.\n", MAX_SLOT_TOTP);
+			err = 1;
+		}
+		break;
+	case ALGORITHM_DEFAULT:
+	default:
+		fprintf(stderr, "Programming error: invalid algorithm.\n");
+		err = 1;
+	}
+	
+	return err;
+}
+
+void free_options(struct options *options)
+{
+	if (!options)
+		return;
+
+	if (options->cfg_file)
+		free(options->cfg_file);
+}
+
+static int parse_options_cli(int argc, char **argv, struct options *options)
+{
+	int err = 0;
+	int c;
+
+	while ((c = getopt_long(argc, argv, optstr, long_options, NULL))
+			!= -1 && !err) {
+		switch (c) {
+		case 'a':
+			err = set_algorithm(options, optarg);
+			break;
+		case 'c':
+			err = set_config(options, optarg);
+			break;
+		case 'g':
+			err = set_mode(options, MODE_GENERATE);
+			break;
+		case 'h':
+			print_help();
+			return 0;
+		case 'm':
+			err = set_model(options, optarg);
+			break;
+		case 's':
+			err = set_slot(options, atoi(optarg));
+			break;
+		case 'v':
+			print_version();
+			return 0;
+		case '?':
+			print_usage();
+			return 1;
+		default:
+			fprintf(stderr, "Unexpected character code 0%o "
+					"returned by getopt.\n", c);
+			return 1;
+		}
+	}
+
+	if (!err) {
+		if (optind < argc || options->mode == MODE_NONE) {
+			print_usage();
+			err = 1;
+		}
+	}
+
+	return err;
+}
+
+static int parse_options_config(struct options *options)
+{
+	/* try to read config file from environment */
+	if (!options->cfg_file) {
+		char *env = getenv("NKOTP_CONFIG");
+		if (env)
+			options->cfg_file = strdup(env);
+	}
+
+	/* try to use the default config file */
+	if (!options->cfg_file) {
+		char *def_cfg_file = get_default_config_file();
+		if (def_cfg_file) {
+			struct stat s;
+			if (stat(def_cfg_file, &s) == 0) {
+				options->cfg_file = def_cfg_file;
+			} else {
+				free(def_cfg_file);
+			}
+		}
+	}
+
+	/* stop if no config file has been set */
+	if (!options->cfg_file)
+		return 0;
+
+	/* read config file */
+	int err = 0;
+	cfg_t *cfg = cfg_init(cfg_opts, CFGF_NONE);
+	if (cfg_parse(cfg, options->cfg_file) == CFG_PARSE_ERROR) {
+		err = 1;
+		goto cleanup;
+	}
+
+	if (options->alg == ALGORITHM_DEFAULT) {
+		char *val = cfg_getstr(cfg, "algorithm");
+		if (val)
+			err |= set_algorithm(options, val);
+	}
+
+	if (options->model == MODEL_DEFAULT) {
+		char *val = cfg_getstr(cfg, "model");
+		if (val)
+			err |= set_model(options, val);
+	}
+
+	if (options->slot == 0) {
+		int val = cfg_getint(cfg, "slot");
+		if (val)
+			err |= set_slot(options, val);
+	}
+
+cleanup:
+	cfg_free(cfg);
+	return err;
+}
+
+static int parse_options_env(struct options *options)
+{
+	int err = 0;
+	char *env;
+
+	if (options->alg == ALGORITHM_DEFAULT) {
+		env = getenv("NKOTP_ALGORITHM");
+		if (env)
+			err |= set_algorithm(options, env);
+	}
+
+	if (options->model == MODEL_DEFAULT) {
+		env = getenv("NKOTP_MODEL");
+		if (env)
+			err |= set_model(options, env);
+	}
+
+	if (options->slot == 0) {
+		env = getenv("NKOTP_SLOT");
+		if (env)
+			err |= set_slot(options, atoi(env));
+	}
+
+	return 0;
+}
+
+static void print_help(void)
+{
+	printf(DESCRIPTION);
+	printf("\n");
+	printf(USAGE);
+	printf("\n");
+	printf(OPTIONS_GENERAL);
+	printf("\n");
+	printf(OPTIONS_MODES);
+}
+
+static void print_usage(void)
+{
+	fprintf(stderr, USAGE);
+}
+
+static void print_version(void)
+{
+	printf("nkotp v" NKOTP_VERSION "\n");
+}
+
+static int set_algorithm(struct options *options, const char *arg)
+{
+	if (strlen(arg) != 1) {
+		fprintf(stderr, ERRMSG_ALGORITHM, arg);
+		return 1;
+	}
+
+	switch (arg[0]) {
+	case 'h':
+		options->alg = ALGORITHM_HOTP;
+		break;
+	case 't':
+		options->alg = ALGORITHM_TOTP;
+		break;
+	default:
+		fprintf(stderr, ERRMSG_ALGORITHM, arg);
+		return 1;
+	}
+
+	return 0;
+}
+
+static int set_config(struct options *options, const char *arg)
+{
+	options->cfg_file = strdup(arg);
+	if (!options->cfg_file) {
+		fprintf(stderr, "Out of memory.\n");
+		return 1;
+	}
+	return 0;
+}
+
+static int set_mode(struct options *options, enum mode mode)
+{
+	if (options->mode != MODE_NONE) {
+		fprintf(stderr, "You may only set one mode of operation.\n");
+		return 1;
+	}
+	options->mode = mode;
+	return 0;
+}
+
+static int set_model(struct options *options, const char *arg)
+{
+	if (strlen(arg) != 1) {
+		fprintf(stderr, ERRMSG_MODEL, arg);
+		return 1;
+	}
+
+	switch (arg[0]) {
+	case 'a':
+		options->model = MODEL_AUTO;
+		break;
+	case 's':
+		options->model = MODEL_STORAGE;
+		break;
+	case 'p':
+		options->model = MODEL_PRO;
+		break;
+	default:
+		fprintf(stderr, ERRMSG_MODEL, arg);
+		return 1;
+	}
+
+	return 0;
+}
+
+static int set_slot(struct options *options, int arg)
+{
+	if (arg <= 0) {
+		fprintf(stderr, "The slot must be positive.\n");
+		return 1;
+	}
+	options->slot = arg;
+	return 0;
+}
+
+static char *get_home(void)
+{
+	char *env = getenv("HOME");
+	if (env)
+		return strdup(env);
+
+	struct passwd *pw = getpwuid(getuid());
+	return strdup(pw->pw_dir);
+}
+
+static char *get_xdg_config_home(void)
+{
+	char *env = getenv("XDG_CONFIG_HOME");
+	if (env)
+		return strdup(env);
+
+	char *home = get_home();
+	char *path = NULL;
+	if (home) {
+		int len = snprintf(NULL, 0, "%s/.config", home) + 1;
+		if (len <= 0)
+			goto cleanup;
+
+		path = calloc(sizeof *path, len);
+		if (!path)
+			goto cleanup;
+		if (snprintf(path, len, "%s/.config", home) + 1 != len) {
+			free(path);
+			path = NULL;
+		}
+	}
+
+cleanup:
+	free(home);
+	return path;
+}
+
+static char *get_default_config_file(void)
+{
+	char *config_home = get_xdg_config_home();
+	if (!config_home)
+		return NULL;
+
+	char *file = NULL;
+	int len = snprintf(NULL, 0, "%s/nkotp/config", config_home) + 1;
+	if (len <= 0)
+		goto cleanup;
+
+	file = calloc(sizeof *file, len);
+	if (!file)
+		goto cleanup;
+	if (snprintf(file, len, "%s/nkotp/config", config_home) + 1 != len) {
+		free(file);
+		file = NULL;
+	}
+
+cleanup:
+	free(config_home);
+	return file;
+}
diff --git a/options.h b/options.h
new file mode 100644
index 0000000..828c680
--- /dev/null
+++ b/options.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2018 Robin Krahl <robin.krahl@ireas.org>
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+#ifndef NKOTP_OPTIONS_H
+#define NKOTP_OPTIONS_H
+
+#include <stddef.h>
+
+enum mode {
+	MODE_NONE,
+	MODE_GENERATE
+};
+
+enum algorithm {
+	ALGORITHM_DEFAULT,
+	ALGORITHM_HOTP,
+	ALGORITHM_TOTP
+};
+
+enum model {
+	MODEL_DEFAULT,
+	MODEL_AUTO,
+	MODEL_PRO,
+	MODEL_STORAGE
+};
+
+struct options {
+	enum algorithm alg;
+	char *cfg_file;
+	char model;
+	int slot;
+	enum mode mode;
+};
+
+static const size_t MAX_SLOT_HOTP = 3;
+static const size_t MAX_SLOT_TOTP = 15;
+
+int parse_options(int argc, char **argv, struct options *options);
+void free_options(struct options *options);
+
+#endif
-- 
cgit v1.2.3