From 10fcd3a946a270fc6d111252b2de08dcd625a2b8 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Wed, 14 Feb 2018 11:12:45 +0100
Subject: Initial commit with support for OTP generation

---
 TODO.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 TODO.md

(limited to 'TODO.md')

diff --git a/TODO.md b/TODO.md
new file mode 100644
index 0000000..19d1eb7
--- /dev/null
+++ b/TODO.md
@@ -0,0 +1,12 @@
+- Decide what we want to do if passwords are too long:  truncate, fail
+  silently, fail with error message (current solution).  Affects
+  `read_user_password` and `read_password` in `nkotp.c`.
+- Consider moving some constants to `libnitrokey`, especially the maximum
+  password lengths and the number of HOTP and TOTP slots.
+- Find out the appropriate values to pass to `NK_get_totp_code` and
+  `NK_get_totp_code_PIN`.  Affects `otp_generate` and `otp_generate_password`
+  in `nkotp.c`.
+- Use a better seed than the current time stamp for the generation of the
+  temporary password (`generate_tmp_password` in `nkotp.c`).  Consider
+  switching to a better random number generator in the first place
+  (`getrandom` for Linux).
-- 
cgit v1.2.1