[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug#839278: oathtool: has no secure way to provide a key

From: Simon Josefsson
Subject: Bug#839278: oathtool: has no secure way to provide a key
Date: Sat, 26 Dec 2020 22:17:12 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)

Ilkka Virta <itvirta@gmail.com> writes:

> On Fri, Nov 13, 2020 at 2:06 AM Simon Josefsson via OATH Toolkit general
> discussions <oath-toolkit-help@nongnu.org> wrote:
>> Thank you for the patch -- this makes sense.  I'm not fond of the name
>> 'args-from-files' though.  How about this behaviour: if the supplied
>> strings for KEY and/or OTP contain '/' or '\' the strings are treated as
>> names of files to be read, instead of data strings?  And if the string
>> is '-' stdin is used.
> '@filename' would be somewhat common, I think.

I have pushed Ian's patch, but I dropped his newly introduced
command-line parameter and instead allowed for KEY and OTP parameters to
be - to mean stdin or @filename like you suggested Ilkka.

A string of '-' is not valid hex, base32 or base64, and @filename is not
valid hex, base32 or base64 either.

If someone wants to add support for reading from a numbered file
descriptor, I'm happy to merge that -- how about '*42'?  Just don't pick
a character that is in the base64 alphabet (right now only hex and
base32 are supported, but maybe base64 support will be added in the
future).  The '*' character would work.  Is this useful though?



Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]