Skip to content
/ go-feitian-oath Public
generated from cunicu/skeleton

A Go implementation to manage OATH-TOTP/HOTP and Challenge Response secrets on FEITIANs's tokens

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cunicu/go-feitian-oath

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
.github/workflows
.github/workflows
 
 
LICENSES
LICENSES
 
 
mockdata
mockdata
 
 
.golangci.yaml
.golangci.yaml
 
 
.renovaterc.json
.renovaterc.json
 
 
CODEOWNERS
CODEOWNERS
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
REUSE.toml
REUSE.toml
 
 
calculate.go
calculate.go
 
 
calculate_test.go
calculate_test.go
 
 
card.go
card.go
 
 
card_test.go
card_test.go
 
 
code.go
code.go
 
 
default.go
default.go
 
 
default_test.go
default_test.go
 
 
delete.go
delete.go
 
 
delete_test.go
delete_test.go
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
language.go
language.go
 
 
language_test.go
language_test.go
 
 
list.go
list.go
 
 
list_test.go
list_test.go
 
 
put.go
put.go
 
 
put_test.go
put_test.go
 
 
reset.go
reset.go
 
 
reset_test.go
reset_test.go
 
 
swap.go
swap.go
 
 
swap_test.go
swap_test.go
 
 
vectors_test.go
vectors_test.go
 
 

Repository files navigation

go-feitian-oath: Template repository for Go packages in the cunicu organization

GitHub Workflow Status goreportcard Codecov branch License GitHub go.mod Go version Go Reference

The package go-feitian-oath implements the protocol to manage HOTP, TOTP, challenge/response and static password credentials on FEITIAN FIDO keys. It uses PC/SC over CCID interface to communicate with the smart card.

Features

  • Calculation of
    • Time-based One-time Passwords (TOTP)
    • Hash-based One-time Passwords (HOTP)
    • Challenge Response (HMAC)
    • Static passwords
  • Slot managment
    • Set default
    • Swap
  • Credential management
    • Put
    • List
    • Delete
  • Factory reset of applet

Tested devices

Limitations

The OTP applet of the FEITIAN keys has several limitations in comparison to its competition:

  • It can only store 2 credentials
    • Each of those two credentials can of type TOTP, HOTP, challenge/response or static password
  • It only supports SHA1 and SHA256 hash algorithms
  • Credentials can not be protected with a PIN code
  • Initial counter values for HOTP credentials can not be set

Note: The FEITIAN OTP applet show similarities to Yubico's ykneo-oath applet when it was still open source.

Contact

Please have a look at the contact page: cunicu.li/docs/contact.

License

go-feitian-oath is licensed under the Apache 2.0 license.

About

A Go implementation to manage OATH-TOTP/HOTP and Challenge Response secrets on FEITIANs's tokens

Topics

go golang oath feitian smart-card

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

6 tags

Contributors 2

  •  
  •  

Languages