Nothing ever lasts forever...

• OTP
  • Cybersecurity Piscine - ft_otp
  • Table of Contents
  • Implementation Details
    • Overview
    • Features
    • Usage
    • Example
    • Error Handling
    • Dependencies
    • Notes

The provided Python script implements a TOTP (Time-based One-Time Password) generator with encryption and decryption capabilities. It supports two main functionalities:

1. Encrypting a 64-character hexadecimal key and securely storing it in a file.
2. Generating a TOTP using the stored key.

• Hexadecimal Key Validation: Ensures the provided key is a valid 64-character hexadecimal string.
• Encryption: Uses the cryptography library to encrypt the key securely.
• Decryption: Validates the encryption key and decrypts the stored file.
• TOTP Generation: Implements the HOTP algorithm as per RFC 4226 and generates time-based OTPs.

The script accepts the following arguments:

• -g <key.hex>: Encrypts the provided hexadecimal key and stores it in ft_otp.key.

• -k <encrypted_file>: Decrypts the stored key and generates TOTPs.

# Encrypt a hexadecimal key
python3 otp-generator.py -g key.hex
#Encrypting your 64 hexa password in key.hex

# Generate TOTPs using the encrypted key
python3 otp-generator.py -k ft_otp.key
#Decrypting your 64 hexa password in ft_otp.key

• Invalid hexadecimal keys raise a ValueError.
• Invalid encryption keys result in decryption failure with an appropriate error message.
• The script handles user interruptions gracefully.

• cryptography: For encryption and decryption.
• scanf: For user input parsing.
• Standard Python libraries: sys, hmac, base64, struct, hashlib, time.

• The script ensures that the generated OTPs are 6 digits long.
• The encryption key is generated dynamically and must be stored securely by the user.
• The TOTP remains valid for 30 seconds, as per the standard.

oathtool --totp $(cat key.hex | tr -d ' \t\n\r')