monich / harbour-foilauth Goto Github PK

Just out of curiosity. What hurdles prevent support for sailjail? The shared key/location? The different app data directories? Thx.

I think it would be a nice feature to be able to further export the QR code by sharing or saving as an image.
Do you agree, and would it be something that is possible to add?

My concrete use-case would be printing the codes as offline backups.

Thanks for all your nice apps!

That goes for all your apps.

Cheerio!

Requested by one of the users. That shouldn't be too hard to do with ListView section headers.

Hi, i have been using this program for a while, but my phone recently stopped working
i have backups of everything but i don't know how to decrypt the files and extract the keys

i did compile foil and was able to kind of decrypt the file i am interested in
using the command ./foilmsg -d -f FoilFile -s foil.key -o output.file -v -P "***pass***" -i
the output

[foilmsg] Private key fingerprint: 59:e8...c8:ca
Format: 1
Sender fingerprint:
  Format: 1 (rsa-ssh)
  Data: 16 bytes
    59 e8 86 ... 63 c8 ca
Key format: 3 (AES-256)
Keys:
  1. Fingerprint:
       Format: 1 (rsa-ssh)
       Data: 16 bytes
         59 e8 86 ... 63 c8 ca
     Encryption key: 188 bytes
       cd 7c 35 0a 48 8c 44 7b  78 83 d2 cd d1 a9 51 18
       ...
       15 42 61 ea e2 40 26 ec  16 90 b2 82 7f c3 b9 00

Encrypted data:
  Cipher: 1 (AES-CBC)
  Data: 64 bytes
    dd 20 fa da 62 db 96 d5  f1 1b 3f 67 6f 09 60 74
    ...
    c8 59 f8 04 10 e6 0e fa  6a 57 62 b8 4e 7d 23 ea
Signature:
  Format: 1 (MD5-RSA)
  Data: 188 bytes
    b4 ad e5 1a 28 9e b9 18  82 dc 66 de cd d9 e0 73
    ...
    0f 0d f7 14 98 59 cb 11  5d 13 c2 03 30 1f d4 f2

but i don't know how i can get the key from the output or the output file
it looks like its still encrypted or binary data

I would appreciate it if you could provide me with instructions on how decrypt these files (preferably for Linux)

Those get produced by Google Authenticator 's "Transfer accounts" => "Export accounts" feature and look like this:

Could be a very useful feature..

Hi,

I've experienced this enough times that it seems issue-worthy: On random, let's say every 20th startup or so, Foil Auth hangs the phone/UI/Silica and the screen stops updating its contents. It's also impossible to turn the screen off or on by pressing the power button. It does react to it, since it vibrates when I press it. The only way out of the situation I've found is holding the power key for 8 seconds (?) until the device powers off gracefully (it seems / I hope).

I vaguely remember something about libsailfishsecrets hanging someone and using some Rust implementation of something has fixed the issue for them, but I can't recall anything more and I can't find it again... Do you think this would be a lead to start following?

Thanks for the great application triplet!

hello, your program is amazing and i use it often!
thank you so much for it.

i notice myself drifting away from sailfish to other mobile linux operating systems, like postmarketos, manjaro and maemo-leste.

i'd like to build your program there, but it has sailfish specific components dependencies.

would you release a version which can be run just under any linux?

Was requested by a user and does make sense. When this option is selected, the passwords would only be asked once at the application startup.

Attached QR code cannot be scanned with Foil Auth yet.

-example removed-

On the Jolla 1 running 3.40.24, OTP apps like Foil Auth, SailOTP (and even Android OTP apps) the device cannot confirm the generated codes

Description on https://openrepos.net/content/slava/foil-auth says:

Only time-based (TOTP) passwords are supported in this version.

and https://github.com/monich/harbour-foilauth says:

is an HMAC-based generator of One-Time Passwords

so RFC 6238 (TOTP) vs. RFC 4226 (HOTP).

What implementation does it support?

When you updated yesterday.

Hi, I wonder if SFOS provides a feature to prevent making a screenshot while a applications is open.

The problem is generic and must be supported by the UI layer (IPC/DBUS layer?).

The Android OS seems to provide FLAG_SECURE. Example of the problem:
google/google-authenticator-android#50

So, to protect the auth code. Does SFOS has such flag? Could this be integrated into foilauth?
Any comments on this would be great! Thx.

Hello,

while SailOTP does a good job, I'd like to offer a donation resp. funding share for adding HOTP.
Anybody else willing to support this extension, with code or money?
Existing tokens should be importable from SailOTP.

Thanks

can facilitate to identify the tokens assign a color in addition to the label (see attachment)

HTH
Alessandro

I lost all my token after install Foil Notes app

I choose the same master password for Foil Auth and Foil Notes

I was forced to re-flash my Sailfish device. Before doing so I copied ~/.local/share/foil/foil.key and ~/Documents/FoilAuth directory to my computer. I flashed 4.4 on the device, copied over the files, but FoilAuth is not recognizing that a key is present and it does not recognize my tokens. This process was successful when moving from a Sailfish device to a new device with version 4.3.

How can I get my tokens to show up in Foil?

Dear Sirs,
We are very happy using this application, and we would like to ask for an improvement.
In fact, as we travel, we change the timezone and the TOTP is not working anymore, each time I had to change the date/time of the phone to get a working OTP then switch back to the local time.
Would it be possible to add an option of a timeshift in the application?
Thank you again for the great work
Best regards