1 unstable release

new 0.2.0	Oct 30, 2024

#824 in Parser implementations

137 downloads per month

GPL-3.0-only

71KB
733 lines

aegisvault 0.2.0

Convert otpauth URI file to Encrypted Aegis vault JSON file

Documentation for the Aegis vault format can be found here
The codebase was initially imported from the Gnome Authenticator project.
This repo is after https://github.com/louib/aegis-vault-rs
The Encrypted Aegis vault JSON files produced are Vault version 1, Database version 2. (Database version 3 is used too, but importing version 2 is still supported.)
The included decrypt.py is from: https://github.com/beemdevelopment/Aegis/raw/refs/heads/master/docs/decrypt.py

Install

Install standalone single-binary

wget https://github.com/pepa65/argisvault/releases/download/0.2.0/aegisvault
sudo mv aegisvault /usr/local/bin
sudo chown root:root /usr/local/bin/aegisvault
sudo chmod +x /usr/local/bin/aegisvault

Install with cargo

If not installed yet, install a Rust toolchain, see https://www.rust-lang.org/tools/install

Direct from crates.io

cargo install aegisvault

Direct from repo

cargo install --git https://github.com/pepa65/aegisvault

Static build (avoiding GLIBC incompatibilities)

git clone https://github.com/pepa65/aegisvault
cd aegisvault
rustup target add x86_64-unknown-linux-musl
cargo rel  # Alias in .cargo/config.toml

The binary will be at target/x86_64-unknown-linux-musl/release/aegisvault

Install with cargo-binstall

Even without a full Rust toolchain, rust binaries can be installed with the static binary cargo-binstall:

# Install cargo-binstall for Linux x86_64
# (Other versions are available at https://crates.io/crates/cargo-binstall)
wget github.com/cargo-bins/cargo-binstall/releases/latest/download/cargo-binstall-x86_64-unknown-linux-musl.tgz
tar xf cargo-binstall-x86_64-unknown-linux-musl.tgz
sudo chown root:root cargo-binstall
sudo mv cargo-binstall /usr/local/bin/

Only a linux-x86_64 (musl) binary available: cargo-binstall aegisvault

It will be installed in ~/.cargo/bin/ which will need to be added to PATH!

Usage

aegisvault 0.2.0 - Convert otpauth URI file to Encrypted Aegis vault JSON on stdout
Usage: aegisvault <URI_FILE>
Arguments:
  <URI_FILE>  The otpauth URI inputfile

Options:
  -h, --help     Print help
  -V, --version  Print version

Unencrypted otpauth URI files consist of lines with this format: otpauth://TYPE/NAME?secret=SECRET&algorithm=HMAC_ALGORITHM&digits=LENGTH&period=PERIOD&issuer=ISSUER
- TYPE can be totp/hotp/steam/motp/yandex.
- NAME should not contain a : (colon) or % (percent), as it messes with URI encoding.
- SECRET is the base32 RFC3548 seed (without the = padding!) for the OTPs.
- TYPE, NAME and SECRET are mandatory.
- HMAC_ALGORITHM is one of: SHA1 (the default), SHA256 or SHA512.
- LENGTH for digits is most often 6 (default), but can be set to 5 (for Steam), 7 (Twitch) or 8 (Microsoft).
- PERIOD is almost always 30 (the default).
- HMAC_ALGORITHM, LENGTH and PERIOD should be given but are optional, and will be set to their respective default values.
The otpauth URI RFC: https://www.ietf.org/archive/id/draft-linuxgemini-otpauth-uri-01.html

License

GPLv3

Dependencies

~10–23MB
~359K SLoC