Some general improvements

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @replydev

Cargo.toml

@@ -33,7 +33,7 @@ dirs = "5.0.1"
 rpassword = "7.2.0"
 data-encoding = "2.4.0"
 copypasta-ext = "0.4.4"
-zeroize = "1.6.0"
+zeroize = { version = "1.6.0", features = ["zeroize_derive"]}
 clap = { version = "4.4.7", features = ["derive"] }
 hmac = "0.12.1"
 sha-1 = "0.10.1"
@@ -46,7 +46,6 @@ aes-gcm = "0.10.3"
 hex = "0.4.3"
 qrcode = "0.12.0"
 urlencoding = "2.1.3"
-regex = "1.10.2"
 base64 = "0.21.5"
 md-5 = "0.10.6"
 ratatui = { version = "0.23.0", features = ["all-widgets"] }

README.md

@@ -2,7 +2,8 @@
 
 [![Actions Status](https://github.com/replydev/cotp/workflows/Build/badge.svg)](https://github.com/replydev/cotp/actions) [![AUR package](https://img.shields.io/aur/version/cotp)](https://aur.archlinux.org/packages/cotp/) [![AUR package](https://img.shields.io/aur/version/cotp-bin)](https://aur.archlinux.org/packages/cotp-bin/) [![crates.io](https://img.shields.io/crates/v/cotp)](https://crates.io/crates/cotp) [![Downloads](https://img.shields.io/crates/d/cotp)](https://crates.io/crates/cotp)
 
-I believe that security is of paramount importance, especially in this digital world. I created cotp because I needed a minimalist, secure, desktop accessible software to manage my two-factor authentication codes.
+I believe that security is of paramount importance, especially in this digital world. I created cotp because I needed a
+minimalist, secure, desktop accessible software to manage my two-factor authentication codes.
 
 # Overview
 
@@ -12,50 +13,119 @@ cotp is written with simplicity in mind, the interface is quite minimalist and i
 
 [![asciicast](https://asciinema.org/a/459912.svg)](https://asciinema.org/a/459912)
 
-If you are familiar with the command line interface using cotp will not be a problem. Just type `cotp` to enter the TUI dashboard. Type `i` to get some instruction. Otherwise just enter `cotp --help`.
+If you are familiar with the command line interface using cotp will not be a problem. Just type `cotp` to enter the TUI
+dashboard. Type `i` to get some instruction. Otherwise just enter `cotp --help`.
 
 In the first run you will be prompted to insert a password to initialize the database.
 
 ## Encryption
 
-This program relies on only one database file encrypted with [XChaCha20Poly1305](https://docs.rs/chacha20poly1305/latest/chacha20poly1305/) authenticated encryption and [Argon2id](https://en.wikipedia.org/wiki/Argon2) for key derivation.
+This program relies on only one database file encrypted
+with [XChaCha20Poly1305](https://docs.rs/chacha20poly1305/latest/chacha20poly1305/) authenticated encryption
+and [Argon2id](https://en.wikipedia.org/wiki/Argon2) for key derivation.
 
 It also uses [AES-GCM](https://docs.rs/aes-gcm/latest/aes_gcm/) to import from encrypted Aegis backups.
 
 ## Compatibility
 
-cotp can generate both **TOTP** and **HOTP** codes, compliant with **rfc6238** and **rfc4226** specifications. Also, it is possible to customize settings like **HMAC algorithm** and **digits**, to provide compatibility to other two-factor authentication systems.
+cotp can generate both **TOTP** and **HOTP** codes, compliant with **rfc6238** and **rfc4226** specifications. Also, it
+is possible to customize settings like **HMAC algorithm** and **digits**, to provide compatibility to other two-factor
+authentication systems.
 
 Latest releases also include support for Steam, Yandex, MOTP codes and code copying from SSH Remote Shell.
 
-### Cross Plaform
+## Cross Plaform
 
-#### So far, I have successfully tested the functionality of the software in the following systems:
+cotp should be easily compiled on the most used platform, but it is mostly tested on Linux and Windows.
 
-- Arch Linux
-- Alpine Linux
-- Fedora 33
-- Ubuntu 20.04 WSL
-- Windows 10 Pro
-- Windows 10 LTSC
-- Windows 11
+# Install
 
-#### In addition, cotp has been successfully tested by the community in the following systems:
+## Arch Linux and arch-based distributions
 
-- NixOS
+We have two AUR packages ready to be installed, [cotp](https://aur.archlinux.org/packages/cotp)
+and [cotp-bin](https://aur.archlinux.org/packages/cotp-bin). You can use an AUR Helper
+like [paru](https://github.com/morganamilo/paru):
 
-# Install
+`paru -S cotp`
+
+Or manually clone the AUR repo and make the pkg
+
+```
+pacman -S git base-devel
+git clone https://aur.archlinux.org/cotp.git
+cd cotp
+makepkg -si
+```
+
+## Other linux distributions and \*nix
+
+Before beginning check that you have the required build dependencies to use the rust compiler.
+
+You need to install the **libxcb-devel** dependency, needed for clipboard coping in X11:
+
+- Debian based: `sudo apt install libxcb1-dev libx11-dev libxcb-shape0-dev libxcb-xfixes0-dev libxkbcommon-dev`
+- Fedora / RHEL based: `sudo dnf install libX11-devel`
+- Void Linux `sudo xbps-install -S libxcb-devel`
+
+## Windows
+
+Windows installation/compilation is supported with both of toolchains.
+
+If you want to use `x86_64-pc-windows-msvc` you will need to install
+the [Visual C++ 2019 Build Tools](https://visualstudio.microsoft.com/it/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16)
 
-See [install.md](install.md)
+Once you have the rust toolchain installed just run `cargo install cotp`.
+
+### Use the crates.io repository
+
+Just type `cargo install cotp` and wait for the installation.
+
+### Clone the GitHub repository and manually install
+
+You can build cotp using these commands:
+
+```
+git clone https://github.com/replydev/cotp.git
+cargo install --path cotp/
+```
 
 # Migration from other apps
 
-See [codes_migration.md](codes_migration.md)
+cotp supports TOTP codes migration from various apps.
+Some needs to be converted using simple python script you can find listed in the table below.
+
+| App                                                                                                          | How to fetch backup                                                                                                                                                 | Needs conversion                                                          | cotp argument               |
+|--------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------|-----------------------------|
+| [andOTP](https://github.com/andOTP/andOTP)                                                                   | Make a backup using the app itself.                                                                                                                                 | No                                                                        | `--andotp`                  |
+| [Aegis](https://github.com/beemdevelopment/Aegis)                                                            | Make a backup using the app itself.                                                                                                                                 | No                                                                        | `--aegis`                   |
+| [Aegis](https://github.com/beemdevelopment/Aegis) (encrypted)                                                | Make an encrypted backup using the app itself.                                                                                                                      | No                                                                        | `--aegis-encrypted`         |
+| [Authy](https://authy.com/)                                                                                  | Obtain `/data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml` from your phone.                                                        | [Yes](https://github.com/replydev/cotp/blob/master/converters/authy.py)   | `--authy`                   |
+| [Authy](https://authy.com/) (2nd method)                                                                     | Follow this guide: https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93.                                                                              | No                                                                        | `--authy-exported`          |
+| [cotp](https://github.com/replydev/cotp)                                                                     | Export your database using `cotp export`.                                                                                                                           | No                                                                        | `--cotp`                    |
+| [FreeOTP](https://freeotp.github.io/)                                                                        | Obtain `/data/data/org.fedorahosted.freeotp/shared_prefs/tokens.xml` from your phone.                                                                               | [Yes](https://github.com/replydev/cotp/blob/master/converters/freeotp.py) | `--freeotp`                 |
+| [FreeOTP+](https://github.com/helloworld1/FreeOTPPlus)                                                       | Make a backup using the app itself.                                                                                                                                 | No                                                                        | `--freeotp-plus`            |
+| [Google Authenticator](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2) | Obtain `/data/data/com.google.android.apps.authenticator2/databases/databases` from your phone                                                                      | [Yes](https://github.com/replydev/cotp/blob/master/converters/gauth.py)   | `--google-authenticator`    |
+| [Microsoft Authenticator](https://play.google.com/store/apps/details?id=com.azure.authenticator)             | Obtain `/data/data/com.azure.authenticator/databases/PhoneFactor` from your phone. Take also `PhoneFactor-wal`, `PhoneFactor-shm` if they exist in the same folder. | [Yes](https://github.com/replydev/cotp/blob/master/converters/mauth.py)   | `--microsoft-authenticator` |
+| [OTP URI list](https://docs.yubico.com/yesdk/users-manual/application-oath/uri-string-format.html)           | Create a JSON file which contains a items property. It will contains a string array where each element is an OTP URI.                                               | No                                                                        | `--otp-uri`                 |
+
+## How to convert
+
+Once you got the correct files run the right python script located in the **converters/** folder in this source code.
+
+**Example:**
+`python authy.py path/to/database.xml converted.json`
+
+It will convert the database in a json format readable by cotp.
+
+To terminate the import:
+`cotp import --authy --path path/to/converted_database.json`
 
-## Planned features
+# Planned features
 
-Currently there is not any planned feature. If you need something new that could improve the software feel free to open an issue.
+Currently, there is not any planned feature. If you need something new that could improve the software feel free to open
+an issue.
 
-## Contribution
+# Contribution
 
-I created this project for my own needs, but I would be happy if this little program is useful to someone else, and I gratefully accept any pull requests.
+I created this project for my own needs, but I would be happy if this little program is useful to someone else, and I
+gratefully accept any pull requests.

src/main.rs

@@ -51,7 +51,7 @@ fn main() -> AppResult<()> {
     color_eyre::install()?;
 
     let cotp_args = CotpArgs::parse();
-    let (database, key, salt) = match init() {
+    let (database, mut key, salt) = match init() {
         Ok(v) => v,
         Err(e) => {
             println!("{e}");
@@ -63,24 +63,28 @@ fn main() -> AppResult<()> {
         Ok(d) => d,
         Err(e) => {
             eprintln!("An error occurred: {e}");
+            key.zeroize();
             std::process::exit(-2)
         }
     };
 
-    if reowned_database.is_modified() {
+    let error_code = if reowned_database.is_modified() {
         match reowned_database.save(&key, &salt) {
             Ok(_) => {
                 println!("Success");
+                0
             }
             Err(_) => {
                 eprintln!("An error occurred during database overwriting");
-                std::process::exit(-3)
+                -1
             }
         }
     } else {
         println!("Success");
-    }
-    std::process::exit(0)
+        0
+    };
+    key.zeroize();
+    std::process::exit(error_code)
 }
 
 fn dashboard(mut database: OTPDatabase) -> AppResult<OTPDatabase> {

src/otp/otp_algorithm.rs

@@ -2,6 +2,7 @@ use std::fmt;
 
 use clap::ValueEnum;
 use serde::{Deserialize, Serialize};
+use zeroize::Zeroize;
 
 #[derive(Serialize, Deserialize, PartialEq, Eq, Debug, Clone, Copy, ValueEnum, Hash)]
 #[serde(rename_all = "UPPERCASE")]
@@ -28,3 +29,9 @@ impl From<&str> for OTPAlgorithm {
         }
     }
 }
+
+impl Zeroize for OTPAlgorithm {
+    fn zeroize(&mut self) {
+        *self = OTPAlgorithm::Sha1;
+    }
+}

src/otp/otp_element.rs

@@ -8,6 +8,7 @@ use data_encoding::BASE32_NOPAD;
 use qrcode::render::unicode;
 use qrcode::QrCode;
 use serde::{Deserialize, Serialize};
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use super::{
     algorithms::{
@@ -125,7 +126,7 @@ impl OTPDatabase {
     }
 }
 
-#[derive(Serialize, Deserialize, Clone, PartialEq, Eq, Debug, Hash)]
+#[derive(Serialize, Deserialize, Clone, PartialEq, Eq, Debug, Hash, Zeroize, ZeroizeOnDrop)]
 pub struct OTPElement {
     pub secret: String,
     pub issuer: String,