###
This README file encompasses the instructions to set up the tool in any environment.
###

INSTRUCTIONS:

1). SETUP

REQUIREMENTS 
	a). python 3.5 or higher version has to be installed in the envrionment where this tool needs to be run
	b). pip3 or higher has to be installed along with python


Package setup
	Requirements are automatically installed by running this command

	>> pip install -r requirements.txt
 	use pip or pip3 based on the envrionment set up

2).Running the code

	>> python main.py
	use python or python3 based on the envrionment set up.
	usage: OTP Secret encryption tool [-h] -Host SERVER 
                                    [-Port PORT] 
                                    -username USER 
                                    -password PASSWORD 
                                    -search_base SEARCH_BASE 
                                    [-search_filter SEARCH_FILTER]
                                    -operation OPERATION 
                                    -source_attribute SOURCE_ATTRIBUTE
                                    [-target_attribute TARGET_ATTRIBUTE]
                                    -cert_path [CERT_PATH [CERT_PATH ...]]
                                    [-new_cert_path NEW_CERT_PATH]

	This tool lets the admin convert the plaintext OTP secret to encrypted format
	and revert back to the plaintext format as desired. It also has the
	functionality to upgrade the certificate that has been ustored in the AD

Arguments:
  -h, --help            show this help message and exit
  -Host SERVER          The IP or the hostname of the AD server where the
                        OTPSecret is stored (default: None)
  -Port PORT            use port 389 for plaintext encryption and 636 for SSL
                        (default: 636)
  -username USER        The username of the admin of the active directory
                        (default: None)
  -password PASSWORD    The password of the admin account (default: None)
  -search_base SEARCH_BASE
                        The base argument for the search in LDAP directory
                        (default: None)
  -search_filter SEARCH_FILTER
                        The filter to be appplied to search the ldap
                        directory, if any (default: (name=otp*))
  -operation OPERATION  The operation being requested 0 or encryption, 1 or
                        decryption, 2 or cert_upgrade (default: None)
  -source_attribute SOURCE_ATTRIBUTE
                        The attribute where the OTPSecret is stored currently
                        (default: None)
  -target_attribute TARGET_ATTRIBUTE
                        The attribute where the OTPSecret is to be stored
                        (default: None)
  -cert_path [CERT_PATH [CERT_PATH ...]]
                        The absolute path of the certificate in x.506 standard
                        to be used for public key validation (default: None)
                        Note: Please specify PEM encoded certificate consisting of both the public 
                        cert and the RSA private key in the same file. 
                        PFX format is not supported, please convert the pfx files to PEM encoding and use.
  -new_cert_path NEW_CERT_PATH
                        The absolute path of the new certificate in x.506
                        standard to be used for public key validation
                        (default: None)