kyle/goutils
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 3 Wiki Activity

Don't assume our secret is base32 encoded.

Browse Source 
According to https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm
secrets are only base32 encoded in gauthenticator and gauth friendly providers.
This commit is contained in:
Aaron Bieber
2018-04-16 13:55:03 -06:00
committed by Kyle Isom
parent a1452cebc9
commit acefe4a3b9
3 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
hotp.go
View File

@@ -90,7 +90,8 @@ func hotpFromURL(u *url.URL) (*HOTP, string, error) {
key, err := base32.StdEncoding.DecodeString(secret)
if err != nil {
return nil, "", err
// secret isn't base32 encoded
key = []byte(secret)
}
otp := NewHOTP(key, counter, digits)
return otp, label, nil

3
otp_test.go
View File

@@ -79,10 +79,7 @@ func TestBadURL(t *testing.T) {
"foo",
"otpauth:/foo/bar/baz",
"://",
"otpauth://hotp/secret=bar",
"otpauth://hotp/?secret=QUJDRA&algorithm=SHA256",
"otpauth://hotp/?digits=",
"otpauth://hotp/?secret=123",
"otpauth://hotp/?secret=MFRGGZDF&digits=ABCD",
"otpauth://hotp/?secret=MFRGGZDF&counter=ABCD",
}

3
totp.go
View File

@@ -152,7 +152,8 @@ func totpFromURL(u *url.URL) (*TOTP, string, error) {
key, err := base32.StdEncoding.DecodeString(secret)
if err != nil {
return nil, "", err
// secret isn't base32 encoded
key = []byte(secret)
}
otp := NewTOTP(key, 0, period, digits, algo)
return otp, label, nil