Ignoring white space or other invalid charaters in base32

[timothymctim]

If I understood the code correctly, the base32tohex function in crypto.js, does not ignore white spaces, leading to an incorrect OTP if the secret key is manually added.
A long while ago, I created a similar app for FxOS where I implemented a similar base32 function, which “normalizes”/fixes the input first, before computing the OTP.

base32_input = base32_input.trim().replace(/ /g, '').replace(/-/g, '');
base32_input = base32_input.toUpperCase();
base32_input = base32_input.replace(/1/g, 'L').replace(/8/g, 'B').replace(/0/g, 'O');

If you don’t have time to improve the code, I would be willing to try to setup a development environment for Sailfish OS and make a pull request.

[seiichiro0185]

Thank you for reporting this. I'll try taking a look at it next weekend.

[seiichiro0185]

I implemented base32 validation for the input field in version 1.8.0 which is up on openrepos.net and will be up in the Store in the next days.
I don't like the idea of manipulating the secret "Behind the users Back", but the Input Validation at least does prevent inserting / saving any invalid secrets to the database.