You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If I understood the code correctly, the base32tohex function in crypto.js, does not ignore white spaces, leading to an incorrect OTP if the secret key is manually added.
A long while ago, I created a similar app for FxOS where I implemented a similar base32 function, which “normalizes”/fixes the input first, before computing the OTP.
I implemented base32 validation for the input field in version 1.8.0 which is up on openrepos.net and will be up in the Store in the next days.
I don't like the idea of manipulating the secret "Behind the users Back", but the Input Validation at least does prevent inserting / saving any invalid secrets to the database.
If I understood the code correctly, the
base32tohex
function incrypto.js
, does not ignore white spaces, leading to an incorrect OTP if the secret key is manually added.A long while ago, I created a similar app for FxOS where I implemented a similar
base32
function, which “normalizes”/fixes the input first, before computing the OTP.If you don’t have time to improve the code, I would be willing to try to setup a development environment for Sailfish OS and make a pull request.
The text was updated successfully, but these errors were encountered: