Allow spaces in base32 OTP secrets

Some sites, such as GitLab, display their OTP secrets as base32 strings in groups separated by spaces. Previously, the user had to manually remove the spaces before passing the secret to nitrocli. But as the space can never be part of the base32 string itself, we can unambiguously identify it as a separator and remove it from the secret before processing it. Fixes #136
d-e-s-o · Apr 10, 2021 · 3a12546 · 3a12546
1 parent ecace8d
commit 3a12546
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 Unreleased
 ----------
 - Enabled usage of empty PWS slot fields
+- Allowed entering of `base32` encoded strings containing spaces
 - Bumped `nitrokey` dependency to `0.9.0`
 
 

diff --git a/src/commands.rs b/src/commands.rs
@@ -794,7 +794,9 @@ fn prepare_ascii_secret(secret: &str) -> anyhow::Result<String> {
 
 /// Prepare a base32 secret string for libnitrokey.
 fn prepare_base32_secret(secret: &str) -> anyhow::Result<String> {
- base32::decode(base32::Alphabet::RFC4648 { padding: false }, secret)
+ // Some sites display the base32 secret in groups separated by spaces, we want to ignore them.
+ let secret = secret.replace(" ", "");
+ base32::decode(base32::Alphabet::RFC4648 { padding: false }, &secret)
  .map(|vec| format_bytes(&vec))
  .context("Failed to parse base32 secret")
 }
@@ -1226,6 +1228,17 @@ mod tests {
  assert!(result.is_err());
  }
 
+ #[test]
+ fn prepare_secret_base32() {
+ let result = prepare_base32_secret("gezdgnbvgy3tqojqgezdgnbvgy3tqojq").unwrap();
+ assert_eq!(
+ "3132333435363738393031323334353637383930".to_string(),
+ result
+ );
+ let result2 = prepare_base32_secret("gezd gnbv gy3t qojq gezd gnbv gy3t qojq").unwrap();
+ assert_eq!(result, result2);
+ }
+
  #[test]
  fn hex_string() {
  assert_eq!(format_bytes(&[b' ']), "20");