This repository was archived by the owner on Apr 6, 2021. It is now read-only.
This repository was archived by the owner on Apr 6, 2021. It is now read-only.
Decoding secrets BASE32 encoded with padding #652
Description
- When I init a QR code that was generated by code that uses secrets BASE32 encoded with padding, then I get an error.
- This happens only on iPhone
Yes, I saw https://github.com/google/google-authenticator/wiki/Key-Uri-Format#secret and that you expressed it:
REQUIRED: The secret parameter is an arbitrary key value encoded in Base32 according to RFC 3548. The padding specified in RFC 3548 section 2.2 is not required and should be omitted.
Since it is should instead of must, RFC terminology led me into conclusion it is discouraged, but still, it would work. On the other hand, e.g. https://github.com/google/google-authenticator-android works with padding, so there is no such limitation for Android. As we want to support multiple authenticator apps on different devices, could you please consider a remediation to make it compliant with Android app?
Code analysis:
stringEncodingWithString fromhttps://github.com/google/google-toolbox-for-mac/blob/640815dcd6fa74bfd103ec89bd5acce6a371bcf8/Foundation/GTMStringEncoding.m#L95
and adjusts with parameters.
You pick one of the possible encoding methods from
GTMStringEncoding. In there you also have https://github.com/google/google-toolbox-for-mac/blob/640815dcd6fa74bfd103ec89bd5acce6a371bcf8/Foundation/GTMStringEncoding.m#L43, that is rfc4648Base32StringEncoding which makes use of padding explicitly. What about utilizing that other method of the toolbox for Mac project?