Secret: byte[] secret confusion #83
Comments
|
Hmm thanks for your question! You make a good point as there is no specific reason the library works this way. It would be appreciated if you make a PR with JavaDoc or another implementation! |
anibyl
added a commit
to anibyl/otp-java
that referenced
this issue
Dec 20, 2024
anibyl
added a commit
to anibyl/otp-java
that referenced
this issue
Dec 20, 2024
|
Hi @BastiaanJansen, please take a look at #84 :) |
BastiaanJansen
added a commit
that referenced
this issue
Dec 23, 2024
Add a String secret Builder constructor + Base32 docs and comments #83
|
Thanks! This is included in version 2.1.0! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This ticket is merely a question to start a discussion.
Currently, the library uses the following constructor for initialization (link):
A shared secret is a byte sequence, also commonly represented as a Base32 string (example).
However, the builder constructor consumes neither of them, but instead a byte array which is a Base32 secret encoded with a standard charset (
secret.getBytes(), e.g. here):It's unclear why it has to be like that, since the encoded-string secret is later converted to a correct shared secret anyway:
I recently spent a few hours trying to understand why the library wasn't working when I was passing a correct shared secret to it.
This is confusing.
Would that be possible to add a javadoc explaining what should be passed as
byte[] secret, or aBuilderconstructor consumingString secret, or...?I could create a PR, but first I would like to have a conversation.
The text was updated successfully, but these errors were encountered: