_padSecret(secretList, secretbytes);

[devsigofficial]

static Uint8List _padSecret(Uint8List secret, int length) { if (secret.length == length) return secret;

// ignore: prefer_collection_literals
final newList = <int>[];
for (var i = 0; i * secret.length < length; i++) {
  newList.addAll(secret);
}

return Uint8List.fromList(newList.sublist(0, length));

}

{ uri: otpauth: //totp/sdfsdf: sdfsdf?secret=sdfsdf&issuer=sdfsdf&algorithm=sha1&digits=6&period=30, secret: sdfsdf, digits: 6, period: 30, lastUsedCounter: 0, algorithm: sha1, issuer: sdfsdf, accountName: sdfsdf, isTimerBased: true, isArchive: false) }

this function runs infinite

[daegalus]

Thanks for the bug report, I will take a look at this soon. Out of town for a bit, so I will look at it when I get back later this week.

[daegalus]

So I found the problem, sdfsdf isn't a valid Base32 string, so when I run base32.decode it returns an empty list. So when the length is 0, it goes infinite.

I made it so that if a secret is not Base32, I would just use it directly.

That should at least solve the infinite loop. Not sure how accurate it will be. Ideally you encode your secret as Base32 for consistency.

I released 3.0.3 with the fix.

[daegalus]

Actually reopening this. I just remembered that it should be throwing an exception on Invalid base32.

For some reason, locally it doesn't throw an exception, but it does when I run tests in github actions.

Can I ask what OS you are doing it on?

[daegalus]

Ok, it now throws an exception. a Secret needs to be base32 and a base32 string can't be shorter than 8. So your secret needs to be sdfsdf== or SDFSDF== but I uppercase all secrets.