lucadentella
commented
4 years ago Which app are you using? If I use FreeOTP it works fine... Google Authenticator has a limit on key length but it's not a limit of this library...
Closed mszerg closed 4 years ago
lucadentella
commented
4 years ago Which app are you using? If I use FreeOTP it works fine... Google Authenticator has a limit on key length but it's not a limit of this library...
bert2002
commented
4 years ago Hi @lucadentella, thanks for updating the code in Arduino and the examples. I tried it with a an example from https://totp.danhersam.com/ and I cant get it in sync.
I get the secret key and translate it into a hex array and change the length to 16. Unfortunately I get a different code than on the website. Any idea?
What I changed in your code example:
uint8_t hmacKey[] = {0x4a, 0x42, 0x53, 0x57, 0x59, 0x33, 0x44, 0x50, 0x45, 0x48, 0x50, 0x4b, 0x33, 0x50, 0x58, 0x50};
...
TOTP totp = TOTP(hmacKey, 16);I checked the secret with Authy and it seems to be correct on the website.
Many thanks, bert
lucadentella
commented
4 years ago Hi
please note: the secret key the website outputs is already base32 encoded, while in the sketch you must type the "plain" key.
For example, let's use "TenCharKey" as secret key... it encodes in base32 as "KRSW4Q3IMFZEWZLZ" and can be typed in the sketch as:
uint8_t hmacKey[] = {0x54, 0x65, 0x6e, 0x43, 0x68, 0x61, 0x72, 0x4b, 0x65, 0x79};
You can force the website to use your key (instead of randomly generating one):
https://totp.danhersam.com/#/KRSW4Q3IMFZEWZLZ
and in this case the codes generated by Arduino and the ones generated by the website matches:
lucadentella
commented
4 years ago ... and of course it works also for keys > 10 chars (that was the original topic of this issue). For example:
key: SuperLongSecret base32: KN2XAZLSJRXW4Z2TMVRXEZLU hex array: {0x53, 0x75, 0x70, 0x65, 0x72, 0x4c, 0x6f, 0x6e, 0x67, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74}
Does not work with hmacKey larger than 10. For example hmacKey [] = {0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x21, 0xc3, 0x9e, 0xc2, 0xad, 0xc2, 0xbe, 0xc3, 0xaf}; // JBSWY3DPEHPK3PXP
with hmacKey size equal to 10 all is well. Example hmacKey [] = {0x74, 0x65, 0x73, 0x74, 0x70, 0x77, 0x64, 0x31, 0x32, 0x33}; // ORSXG5DQO5SDCMRT
The size I ask in TOTP totp = TOTP (hmacKey, 14);