limpkin
commented
2 years ago a 128bytes long secret... damn.
Open adarazs opened 2 years ago
limpkin
commented
2 years ago a 128bytes long secret... damn.
adarazs
commented
2 years ago a 128bytes long secret... damn.
Yeah, I don't even advocate strongly to implement this, as a 128 byte key is a waste of storage space and the use of this silly long key just demonstrates the lack of understanding of how much shared secret is even meaningful in this scenario.
This is more of a report that such a thing exists. It is better to know that it can cause issues and people might run into it. Maybe adding a warning to the UI is enough that the key is too long?
limpkin
commented
1 year ago 
ChrisGuyML
commented
1 year ago To avoid using 128 bytes reserved for every TOTP secret, you could link the second half to another memory location and use a flag to signal the larger size is used and build the key from all memory locations. This principal could be extended to reduce the default size to the standard 16 bytes (128 bits) and the flag could be a 1 byte size size indicator.
Missing feature
I tried to register a TOTP token in Moolticute and turns out there is a 72 character limit for the shared secret. I see this limit was already increased after issue #791, but from this particular site I got a TOTP secret that was 205 characters long. FreeOTP on Android was able to handle it and worked correctly.
Looks like the secret was base32 encoded, so I think the key is 205*5/8 = 128.125 --> 128 bytes long.
The RFC for TOTP doesn't specify the max key size:
While I think 1024 bits of shared secret is unnecessary, there's not much we can do about some sites using it.
I also found this relevant pull request: https://github.com/mooltipass/moolticute/pull/793 - So if we currently support 64 byte keys, doubling everything again should work.
Justification
I am sure this is not the only site using stupidly long shared secrets, so it will be probably useful in the future for others as well. A warning when hitting the character limit would be useful too, it took me a while to figure out that the string was truncated when I pasted it in Moolticute.
Workarounds
No workarounds apart from using a different TOTP authenticator.