Fixed bug that rejected 26 character secrets

JeNeSuisPasDave#1

Now add base32 padding as needed to get to a multiple of 8 characters
in the secret string.

Author: Dave Hein

src/authenticator/__init__.py

@@ -40,4 +40,4 @@
 
 __author__ = "Dave Hein <[email protected]>"
 __license__ = "MIT"
-__version__ = "1.1.2"
+__version__ = "1.1.3"

src/authenticator/hotp.py

@@ -185,6 +185,15 @@ def convert_base32_secret_key(self, base32_secret_key):
         import base64
         import binascii
 
+        # Pad the base32 string to a multiple of 8 characters
+        #
+        secret_length = len(base32_secret_key)
+        pad_length = (8 - (secret_length % 8)) % 8
+        pad = "=" * pad_length
+        base32_secret_key = base32_secret_key + pad
+
+        # Decode it
+        #
         try:
             secret_key = base64.b32decode(base32_secret_key)
         except binascii.Error:

src/setup.py

@@ -30,7 +30,7 @@
     # the version across setup.py and the project code, see
     # https://packaging.python.org/en/latest/single_source_version.html
     #
-    version='1.1.2',
+    version='1.1.3',
 
     description='A HOTP/TOTP code generator for the command line.',
     long_description=long_description,

tests/test_CLI.py

@@ -1244,65 +1244,6 @@ def test_prompt_add_time_based_hotp_googlized_secret(
         self.assertEqual(expected_passphrase, cut._CLI__passphrase)
         self.assertEqual(expected_shared_secret, cut._CLI__shared_secret)
 
-    @unittest.mock.patch('authenticator.data.ClientFile._get_key_stretches')
-    @unittest.mock.patch('os.path.expanduser')
-    def test_prompt_add_time_based_hotp_wrong_length_secret(
-            self, mock_expanduser, mock_key_stretches):
-        """Test CLI.Prompt().
-
-        At first supply a shared secret that is an invalid length for a base32
-        string, but then supply a correct base32 string.
-
-        """
-        mock_key_stretches.return_value = 64
-        mock_expanduser.side_effect = \
-            lambda x: self._side_effect_expand_user(x)
-        expected_passphrase = "Maresy doats and dosey doats."
-        expected_shared_secret = "ABCDEFGHABCDEFGHABCDEFGH"
-        provided_shared_secret = "ABCDEFGHABCDEFGHABCD"
-        rw_mock = unittest.mock.MagicMock()
-        rw_mock.readline.side_effect = [
-            'yes', expected_passphrase, expected_passphrase,
-            provided_shared_secret, expected_shared_secret]
-        cut = CLI(stdin=rw_mock, stdout=rw_mock)
-        args = ("add", "[email protected]")
-        cut.parse_command_args(args)
-        cut.create_data_file()
-        cut.prompt_for_secrets()
-        calls = [
-            unittest.mock.call.write(
-                "No data file was found. Do you want to create your data" +
-                " file? (yes|no) [yes]: "),
-            unittest.mock.call.write(""),
-            unittest.mock.call.flush(),
-            unittest.mock.call.readline(),
-            unittest.mock.call.write("Enter passphrase: "),
-            unittest.mock.call.write(""),
-            unittest.mock.call.flush(),
-            unittest.mock.call.readline(),
-            unittest.mock.call.write("Confirm passphrase: "),
-            unittest.mock.call.write(""),
-            unittest.mock.call.flush(),
-            unittest.mock.call.readline(),
-            unittest.mock.call.write("Enter shared secret: "),
-            unittest.mock.call.write(""),
-            unittest.mock.call.flush(),
-            unittest.mock.call.readline(),
-            unittest.mock.call.write(
-                "Invalid shared secret string. " +
-                "Wrong length, incorrect padding, or embedded whitespace."),
-            unittest.mock.call.write("\n"),
-            unittest.mock.call.write("Enter shared secret: "),
-            unittest.mock.call.write(""),
-            unittest.mock.call.flush(),
-            unittest.mock.call.readline()]
-        rw_mock.assert_has_calls(calls)
-        self.assertEqual(12, rw_mock.write.call_count)
-        self.assertEqual(5, rw_mock.flush.call_count)
-        self.assertEqual(5, rw_mock.readline.call_count)
-        self.assertEqual(expected_passphrase, cut._CLI__passphrase)
-        self.assertEqual(expected_shared_secret, cut._CLI__shared_secret)
-
     @unittest.mock.patch('authenticator.data.ClientFile._get_key_stretches')
     @unittest.mock.patch('os.path.expanduser')
     def test_prompt_add_time_based_hotp_empty_secret(

tests/test_hotp.py

@@ -318,25 +318,67 @@ def test_convert_base32(self):
             actual_bytes = cut.convert_base32_secret_key(in_string)
             self.assertEqual(expected_bytes, actual_bytes)
 
-    def test_convert_base32_too_short(self):
+    def test_convert_base32_16_chars(self):
         """Test Otp.convert_base32_secret_key().
 
-        Check that an input base32 encoded string that is not multiples of 8
-        characters in length (too short) throws the expected exception.
+        Typical input string lengths are 16, 26, 32, and 64 significant
+        (ignoring padding) base32 characters. This tests a 16 character
+        base32 encoded secret.
 
         """
         cut = HOTP()
-        # First be certain the method works with a correct base32-encoded
-        # input string
-        #
-        in_string = "ABCDEFGH"
-        cut.convert_base32_secret_key(in_string)
-        # Then check that it throws the expected exception with an
-        # incorrectly sized input string.
-        #
-        in_string = "ABCDE"
-        with self.assertRaises(ValueError):
-            cut.convert_base32_secret_key(in_string)
+        in_string = "mfzw s5dv mf2g s33o"
+        in_string = "".join(in_string.split()).upper()
+        expected_bytes = b"asituation"
+        actual_bytes = cut.convert_base32_secret_key(in_string)
+        self.assertEqual(expected_bytes, actual_bytes)
+
+    def test_convert_base32_26_chars(self):
+        """Test Otp.convert_base32_secret_key().
+
+        Typical input string lengths are 16, 26, 32, and 64 significant
+        (ignoring padding) base32 characters. This tests a 26 character
+        base32 encoded secret, which requires padding the base32 secret
+        before decoding
+
+        """
+        cut = HOTP()
+        in_string = "onux i5lb oruw 63ra nzxx e3lb nq"
+        in_string = "".join(in_string.split()).upper()
+        expected_bytes = b"situation normal"
+        actual_bytes = cut.convert_base32_secret_key(in_string)
+        self.assertEqual(expected_bytes, actual_bytes)
+
+    def test_convert_base32_32_chars(self):
+        """Test Otp.convert_base32_secret_key().
+
+        Typical input string lengths are 16, 26, 32, and 64 significant
+        (ignoring padding) base32 characters. This tests a 32 character
+        base32 encoded secret
+
+        """
+        cut = HOTP()
+        in_string = "nf2c a2lt ebqw y3ba mzxx k3df mqqh k4bo"
+        in_string = "".join(in_string.split()).upper()
+        expected_bytes = b"it is all fouled up."
+        actual_bytes = cut.convert_base32_secret_key(in_string)
+        self.assertEqual(expected_bytes, actual_bytes)
+
+    def test_convert_base32_64_chars(self):
+        """Test Otp.convert_base32_secret_key().
+
+        Typical input string lengths are 16, 26, 32, and 64 significant
+        (ignoring padding) base32 characters. This tests a 64 character
+        base32 encoded secret
+
+        """
+        cut = HOTP()
+        in_string = "knux i5lb oruw 63ra nzxx e3lb nqwc a2lu e5zs" + \
+            " aylm nqqg m33v nrsw iidv oaqd ulji"
+        in_string = "".join(in_string.split()).upper()
+        expected_bytes = b"Situation normal, it\'s all fouled up :-("
+        actual_bytes = cut.convert_base32_secret_key(in_string)
+        self.assertEqual(expected_bytes, actual_bytes)
 
     def test_convert_base32_too_long(self):
         """Test Otp.convert_base32_secret_key().