diff options
author | Daniel Mueller <deso@posteo.net> | 2020-07-07 17:35:50 -0700 |
---|---|---|
committer | Daniel Mueller <deso@posteo.net> | 2020-07-07 17:35:50 -0700 |
commit | 99fde3cac7c9cf278b81876994d3a4f4b795b8ce (patch) | |
tree | aaadb319d2b9fe5e6078c0c63490f89473353546 /src | |
parent | 3f62110dc0a0f9ee107643419b027a94427a5530 (diff) | |
download | nitrocli-99fde3cac7c9cf278b81876994d3a4f4b795b8ce.tar.gz nitrocli-99fde3cac7c9cf278b81876994d3a4f4b795b8ce.tar.bz2 |
Change default OTP format to base32
An arguably unrepresentative survey of services (GitHub, Google
Authenticator, and Bitbucket) seems to suggests that the base32 format
is the de-facto standard format for OTP secrets. Given that it's not
necessarily obvious what format a secret is in and that most services
refrain from mentioning it explicitly, having the correct default format
is fairly important.
With this change we switch the default format from hexadecimal to
base32 to accommodate for this finding.
Diffstat (limited to 'src')
-rw-r--r-- | src/args.rs | 2 | ||||
-rw-r--r-- | src/tests/otp.rs | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/src/args.rs b/src/args.rs index 91b340c..56a10b4 100644 --- a/src/args.rs +++ b/src/args.rs @@ -269,7 +269,7 @@ pub struct OtpSetArgs { #[structopt(short, long, default_value = "30")] pub time_window: u16, /// The format of the secret - #[structopt(short, long, default_value = OtpSecretFormat::Hex.as_ref(), + #[structopt(short, long, default_value = OtpSecretFormat::Base32.as_ref(), possible_values = &OtpSecretFormat::all_str())] pub format: OtpSecretFormat, /// The OTP slot to use diff --git a/src/tests/otp.rs b/src/tests/otp.rs index f923170..837b075 100644 --- a/src/tests/otp.rs +++ b/src/tests/otp.rs @@ -23,7 +23,8 @@ use crate::args; #[test_device] fn set_invalid_slot_raw(model: nitrokey::Model) { - let (rc, out, err) = Nitrocli::with_model(model).run(&["otp", "set", "100", "name", "1234"]); + let (rc, out, err) = + Nitrocli::with_model(model).run(&["otp", "set", "100", "name", "1234", "-f", "hex"]); assert_ne!(rc, 0); assert_eq!(out, b""); @@ -32,7 +33,7 @@ fn set_invalid_slot_raw(model: nitrokey::Model) { #[test_device] fn set_invalid_slot(model: nitrokey::Model) { - let res = Nitrocli::with_model(model).handle(&["otp", "set", "100", "name", "1234"]); + let res = Nitrocli::with_model(model).handle(&["otp", "set", "100", "name", "1234", "-f", "hex"]); assert_eq!( res.unwrap_lib_err(), @@ -54,7 +55,7 @@ fn status(model: nitrokey::Model) -> crate::Result<()> { let mut ncli = Nitrocli::with_model(model); // Make sure that we have at least something to display by ensuring // that there is one slot programmed. - let _ = ncli.handle(&["otp", "set", "0", "the-name", "123456"])?; + let _ = ncli.handle(&["otp", "set", "0", "the-name", "123456", "-f", "hex"])?; let out = ncli.handle(&["otp", "status"])?; assert!(re.is_match(&out), out); |