aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniel Mueller <deso@posteo.net>2020-07-07 17:35:50 -0700
committerDaniel Mueller <deso@posteo.net>2020-07-07 17:35:50 -0700
commit99fde3cac7c9cf278b81876994d3a4f4b795b8ce (patch)
treeaaadb319d2b9fe5e6078c0c63490f89473353546 /src
parent3f62110dc0a0f9ee107643419b027a94427a5530 (diff)
downloadnitrocli-99fde3cac7c9cf278b81876994d3a4f4b795b8ce.tar.gz
nitrocli-99fde3cac7c9cf278b81876994d3a4f4b795b8ce.tar.bz2
Change default OTP format to base32
An arguably unrepresentative survey of services (GitHub, Google Authenticator, and Bitbucket) seems to suggests that the base32 format is the de-facto standard format for OTP secrets. Given that it's not necessarily obvious what format a secret is in and that most services refrain from mentioning it explicitly, having the correct default format is fairly important. With this change we switch the default format from hexadecimal to base32 to accommodate for this finding.
Diffstat (limited to 'src')
-rw-r--r--src/args.rs2
-rw-r--r--src/tests/otp.rs7
2 files changed, 5 insertions, 4 deletions
diff --git a/src/args.rs b/src/args.rs
index 91b340c..56a10b4 100644
--- a/src/args.rs
+++ b/src/args.rs
@@ -269,7 +269,7 @@ pub struct OtpSetArgs {
#[structopt(short, long, default_value = "30")]
pub time_window: u16,
/// The format of the secret
- #[structopt(short, long, default_value = OtpSecretFormat::Hex.as_ref(),
+ #[structopt(short, long, default_value = OtpSecretFormat::Base32.as_ref(),
possible_values = &OtpSecretFormat::all_str())]
pub format: OtpSecretFormat,
/// The OTP slot to use
diff --git a/src/tests/otp.rs b/src/tests/otp.rs
index f923170..837b075 100644
--- a/src/tests/otp.rs
+++ b/src/tests/otp.rs
@@ -23,7 +23,8 @@ use crate::args;
#[test_device]
fn set_invalid_slot_raw(model: nitrokey::Model) {
- let (rc, out, err) = Nitrocli::with_model(model).run(&["otp", "set", "100", "name", "1234"]);
+ let (rc, out, err) =
+ Nitrocli::with_model(model).run(&["otp", "set", "100", "name", "1234", "-f", "hex"]);
assert_ne!(rc, 0);
assert_eq!(out, b"");
@@ -32,7 +33,7 @@ fn set_invalid_slot_raw(model: nitrokey::Model) {
#[test_device]
fn set_invalid_slot(model: nitrokey::Model) {
- let res = Nitrocli::with_model(model).handle(&["otp", "set", "100", "name", "1234"]);
+ let res = Nitrocli::with_model(model).handle(&["otp", "set", "100", "name", "1234", "-f", "hex"]);
assert_eq!(
res.unwrap_lib_err(),
@@ -54,7 +55,7 @@ fn status(model: nitrokey::Model) -> crate::Result<()> {
let mut ncli = Nitrocli::with_model(model);
// Make sure that we have at least something to display by ensuring
// that there is one slot programmed.
- let _ = ncli.handle(&["otp", "set", "0", "the-name", "123456"])?;
+ let _ = ncli.handle(&["otp", "set", "0", "the-name", "123456", "-f", "hex"])?;
let out = ncli.handle(&["otp", "status"])?;
assert!(re.is_match(&out), out);