Skip to content

Fix Remote Bolus OTP validation on Authy#19

Merged
ps2 merged 1 commit into
ps2:devfrom
gestrich:bugfix/2022-04/bg/authy-algorithm
May 2, 2022
Merged

Fix Remote Bolus OTP validation on Authy#19
ps2 merged 1 commit into
ps2:devfrom
gestrich:bugfix/2022-04/bg/authy-algorithm

Conversation

@gestrich

Copy link
Copy Markdown

Remote bolus OTP validation was failing on Authy and possibly some other OTP clients. I was specifying the SHA512 algorithm for generating a QR code. The Google Authenticator spec, which I think these OTP standards were derived from, allows either {sha1, sha256, sha512}. However, it seems that Authy only supports SHA1. Some more background is here. Apparently this issue has been around for a long time.

@@ -70,7 +70,8 @@ public class OTPManager {

private var secretStore: OTPSecretStore
private var nowDateSource: () -> Date

@gestrich gestrich Apr 16, 2022

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fix: Changing SHA512 -> SHA1
Also adding "Issuer" as a property for reuse.

@@ -143,7 +144,7 @@ public class OTPManager {
}

let generator = Generator(factor: .timer(period: TimeInterval(self.tokenPeriod)), secret: secretKeyData, algorithm: algorithm, digits: passwordDigitCount)!

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use property and get rid of unnecessary string interpolation.

@gestrich gestrich force-pushed the bugfix/2022-04/bg/authy-algorithm branch from ddeb09f to 4bcc0a3 Compare April 16, 2022 00:58
@ps2 ps2 merged commit 20289c3 into ps2:dev May 2, 2022
pbipin74 pushed a commit to pbipin74/NightscoutService that referenced this pull request Jul 1, 2026
Add APNS response feature with JWT management and secure messaging
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants