twofactor icon indicating copy to clipboard operation
twofactor copied to clipboard
verified publisher icon sec51

use it with go1.11 have a problem.twofactor.TOTPFromBytes(x,y)

Open leon20181119 opened this issue 7 years ago • 2 comments

leon20181119 avatar Nov 30 '18 07:11 leon20181119

Have same issue

To reproduce the issue please use convert/bigendian/convert.go previous version

func TestBigEndianConvertion(t *testing.T) {
	totp, err := NewTOTP("[email protected]", "Sec51", crypto.SHA256, 6)
	if err != nil {
		t.Fatal(err)
	}

	data, err := totp.ToBytes()
	if err != nil {
		t.Fatal(err)
	}

	newTotp, err := TOTPFromBytes(data, "Sec51")
	if err != nil {
		t.Fatal(err)
	}

	if totp.account != newTotp.account {
		t.Error("Fail: Received totp do not match origin")
	}
}

Fails with: panic: runtime error: slice bounds out of range [recovered] panic: runtime error: slice bounds out of range

This is because reading issuerSize returns 0 although the byte array is ok.

The issue is in the implementation of

// helper function which converts a big endian []byte to a int
func FromInt(data [4]byte) int {
	i := (int(data[3]) << 0) | (int(data[2]) << 8) |
		(int(data[1]) << 16) | (int(data[0]) << 24)
	return int(i)
}

To Fix: just update latest version of convert library

The big question is why adding a Println of data in FromInt, makes the function to work fine

func FromInt(data [4]byte) int {
	fmt.Println(data)
	i := (int(data[3]) << 0) | (int(data[2]) << 8) |
		(int(data[1]) << 16) | (int(data[0]) << 24)
	return int(i)
}

isuruceanu avatar Nov 30 '18 08:11 isuruceanu

thanks.now already solve.just update convert library.https://github.com/sec51/convert

leon20181119 avatar Nov 30 '18 09:11 leon20181119