Hi,

Please have a look at the improved patch series in https://github.com/marschap/openldap/commits/contrib-totp2 It tries to address all the issues highlighted on the first version.

https://github.com/marschap/openldap/commit/e4e1045f59368af8d15172ad22fcc0fd... contrib/passwd/totp: flexibilize decoding

In function totp_b32_pton() - allow lowercase characters in encoded string too - allow padding to be omitted (totally, not only parts) With this added flexibility we can make use of keys encoded by other Base32-encoding implementations.

In function chk_totp() determine the space required to hold the decoded key by calling totp_b32_pton() with a NULL argument for the target.

Changes to previous version: - toupper()'s argument guarded with a cast to (unsigned char) - added rationale to commit message

https://github.com/marschap/openldap/commit/edfa2b0fb3238ca9f231fa75bd452b42... contrib/passwd/totp: fix the big-endian case, support 32-bit archs

- reverse tval in the WORDS_BIGENDIAN case before converting it to a string - use uint64_t for tval to have it correctly sized on 32-bit archs too - avoid magic number when converting tval to a string

Changes to previous version: - complete rewrite

https://github.com/marschap/openldap/commit/24007f02cebb0b7f801288b02d0ac8c2... contrib/passwd/totp: fix decoding when padding is used

In totp_b32_pton(), correctly count the number of '=' padding chars at the end of the base-32 encoded string: don't count the first padding char char twice.

Note: '*str++' evaluates *str first and increases str later!

Changes to previous version: - commit message only

https://github.com/marschap/openldap/commit/435619ccd8be1b62f86db67643bca777... contrib/passwd/totp: support compiling using nettle

Changes to previous version: - rewrite, concentrating the #ifdef's as much as possible

Best Peter