From ef1b5ad51daa23e9a98ff785e282a599e5678e1f Mon Sep 17 00:00:00 2001
From: Stefan Brand <seiichiro@seiichiro0185.org>
Date: Wed, 8 Jan 2014 19:16:56 +0100
Subject: [PATCH] Catch error from invalid secrets

---
 qml/lib/crypto.js | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/qml/lib/crypto.js b/qml/lib/crypto.js
index 56f1a8a..d518466 100644
--- a/qml/lib/crypto.js
+++ b/qml/lib/crypto.js
@@ -75,15 +75,19 @@ function calcOTP(secret) {
   // Get last full 30 / 60 Seconds and convert to HEX
   var time = leftpad(dec2hex(Math.floor(epoch / 30)), 16, '0');
 
-  // Calculate the SHA-1 HMAC Value from time and key
-  var hmacObj = new SHA.jsSHA(time, 'HEX');
-  var hmac = hmacObj.getHMAC(key, 'HEX', 'SHA-1', "HEX");
+  try {
+    // Calculate the SHA-1 HMAC Value from time and key
+    var hmacObj = new SHA.jsSHA(time, 'HEX');
+    var hmac = hmacObj.getHMAC(key, 'HEX', 'SHA-1', "HEX");
 
-  // Finally convert the HMAC-Value to the corresponding 6-digit token
-  var offset = hex2dec(hmac.substring(hmac.length - 1));
+    // Finally convert the HMAC-Value to the corresponding 6-digit token
+    var offset = hex2dec(hmac.substring(hmac.length - 1));
 
-  var otp = (hex2dec(hmac.substr(offset * 2, 8)) & hex2dec('7fffffff')) + '';
-  otp = (otp).substr(otp.length - 6, 6);
+    var otp = (hex2dec(hmac.substr(offset * 2, 8)) & hex2dec('7fffffff')) + '';
+    otp = (otp).substr(otp.length - 6, 6);
+  } catch (e) {
+    otp = "Invalid Secret!"
+  }
 
   // return the calculated token
   return otp;