From 8b9c1e21a4ee6668baf6682078011007226fb240 Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Tue, 12 Mar 2019 11:07:03 -0400
Subject: [PATCH] ToUpper base32 values for TOTP key ingress (#6400)

Fixes #6396
---
 builtin/logical/totp/backend_test.go | 3 ++-
 builtin/logical/totp/path_keys.go    | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/builtin/logical/totp/backend_test.go b/builtin/logical/totp/backend_test.go
index 8fb4cefa53b7..323475099de9 100644
--- a/builtin/logical/totp/backend_test.go
+++ b/builtin/logical/totp/backend_test.go
@@ -6,6 +6,7 @@ import (
 	"log"
 	"net/url"
 	"path"
+	"strings"
 	"testing"
 	"time"
 
@@ -25,7 +26,7 @@ func createKey() (string, error) {
 
 	key := keyUrl.Secret()
 
-	return key, err
+	return strings.ToLower(key), err
 }
 
 func generateCode(key string, period uint, digits otplib.Digits, algorithm otplib.Algorithm) (string, error) {
diff --git a/builtin/logical/totp/path_keys.go b/builtin/logical/totp/path_keys.go
index 24f2bb77e07c..63c1ce07f374 100644
--- a/builtin/logical/totp/path_keys.go
+++ b/builtin/logical/totp/path_keys.go
@@ -375,7 +375,7 @@ func (b *backend) pathKeyCreate(ctx context.Context, req *logical.Request, data
 			return logical.ErrorResponse("the key value is required"), nil
 		}
 
-		_, err := base32.StdEncoding.DecodeString(keyString)
+		_, err := base32.StdEncoding.DecodeString(strings.ToUpper(keyString))
 		if err != nil {
 			return logical.ErrorResponse(fmt.Sprintf(
 				"invalid key value: %s", err)), nil