Handle short secret error for Yandex code

Author: replydev

src/otp/algorithms/yandex_otp_maker.rs

@@ -70,6 +70,10 @@ where
         Err(e) => return Err(OtpError::SecretEncoding(e.kind, e.position)),
     };
 
+    if decoded_secret.len() < SECRET_LENGHT {
+        return Err(OtpError::ShortSecret);
+    }
+
     let parsed_secret = &decoded_secret.as_slice()[0..SECRET_LENGHT];
 
     let mut pin_with_secret: Vec<u8> = Vec::with_capacity(pin.as_bytes().len() + SECRET_LENGHT);

src/otp/otp_error.rs

@@ -5,6 +5,7 @@ use std::fmt::{Display, Formatter};
 pub enum OtpError {
     SecretEncoding(DecodeKind, usize), // Secret encoding error, of given kind at give position
     MissingPin,                        // Missing Pin for Yandex / MOTP Codes
+    ShortSecret,                       // Short secret for Yandex codes
     MissingCounter,                    // Missing counter for HOTP codes
     InvalidOffset,                     // Invalid offset
     InvalidDigest,                     // Invalid digest
@@ -20,6 +21,7 @@ impl Display for OtpError {
             OtpError::MissingCounter => f.write_str("Missing counter value"),
             OtpError::InvalidDigest => f.write_str("Invalid digest"),
             OtpError::InvalidOffset => f.write_str("Invalid offset"),
+            OtpError::ShortSecret => f.write_str("Secret length less than 16 bytes"),
         }
     }
 }