[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OTP broken?

To: openldap-technical@openldap.org
Subject: Re: OTP broken?
From: Dieter Klünter <dieter@dkluenter.de>
Date: Sat, 7 Nov 2015 20:53:38 +0100
In-reply-to: <563DFDA2.1010901@stroeder.com>
Organization: AVCI
References: <20151106085534.GD26689@homeworld.netbsd.org> <20151106225310.511fcf95@pink.avci.de> <563D4E39.2040908@symas.com> <20151107132925.19d0847c@pink.avci.de> <563DFDA2.1010901@stroeder.com>

Am Sat, 7 Nov 2015 14:33:22 +0100
schrieb Michael Ströder <michael@stroeder.com>:

> Dieter Klünter wrote:
> > 6. added credentials by ldappasswd
> >    userPassword::
> > e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09
> 
> I have not really tried the module myself yet but I note that the key
> is actually 21 bytes long (see below). Shouldn't that be 20 bytes?
> 
> Ciao, Michael.
> 
> Python 2.7.10 (default, May 24 2015, 14:46:10) [GCC] on linux2
> >>> 'e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09'.decode('base64')
> '{TOTP1}NBUEI6KEJMYDCNBTGI2TMQKCINCA===='
> >>> s='NBUEI6KEJMYDCNBTGI2TMQKCINCA===='.decode('base64')
> >>> len(s)
> 21

The TOTP1 string is base32 encoded, not base64.
With regard to length, this might be a bug in google Authenticator, as
it would not accept a credential string shorter than mine.

-Dieter




-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E

Follow-Ups:
- Re: OTP broken?
  - From: Michael Ströder <michael@stroeder.com>
- Re: OTP broken?
  - From: Dieter Klünter <dieter@dkluenter.de>

References:
- OTP broken?
  - From: Emmanuel Dreyfus <manu@netbsd.org>
- Re: OTP broken?
  - From: Dieter Klünter <dieter@dkluenter.de>
- Re: OTP broken?
  - From: Howard Chu <hyc@symas.com>
- Re: OTP broken?
  - From: Dieter Klünter <dieter@dkluenter.de>
- Re: OTP broken?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: TOTP configuration
Next by Date: Re: OTP broken?
Index(es):
- Chronological
- Thread