https://bugs.openldap.org/show_bug.cgi?id=10192
--- Comment #9 from Howard Chu hyc@openldap.org --- (In reply to michal.pura from comment #8)
In my opinion example given in test080-hotp which uses PcbKpIJKbSiHZ7IzHiC0MWbLhdk= as a secret is misleading.
PcbKpIJKbSiHZ7IzHiC0MWbLhdk= is base64 encoded value of 3d c6 ca a4 82 4a 6d 28 87 67 b2 33 1e 20 b4 31 66 cb 85 d9 which is pointed by you recently.
The problem is that expected HOTP values which are embedded in the tests are not correct because openldap treat this secret PcbKpIJKbSiHZ7IzHiC0MWbLhdk= as a raw value directly (no base64 decoding is done before) which is the key point here.
NO, wrong. You have no idea what you're talking about. OpenLDAP stores the raw value. The base64 encoding is only used for display in LDIF, that's what the double-colon means.
Use the mailing list for discussion., there is no bug here. The code works as designed, according to the RFCs. Whatever problems you're having, the OpenLDAP code is 100% correct.
Follow directions and use the mailing list, or be banned. Your choice.