Hi to all,
I would like to add the otp-attributes with the following LDIF: --------------- dn: ou=users,dc=example,dc=net changetype: modify add: objectClass objectClass: oathTOTPParams - add: oathOTPLength oathOTPLength: 6 - add: oathHMACAlgorithm oathHMACAlgorithm: 1.2.840.113549.2.11 - add: oathTOTPTimeStepPeriod oathTOTPTimeStepPeriod: 30 - add: oathTOTPTimeStepWindow oathTOTPTimeStepWindow: 3 ---------------
But I'm getting: ----------- modifying entry "ou=users,dc=example,dc=net" ldap_modify: Invalid syntax (21) additional info: oathHMACAlgorithm: value #0 invalid per syntax ----------- If I switch to SHA1: ----------- oathHMACAlgorithm: 1.2.840.113549.2.7 -----------
it works. The manpage is telling me: ----------- oathHMACAlgorithm: <OID> The OID of the hash algorithm to use as defined in RFC 8018. Supported algorithms include SHA1, SHA224, SHA256, SHA384 and SHA512. -----------
and .11 is SHA512. Why is it not working? Do I have to give the OID in a different way?
Stefan