Re: OTP broken?
Am Sat, 7 Nov 2015 14:33:22 +0100
schrieb Michael Ströder <michael(a)stroeder.com>:
Dieter Klünter wrote:
> 6. added credentials by ldappasswd
> userPassword::
> e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09
I have not really tried the module myself yet but I note that the key
is actually 21 bytes long (see below). Shouldn't that be 20 bytes?
Ciao, Michael.
Python 2.7.10 (default, May 24 2015, 14:46:10) [GCC] on linux2
>>>
'e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09'.decode('base64')
'{TOTP1}NBUEI6KEJMYDCNBTGI2TMQKCINCA===='
>>> s='NBUEI6KEJMYDCNBTGI2TMQKCINCA===='.decode('base64')
>>> len(s)
21
The TOTP1 string is base32 encoded, not base64.
With regard to length, this might be a bug in google Authenticator, as
it would not accept a credential string shorter than mine.
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E