[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OTP broken?

To: Michael Ströder <michael@stroeder.com>, Dieter Klünter <dieter@dkluenter.de>, openldap-technical@openldap.org
Subject: Re: OTP broken?
From: Howard Chu <hyc@symas.com>
Date: Sat, 7 Nov 2015 17:46:04 +0000
In-reply-to: <563DFDA2.1010901@stroeder.com>
References: <20151106085534.GD26689@homeworld.netbsd.org> <20151106225310.511fcf95@pink.avci.de> <563D4E39.2040908@symas.com> <20151107132925.19d0847c@pink.avci.de> <563DFDA2.1010901@stroeder.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:41.0) Gecko/20100101 Firefox/41.0 SeaMonkey/2.38a1

Michael Ströder wrote:

Dieter Klünter wrote:

6. added credentials by ldappasswd
    userPassword:: e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09


I have not really tried the module myself yet but I note that the key is
actually 21 bytes long (see below). Shouldn't that be 20 bytes?

Looks like you're right. Perhaps we should re-enable the key length checks inthe module (which are currently disabled with #if 0 ).


Ciao, Michael.

Python 2.7.10 (default, May 24 2015, 14:46:10) [GCC] on linux2

'e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09'.decode('base64')

'{TOTP1}NBUEI6KEJMYDCNBTGI2TMQKCINCA===='

s='NBUEI6KEJMYDCNBTGI2TMQKCINCA===='.decode('base64')
len(s)



--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- OTP broken?
  - From: Emmanuel Dreyfus <manu@netbsd.org>
- Re: OTP broken?
  - From: Dieter Klünter <dieter@dkluenter.de>
- Re: OTP broken?
  - From: Howard Chu <hyc@symas.com>
- Re: OTP broken?
  - From: Dieter Klünter <dieter@dkluenter.de>
- Re: OTP broken?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: Controlling rootdn access
Next by Date: TOTP configuration
Index(es):
- Chronological
- Thread