Import C-100 tokens

I have C-100-tokens with a CSV-file with serial/seed like this (some characters changed, so not valid)

I added the required type and length, so the import works.

1009824300000,BCGYIZJINW4CPQ5575KDY6HHGZQEMMMM,HOTP,6

After the import, no token works anymore, also not the soft tokens that were created previously.

Error message is
self.bkey = binascii.unhexlify(akey)
binascii.Error: Non-hexadecimal digit found

Deleting all the imported tokens solves the authentication problem for the previously created soft tokens.

I found this old issue that might be related: https://github.com/privacyidea/privacyidea/issues/764
I also found that I couldn’t manually get the provided string in the interface (OTP-key field)

Converting the string to hex using

echo -n “BCGYIZJINW4CPQ5575KDY6HHGZQEMMMM” | od -A n -t x1 | sed ‘s/ *//g’| tr -d ‘\n’

made that I could type it in the interface, but I can’t login with the token (wrong password on the OTP page of the login)

So the validation, mentioned in issue 764 is not done on CSV import and doing it wrong breaks the system.

From the issue I learn that I should treat the strings with
key_bin = base64.b32decode(“5XXPFKZTBYDSZISR252SIOT6BFTLJSH3”)
key_hex = binascii.hexlify(key_bin)

to get them in the right format.

Trying the above gives my a syntax error near unexpected symbol ‘(’ on line 1 (my Python skills are unfortunately non-existent.)

Anyone who can give me a hint?

OK, start of an answer:

Create a file encode.py

Add

import base64
import binascii
key_bin = base64.b32decode("5XXPFKZTBYDSZISR252SIOT6BFTLJSH3")
key_hex = binascii.hexlify(key_bin)
print (key_hex)

Run it with
python encode.py

That generates a number that works when you manually create a htop token en put the number in the OTP Key field.

This is basically correct. The string you have look base32 encoded.
But you need a hex encoded string.

So you might need to take a closed look at your python script.