Unable to bulk import sha256 TOTP tokens

em0_pi · May 9, 2018, 9:33pm

When attempting to bulk import seeds that are sha256 hashed, they get imported but show up as sha1. The seed is 64bytes hexadecimal format and my understanding is it should detect its sha256 based on length?

The import file is in .csv and as per the format expected (serial, seed, type, length, time step)

Any suggestions/thoughts on how to get around this issue? I am a bit reluctant to edit this directly in the database…?

normal sha1 tokens work OK.

Has anyone else seen this issue? The version im running is 2.21.4

Thanks

cornelinux · May 10, 2018, 7:25am

I can confirm that you found a bug.
I added it at github https://github.com/privacyidea/privacyidea/issues/1061
and documented the problematic code section.

That is not a big issue. If you like to do python, you are welcome to go for a pull request.

Thanks a lot for bringing this up.

em0_pi · May 10, 2018, 8:19am

Thanks for looking into and confirming this. Ill have a stab at it.

I was also wondering, Do you see any major issues if the hashlib value for the imported tokens were tweaked manually in the (tokeninfo) table?

cornelinux · May 10, 2018, 9:30am

No. You can very well run an UPDATE on the tokeninfo table after import. Then everything should be fine.

em0_pi · May 10, 2018, 10:11am

Yup, works fine. thanks again