Unable to bulk import sha256 TOTP tokens


#1

When attempting to bulk import seeds that are sha256 hashed, they get imported but show up as sha1. The seed is 64bytes hexadecimal format and my understanding is it should detect its sha256 based on length?

The import file is in .csv and as per the format expected (serial, seed, type, length, time step)

Any suggestions/thoughts on how to get around this issue? I am a bit reluctant to edit this directly in the database…?

normal sha1 tokens work OK.

Has anyone else seen this issue? The version im running is 2.21.4

Thanks


#2

I can confirm that you found a bug.
I added it at github https://github.com/privacyidea/privacyidea/issues/1061
and documented the problematic code section.

That is not a big issue. If you like to do python, you are welcome to go for a pull request.

Thanks a lot for bringing this up.


#3

Thanks for looking into and confirming this. Ill have a stab at it.

I was also wondering, Do you see any major issues if the hashlib value for the imported tokens were tweaked manually in the (tokeninfo) table?


#4

No. You can very well run an UPDATE on the tokeninfo table after import. Then everything should be fine.


#5

Yup, works fine. thanks again :slight_smile: