https://bugs.openldap.org/show_bug.cgi?id=10192
Issue ID: 10192
Summary: otp.c overlay - HOTP wrongly numbers gneration
Product: OpenLDAP
Version: 2.6.7
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: overlays
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Hello, I am trying to use otp.c overlay but seems that numbers are not properly
generated.
In my case I have random secret like 'aaaabbbbccccdddd' and according to what
Google Authenticator and https://www.verifyr.com/en/otp/check#hotp is
generating we should have the following HOTP codes for above secret:
1 - 229789
2 - 801677
3 - 630108
4 - 214543
5 - 916392
6 - 346078
7 - 701644
8 - 865071
9 - 431248
10 - 355053
but, otp.c module is returning the following numbers:
1 - 441008
2 - 465617
3 - 669281
4 - 042697
5 - 461210
6 - 620979
7 - 700859
8 - 573924
9 - 805067
10 - 135880
The secret is properly generated and used in the code. I've checked it under
debugger. The hash algorithm is defined as 1.2.840.113549.2.7 ->
HMAC-WITH-SHA1. What is wrong?
--
You are receiving this mail because:
You are on the CC list for the issue.
