test token
16 views
Skip to first unread message
lei xiao
Nov 30, 2015, 8:33:34 AM11/30/15
to privacyidea
When I do test token, there will be the following tips?
What's going on?
'ascii' codec can't decode byte 0xd4 in position 3: ordinal not in range(128)
I view the log
[2015-11-30 05:30:44,256][1214][139635295258368][ERROR][privacyidea.app:1423] Exception on /validate/check [POST]
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/postpolicy.py", line 96, in policy_wrapper
response = wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/postpolicy.py", line 96, in policy_wrapper
response = wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/postpolicy.py", line 96, in policy_wrapper
response = wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/postpolicy.py", line 96, in policy_wrapper
response = wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/postpolicy.py", line 96, in policy_wrapper
response = wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/postpolicy.py", line 96, in policy_wrapper
response = wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/prepolicy.py", line 90, in policy_wrapper
return wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/prepolicy.py", line 90, in policy_wrapper
return wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/decorators.py", line 89, in check_user_or_serial_in_request_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/lib/prepolicy.py", line 90, in policy_wrapper
return wrapped_function(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/api/validate.py", line 184, in check
result, details = check_serial_pass(serial, password, options=options)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/log.py", line 125, in log_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/policydecorators.py", line 81, in policy_wrapper
return self.decorator_function(wrapped_function, *args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/policydecorators.py", line 360, in auth_lastauth
res, reply_dict = wrapped_function(user_or_serial, passw, options)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/token.py", line 1766, in check_serial_pass
options=options)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/log.py", line 125, in log_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/token.py", line 1861, in check_token_list
options=options)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/decorators.py", line 45, in token_locked_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/tokenclass.py", line 388, in authenticate
otp_counter = self.check_otp(otpval, options=options)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/decorators.py", line 45, in token_locked_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/totptoken.py", line 326, in check_otp
symetric=True)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/log.py", line 125, in log_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/HMAC.py", line 147, in checkOtp
otpval = self.generate(c)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/HMAC.py", line 122, in generate
hmac = self.hmac(counter=counter, key=key)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/HMAC.py", line 82, in hmac
dig = str(self.secretObj.hmac_digest(data_input, self.hashfunc))
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/crypto.py", line 106, in hmac_digest
self._setupKey_()
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/crypto.py", line 138, in _setupKey_
akey = decrypt(self.val, self.iv)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/log.py", line 125, in log_wrapper
f_result = func(*args, **kwds)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/crypto.py", line 342, in decrypt
ret = hsm.decrypt(input, iv, id)
File "/usr/lib/python2.7/dist-packages/privacyidea/lib/security/default.py", line 397, in decrypt
eof = output.rfind(u"\x01\x02")
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd4 in position 3: ordinal not in range(128)
Cornelius Kölbel
Nov 30, 2015, 9:39:22 AM11/30/15
to priva...@googlegroups.com
The error is thrown in the decrypt method.
So probably you have a problem with your encryption key, which does not
fit the encrypted material.
This is all I can guess from this amount of information.
Kind regards
Cornelius
Am Montag, den 30.11.2015, 05:33 -0800 schrieb lei xiao:
> When I do test token, there will be the following tips?
> What's going on?
>
>
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/89a062d1-97e4-4bf9-a35b-2aec9e8741ea%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
So probably you have a problem with your encryption key, which does not
fit the encrypted material.
This is all I can guess from this amount of information.
Kind regards
Cornelius
Am Montag, den 30.11.2015, 05:33 -0800 schrieb lei xiao:
> When I do test token, there will be the following tips?
> What's going on?
>
>
>
>
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/89a062d1-97e4-4bf9-a35b-2aec9e8741ea%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Message has been deleted
Cornelius Kölbel
Dec 1, 2015, 12:30:45 PM12/1/15
to priva...@googlegroups.com
Hello Lei,
I do not quite get your point.
This error at this position usually indicates that the encryption key
(defined in pi.cfg, usually the file /etc/privacyidea/enckey) has
changed.
So the question is, what you have done, that leads to this error?
Kind regards
Cornelius
Am Montag, den 30.11.2015, 18:15 -0800 schrieb lei xiao:
> I could not read the complete code, which should be given encryption
> and decryption problem. When generating token, it will use sha1
> hashing, if only token hash should not have this problem, a simple
> affirmation of where the hash value is the same. Unless the HMAC hash
> this way. So the problem here? (A + token) hashing, then a is the
> number?
>
> 在 2015年11月30日星期一 UTC+8下午9:33:34,lei xiao写道:
I do not quite get your point.
This error at this position usually indicates that the encryption key
(defined in pi.cfg, usually the file /etc/privacyidea/enckey) has
changed.
So the question is, what you have done, that leads to this error?
Kind regards
Cornelius
Am Montag, den 30.11.2015, 18:15 -0800 schrieb lei xiao:
> I could not read the complete code, which should be given encryption
> and decryption problem. When generating token, it will use sha1
> hashing, if only token hash should not have this problem, a simple
> affirmation of where the hash value is the same. Unless the HMAC hash
> this way. So the problem here? (A + token) hashing, then a is the
> number?
>
> 在 2015年11月30日星期一 UTC+8下午9:33:34,lei xiao写道:
> When I do test token, there will be the following tips?
> What's going on?
>
>
>
>
> What's going on?
>
>
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/e5996db2-dd10-44e1-872a-1e2450b738da%40googlegroups.com.
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> To view this discussion on the web visit
Reply all
Reply to author
Forward
0 new messages