The AES secret stored in the database when adding the token using YMS is 45 chars long and when added using mysql it is 24.
From what I can tell this problem is caused by the AES encryption of the base64 AES key that yms does
If I remove the aesEncrypt($sec) from yubiphpbase/key_lib.php the key is stored in a format that libyubikey-client accepts, the accessed date however is still a problem when it is set to '0000-00-00 00:00:00' and the AES secret shown in YMS is currupted, I guess since it is the AES decoded value of the base64 string.
Code:
function addNewKey($devId64, $active, $sec, $note, $client, $user=-1, $serial='') {
global $admEmail;
$usrid = $user > 0 ? $user : base64_encode(time());
$sn = $serial != '' ? $serial : nextSerial();
$stmt = 'INSERT INTO yubikeys '.
'(client_id,active,created,tokenId,userId,secret,counter,low,high,notes,serial) VALUES ('.
$client.','.
$active.','.
'NOW(),'.
mysql_quote($devId64).','.
mysql_quote($usrid).','.
mysql_quote($sec).','.
'0,'.
'0,'.
'0,'.
mysql_quote($note).','.
mysql_quote($sn).
')';
writeLog($stmt);
if (!query($stmt)) {
$err = 'Failed to add a new key, devId='.$devId64.' for client '.$client;
writeLog($err);
sendMail($admEmail, 'Failed to add a new yubikey', $err, $admEmail);
return null;
}
$a = array();
$a['keyid'] = mysql_insert_id();
$a['sn'] = $sn;
$a['usrid'] = $usrid;
return $a;
}
Login
FAQ
Search
