u2f: new perl bindings encode public key for us
authorThomas Lamprecht <t.lamprecht@proxmox.com>
Tue, 9 Apr 2019 10:44:23 +0000 (12:44 +0200)
committerThomas Lamprecht <t.lamprecht@proxmox.com>
Tue, 9 Apr 2019 10:44:25 +0000 (12:44 +0200)
as it was binary data, which can contain everything, including '\0',
and this was cut off, making it impossible to login after
registration, as a borked publicKey got saved in tfa.cfg

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
PVE/API2/AccessControl.pm

index 2caa4af..dfbdfc6 100644 (file)
@@ -589,7 +589,7 @@ __PACKAGE__->register_method ({
            my ($keyHandle, $publicKey) = $u2f->registration_verify($response);
            PVE::AccessControl::user_set_tfa($userid, $realm, 'u2f', {
                keyHandle => $keyHandle,
-               publicKey => encode_base64($publicKey, ''),
+               publicKey => $publicKey, # already base64 encoded
            });
        } else {
            die "invalid action: $action\n";