From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Tue, 9 Apr 2019 10:44:23 +0000 (+0200)
Subject: u2f: new perl bindings encode public key for us
X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=commitdiff_plain;h=eb25cbafc37cb08b93bb089f788ce571a7db73e8

u2f: new perl bindings encode public key for us

as it was binary data, which can contain everything, including '\0',
and this was cut off, making it impossible to login after
registration, as a borked publicKey got saved in tfa.cfg

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---

diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 2caa4af..dfbdfc6 100644
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -589,7 +589,7 @@ __PACKAGE__->register_method ({
 	    my ($keyHandle, $publicKey) = $u2f->registration_verify($response);
 	    PVE::AccessControl::user_set_tfa($userid, $realm, 'u2f', {
 		keyHandle => $keyHandle,
-		publicKey => encode_base64($publicKey, ''),
+		publicKey => $publicKey, # already base64 encoded
 	    });
 	} else {
 	    die "invalid action: $action\n";