Fix token secret length RFC compliance

RFC 4226 states the following in section 4: R6 - The algorithm MUST use a strong shared secret. The length of the shared secret MUST be at least 128 bits. This document RECOMMENDs a shared secret length of 160 bits. Reviewed-By: Jan Cholasta <jcholast@redhat.com>
author: Nathaniel McCallum <npmccallum@redhat.com> 2014-03-03 11:09:26 -0500
committer: Petr Viktorin <pviktori@redhat.com> 2014-03-05 10:09:16 +0100
commit: 0ca6653c299c75f5215cc37c6b129ce58a85e8df (patch)
tree: 5e35078f5c66b1cf11652ba874a9a0d7a65673ee /ipalib/plugins/otptoken.py
parent: 21ff4f920e4ff7c1e2870024f007f067fc3cf6c8 (diff)
download: freeipa-0ca6653c299c75f5215cc37c6b129ce58a85e8df.tar.gz
freeipa-0ca6653c299c75f5215cc37c6b129ce58a85e8df.tar.xz
freeipa-0ca6653c299c75f5215cc37c6b129ce58a85e8df.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ipalib/plugins/otptoken.py b/ipalib/plugins/otptoken.py
index 92853dec3..91525398d 100644
--- a/ipalib/plugins/otptoken.py
+++ b/ipalib/plugins/otptoken.py
@@ -59,7 +59,7 @@ TOKEN_TYPES = {
 }
 
 # NOTE: For maximum compatibility, KEY_LENGTH % 5 == 0
-KEY_LENGTH = 10
+KEY_LENGTH = 20
 
 class OTPTokenKey(Bytes):
     """A binary password type specified in base32."""
author	Nathaniel McCallum <npmccallum@redhat.com>	2014-03-03 11:09:26 -0500
committer	Petr Viktorin <pviktori@redhat.com>	2014-03-05 10:09:16 +0100
commit	0ca6653c299c75f5215cc37c6b129ce58a85e8df (patch)
tree	5e35078f5c66b1cf11652ba874a9a0d7a65673ee /ipalib/plugins/otptoken.py
parent	21ff4f920e4ff7c1e2870024f007f067fc3cf6c8 (diff)
download	freeipa-0ca6653c299c75f5215cc37c6b129ce58a85e8df.tar.gz freeipa-0ca6653c299c75f5215cc37c6b129ce58a85e8df.tar.xz freeipa-0ca6653c299c75f5215cc37c6b129ce58a85e8df.zip