Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

'NoneType' object has no attribute 'encryptionkey' when importing pskc #1915

Open
sverslaagh opened this issue Nov 5, 2019 · 3 comments

Comments

@sverslaagh
Copy link

@sverslaagh sverslaagh commented Nov 5, 2019

Top-level intent

What did you try to achieve?

Load a pskc file into PrivacyIDEA

Steps to reproduce

  1. Clean install
  2. Log in, make realm from passwd file
  3. Import Token -> PSKC -> select file

Expected outcome

What do you think, how the system should have worked?

It should have imported the token

Actual outcome

What did actually happen?

Got an error

Configuration

  • privacyIDEA version: 3.0
  • Installation method: (from Ubuntu packages, github, PyPI, ...) Ubuntu
  • Python version: I have 2.7 and 3.6 installed
  • Operating system: Ubuntu 18.04
  • Webserver: apache2
  • Token database: (MySQL, PostgreSQL, ...) mysql

Log file

[2019-11-05 13:11:34,024][754][140683384121088][DEBUG][privacyidea.api.before_after:84] Begin handling of request u'/token/load/filename?'
[2019-11-05 13:11:34,025][754][140683384121088][DEBUG][privacyidea.api.lib.utils:219] Can not get param: No JSON object could be decoded
[2019-11-05 13:11:34,025][754][140683384121088][DEBUG][privacyidea.lib.user:185] Entering get_user_from_param with arguments ({'tokenrealms': u'defrealm', 'type': u'pskc'},) and keywords {}
[2019-11-05 13:11:34,025][754][140683384121088][DEBUG][privacyidea.lib.user:185] Entering User with arguments () and keywords {'login': '', 'realm': '', 'resolver': None}
[2019-11-05 13:11:34,025][754][140683384121088][DEBUG][privacyidea.lib.user:197] Exiting User with result
[2019-11-05 13:11:34,025][754][140683384121088][DEBUG][privacyidea.lib.user:197] Exiting get_user_from_param with result
[2019-11-05 13:11:34,025][754][140683384121088][DEBUG][privacyidea.lib.audit:188] Entering getAudit with arguments HIDDEN and keywords HIDDEN
[2019-11-05 13:11:34,026][754][140683384121088][DEBUG][privacyidea.lib.utils:1120] klass: <class 'privacyidea.lib.auditmodules.sqlaudit.Audit'>
[2019-11-05 13:11:34,026][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:185] Entering read_keys with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7ff357334a90>, '/etc/privacyidea/public.pem', '/etc/privacyidea/private.pem') and keywords {}
[2019-11-05 13:11:34,026][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:197] Exiting read_keys with result None
[2019-11-05 13:11:34,026][754][140683384121088][DEBUG][privacyidea.lib.audit:197] Exiting getAudit with result <privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7ff357334a90>
[2019-11-05 13:11:34,029][754][140683384121088][DEBUG][privacyidea.lib.config:185] Entering get_from_config with arguments ('OverrideAuthorizationClient',) and keywords {}
[2019-11-05 13:11:34,029][754][140683384121088][DEBUG][privacyidea.lib.config:315] Cloning request-local config from shared config object
[2019-11-05 13:11:34,031][754][140683384121088][DEBUG][privacyidea.lib.config:197] Exiting get_from_config with result None
[2019-11-05 13:11:34,031][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:185] Entering log with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7ff357334a90>, {'privacyidea_server': '192.168.2.230', 'token_type': None, 'user': None, 'resolver': None, 'serial': None, 'info': '', 'realm': None, 'success': False, 'client_user_agent': 'firefox', 'client': '192.168.2.147', 'action_detail': '', 'action': 'POST /token/load/'}) and keywords {}
[2019-11-05 13:11:34,031][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:197] Exiting log with result None
[2019-11-05 13:11:34,032][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:185] Entering log with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7ff357334a90>, {'administrator': u'admin'}) and keywords {}
[2019-11-05 13:11:34,032][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:197] Exiting log with result None
[2019-11-05 13:11:34,033][754][140683384121088][DEBUG][privacyidea.api.token:185] Entering loadtokens_api with arguments () and keywords {'filename': u'filename'}
[2019-11-05 13:11:34,033][754][140683384121088][DEBUG][privacyidea.lib.policy:185] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7ff3572c2b10>,) and keywords {'realm': None, 'name': None, 'sort_by_priority': True, 'action': 'importtokens', 'client': '192.168.2.147', 'user': u'admin', 'resolver': None, 'active': True, 'scope': 'admin', 'adminrealm': u''}
[2019-11-05 13:11:34,033][754][140683384121088][DEBUG][privacyidea.lib.policy:515] Policies after matching active: [][2019-11-05 13:11:34,033][754][140683384121088][DEBUG][privacyidea.lib.policy:515] Policies after matching scope: []
[2019-11-05 13:11:34,033][754][140683384121088][DEBUG][privacyidea.lib.policy:539] Policies after matching action: [][2019-11-05 13:11:34,033][754][140683384121088][DEBUG][privacyidea.lib.policy:539] Policies after matching user: []
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:539] Policies after matching adminrealm: []
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:605] Policies after matching client
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:197] Exiting list_policies with result []
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:665] Policies after matching time: []
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:670] Policies after matching conditions[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:185] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7ff3572c2b10>,) and keywords {'active': True, 'scope': 'admin'}
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:515] Policies after matching active: [][2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:515] Policies after matching scope: []
[2019-11-05 13:11:34,034][754][140683384121088][DEBUG][privacyidea.lib.policy:197] Exiting list_policies with result []
[2019-11-05 13:11:34,035][754][140683384121088][DEBUG][privacyidea.api.token:885] Werkzeug File storage file: <FileStorage: u'gemalto.pskc' ('application/octet-stream')>
[2019-11-05 13:11:34,035][754][140683384121088][DEBUG][privacyidea.lib.importotp:185] Entering parsePSKCdata with arguments (u'pskc:KeyPackage\r\n pskc:DeviceInfo\r\n pskc:Manufactureriana.GEMALTO</pskc:Manufacturer>\r\n pskc:SerialNo</pskc:SerialNo>\r\n pskc:ModelLAVA</pskc:Model>\r\n pskc:IssueNo1</pskc:IssueNo>\r\n </pskc:DeviceInfo>\r\n <pskc:Key Id="" Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:totp">\r\n pskc:IssuerGemalto</pskc:Issuer>\r\n pskc:AlgorithmParameters\r\n <pskc:ResponseFormat Encoding="DECIMAL" Length="7" />\r\n </pskc:AlgorithmParameters>\r\n pskc:Data\r\n pskc:Secret\r\n pskc:EncryptedValue\r\n <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />\r\n xenc:CipherData\r\n xenc:CipherValue</xenc:CipherValue>\r\n </xenc:CipherData>\r\n </pskc:EncryptedValue>\r\n pskc:ValueMAC</pskc:ValueMAC>\r\n </pskc:Secret>\r\n pskc:Time\r\n pskc:PlainValue0</pskc:PlainValue>\r\n </pskc:Time>\r\n pskc:TimeInterval\r\n pskc:PlainValue30</pskc:PlainValue>\r\n </pskc:TimeInterval>\r\n </pskc:Data>\r\n pskc:Policy\r\n pskc:KeyUsageOTP</pskc:KeyUsage>\r\n </pskc:Policy>\r\n </pskc:Key>\r\n </pskc:KeyPackage>',) and keywords {'password': None, 'preshared_key_hex': None}
[2019-11-05 13:11:34,139][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:185] Entering log with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7ff357334a90>, {'info': u"'NoneType' object has no attribute 'encryptionkey'"}) and keywords {}
[2019-11-05 13:11:34,139][754][140683384121088][DEBUG][privacyidea.lib.auditmodules.base:197] Exiting log with result None
[2019-11-05 13:11:34,198][754][140683384121088][DEBUG][privacyidea.api.lib.utils:219] Can not get param: No JSON object could be decoded
[2019-11-05 13:11:34,200][754][140683384121088][DEBUG][privacyidea.api.lib.utils:219] Can not get param: No JSON object could be decoded

Set PI_LOGLEVEL = logging.DEBUG in pi.cfg and take a look at the privacyidea.log!
If appropriate, attach the log file or paste relevant portions.

Note: Sensitive data has been replaced with

@cornelinux

This comment has been minimized.

Copy link
Member

@cornelinux cornelinux commented Nov 5, 2019

I think either you have a malformed pskc (which I can only guess, since I do not see it completly) or you did not provide a password or key.
The data seems to be encrypted, but it looks like as if you neither provided a PW or key.

@plettich

This comment has been minimized.

Copy link
Member

@plettich plettich commented Nov 12, 2019

Maybe we should check if the KeyContainer element exists in the xml beforehand so we could emit more meaningful error messages.

@cornelinux

This comment has been minimized.

Copy link
Member

@cornelinux cornelinux commented Nov 13, 2019

@sverslaagh can you please provide some more information on this? (See my previous comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.