yubikey-hmac-otp

Crates.ioyubikey-hmac-otp
lib.rsyubikey-hmac-otp
version0.10.2
sourcesrc
created_at2024-01-07 12:58:46.83507
updated_at2024-01-07 18:03:53.365723
descriptionYubikey Challenge-Response & Configuration
homepage
repositoryhttps://github.com/ashuio/yubikey-hmac-otp
max_upload_size
id1091741
size51,808
Ashutosh Verma (ashuio)

documentation

README

Yubikey hmac/otp   Build Status Latest Version MIT licensed Apache-2.0 licensed

Yubikey Challenge-Response & Configuration.


Current features

  • Challenge-Response, YubiKey 2.2 and later supports HMAC-SHA1 or Yubico challenge-response operations.
  • Configuration.

Usage

Add this to your Cargo.toml

[dependencies]
yubikey-hmac-otp = "0.10"

Configure Yubikey (HMAC-SHA1 mode)

Note, please read about the initial configuration Alternatively you can configure the yubikey with the official Yubikey Personalization GUI.

extern crate rand;
extern crate yubikey-hmac-otp;

use yubikey-hmac-otp::{Yubico};
use yubikey-hmac-otp::config::{Config, Command};
use yubikey-hmac-otp::configure::{ DeviceModeConfig };
use yubikey-hmac-otp::hmacmode::{ HmacKey };
use rand::{thread_rng, Rng};
use rand::distributions::{Alphanumeric};

fn main() {
   let mut yubi = Yubico::new();

   if let Ok(device) = yubi.find_yubikey() {
       println!("Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);

       let config = Config::new_from(device)
           .set_variable_size(true)
           .set_mode(Mode::Sha1)
           .set_slot(Slot::Slot2);

        let mut rng = thread_rng();

        // Secret must have 20 bytes
        // Used rand here, but you can set your own secret: let secret: &[u8; 20] = b"my_awesome_secret_20";
        let secret: String = rng.sample_iter(&Alphanumeric).take(20).collect();
        let hmac_key: HmacKey = HmacKey::from_slice(secret.as_bytes());

        let mut device_config = DeviceModeConfig::default();
        device_config.challenge_response_hmac(&hmac_key, false, false);

        if let Err(err) = yubi.write_config(config, &mut device_config) {
            println!("{:?}", err);
        } else {
            println!("Device configured");
        }

   } else {
       println!("Yubikey not found");
   }
}

Example Challenge-Response (HMAC-SHA1 mode)

Configure the yubikey with Yubikey Personalization GUI

extern crate hex;
extern crate yubikey-hmac-otp;

use std::ops::Deref;
use yubikey-hmac-otp::{Yubico};
use yubikey-hmac-otp::config::{Config, Slot, Mode};

fn main() {
   let mut yubi = Yubico::new();

   if let Ok(device) = yubi.find_yubikey() {
       println!("Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);

      let config = Config::new_from(device)
           .set_variable_size(true)
           .set_mode(Mode::Sha1)
           .set_slot(Slot::Slot2);

       // Challenge can not be greater than 64 bytes
       let challenge = String::from("mychallenge");
       // In HMAC Mode, the result will always be the SAME for the SAME provided challenge
       let hmac_result= yubi.challenge_response_hmac(challenge.as_bytes(), config).unwrap();

       // Just for debug, lets check the hex
       let v: &[u8] = hmac_result.deref();
       let hex_string = hex::encode(v);

       println!("{}", hex_string);

   } else {
       println!("Yubikey not found");
   }
}
Commit count: 0

cargo fmt