Skip to content

Home

Jump to bottom
XanaDublaKublaConch edited this page May 2, 2020 · 5 revisions

Welcome to the pysdtoken wiki!

Using stoken to generate fake tokens for testing

The only information here right now is how to use stoken to generate fake tokens for dev/test work. Most of us don't have admin access to the RSA servers that buy and issue tokens.

First, get stoken for Linux or Mac. The Windows version apparently hasn't implemented --random, which is needed for the random token data in the fake token.

Follow the instructions to get it compiled and installed. Run _ldconfig _to update your lib searches.

You have to start with a template sdtid. I used the sample tpl.xml from the stoken example. My first attempts created tokens that crashed my windows soft token client, so you have to have add more fields in there apparently or it will choke. I then modified the AddPin setting and it gave me a token that requires a PIN "login" to get to the passcode, which then rotates on screen. Some soft tokens have no PIN input, so you just grab the tokencode from the soft token and prepend your PIN to the tokencode when logging in with 2FA.

A pinless token template might look like this:

<?xml version="1.0"?>
<TKNBatch>
  <TKNHeader>
    <Version>0</Version>
    <Origin>N/A</Origin>
    <Dest>N/A</Dest>
    <Name>N/A</Name>
    <FirstToken>N/A</FirstToken>
    <LastToken>N/A</LastToken>
    <NumTokens>0</NumTokens>
    <DefBirth>2017/10/17</DefBirth>
    <DefDeath>2035/12/31</DefDeath>
    <DefDigits>8</DefDigits>
    <DefInterval>30</DefInterval>
    <DefAlg>1</DefAlg>
    <DefMode>0</DefMode>
    <DefPrecision>1200</DefPrecision>
    <DefSmallWin>300</DefSmallWin>
    <DefMediumWin>600</DefMediumWin>
    <DefLargeWin>600</DefLargeWin>
    <DefAddPIN>0</DefAddPIN>
    <DefLocalPIN>0</DefLocalPIN>
    <DefCopyProtection>0</DefCopyProtection>
    <DefPinType>0</DefPinType>
    <DefKeypad>1</DefKeypad>
    <DefProtLevel>0</DefProtLevel>
    <DefRevision>0</DefRevision>
    <DefTimeDerivedSeeds>1</DefTimeDerivedSeeds>
    <DefAppDerivedSeeds>0</DefAppDerivedSeeds>
    <DefFormFactor>20000001</DefFormFactor>
  </TKNHeader>
  <TKN>
    <SN>000408697972</SN>
    <UserFirstName>Darth</UserFirstName>
    <UserLastName>Vader</UserLastName>
    <UserLogin>dvader</UserLogin>
	<PinType>0</PinType>
    <TokenAttributes>
      <Nickname>Pinless</Nickname>
	  <DeviceSerialNumber>00ea065b2ea4dd3f48ah</DeviceSerialNumber>
	  <DeviceTypeVersion>5.x</DeviceTypeVersion>
	  <DeviceType>PC Software Token V3.0 or later</DeviceType>
	  <DeviceTypeFamily>Desktop PC with Automation</DeviceTypeFamily>
    </TokenAttributes>
  </TKN>
</TKNBatch>

Then generate the token with the stoken command:

stoken issue --random --sdtid --template pnless.tpl > fake_pinless.sdtid

Finally, import the sdtid into your soft token:

Sof Token GUI with new pinless token

Clone this wiki locally