iOS support? #58
Comments
|
The Apple NFC lib introduced in iOS 11 is read-only. So any operations that would require writing to the NFC device - like, say, storing the secret used for generating the TOTP code - can not be done. Now, could support be added somehow for pulling a TOTP code based on an already stored shared secret? ¯_(ツ)_/¯ I don't know how the NFC protocol works for the yubikeys. But CoreNFC does support NDEF 1 through 5, and my understanding is that the Yubikey Neo is NDEF 4. |
|
Right. Which is why the suggestion was to add just reading TOTP codes. AFAIK this should be able to be done given you're only pulling data, not writing anything. |
|
On further reading I don't think this is going to work. Here's the Yubikey page for OATH, which encompasses both the time-based TOTP codes and counter-based HOTP codes. For TOTP it's described thusly
and farther down on the page we have this
That would read, to me, like there must be a two-way exchange to get a TOTP code - first the current time would need to be written into the NEO via NFC, then the list of TOTP codes generated using that timestamp can be read back out. The only way I see that not being necessary is if the NFC handshake process provides a timestamp and it's used by the NEO. Perhaps someone more familiar with the software can speak to this. |
|
Unfortunately all commands require both reading and writing to the YubiKey. Closing this issue now as it's impossible with the currently available NFC API on iOS. If the API becomes more permissive in the future we'll absolutely look into it again! |
Apple "announced" an "NFC Reader Mode" built into iOS 11 using their CoreNFC framework...details here:
https://developer.apple.com/documentation/corenfc
Any thoughts on a port to pull TOTP on iOS in the future?
The text was updated successfully, but these errors were encountered: