forked from Yubico/yubico-c
/
README
209 lines (164 loc) · 6.25 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
Introduction
This package make up the low-level C software development kit for the
Yubico authentication device, the YubiKey. In particular:
* AUTHORS, COPYING, NEWS, README, THANKS: Meta-information about the project.
* yubikey.h: Prototypes for library.
* yktoken.c, ykmodhex.c, ykhex.c, ykcrc.c, ykaes.c: Library implementation.
* selftest.c: Library self tests.
* modhex.c: Command-line tool for modhex encoding/decoding.
* ykgenerate.c: Command line tool to construct and encrypt an OTP.
* ykparse.c: Command line tool to decrypt and parse an OTP.
* simple.mk: Simple makefile to build the above parts.
* configure.ac, Makefile.am: Autoconf/Automake files.
* libyubikey.map: Linker version script.
License
The project is licensed under a BSD license. See the file COPYING for
exact wording. For any copyright year range specified as YYYY-ZZZZ in
this package note that the range specifies every single year in that
closed interval.
Building from version controlled sources
Skip to the next section if you are using an official packaged
version, which is what we recommend.
You may check out the sources using GIT with the following command:
git clone git://github.com/Yubico/yubico-c.git
This will create a directory 'yubico-c'. Enter the directory:
cd yubico-c
You need to have autoconf, automake and libtool installed if you want
to use the normal ./configure based approach. Use simple.mk if you
don't want this step. Generate the build system using:
autoreconf --install
Building
To build using the Autoconf, automake and libtool infrastructure,
which is recommend for more advanced purposes especially for
cross-compilation and shared library support, build it as follows.
$ ./configure
$ make check install
Another way to build the package is by running 'make -f simple.mk
check'. It will build each component, and also test it. See below
for sample session. This is useful if you want to target a platform
that doesn't support Autoconf/automake/libtool well.
$ make -f simple.mk check
cc -I. -Wall -g -c -o yktoken.o yktoken.c
cc -I. -Wall -g -c -o ykmodhex.o ykmodhex.c
cc -I. -Wall -g -c -o ykhex.o ykhex.c
cc -I. -Wall -g -c -o ykcrc.o ykcrc.c
cc -I. -Wall -g -c -o ykaes.o ykaes.c
cc -I. -Wall -g modhex.c yktoken.o ykmodhex.o ykhex.o ykcrc.o ykaes.o yubikey.h -o modhex
cc -I. -Wall -g ykparse.c yktoken.o ykmodhex.o ykhex.o ykcrc.o ykaes.o yubikey.h -o ykparse
cc -I. -Wall -g selftest.c yktoken.o ykmodhex.o ykhex.o ykcrc.o ykaes.o yubikey.h -o selftest
selftest.c: In function ‘main’:
selftest.c:163: warning: pointer targets in passing argument 3 of ‘yubikey_generate’ differ in signedness
./yubikey.h:76: note: expected ‘char *’ but argument is of type ‘uint8_t *’
cc -I. -Wall -g ykgenerate.c yktoken.o ykmodhex.o ykhex.o ykcrc.o ykaes.o yubikey.h -o ykgenerate
./selftest
modhex-encode("test") = ifhgieif
Modhex-1 success
modhex-decode("ifhgieif") = test
Modhex-2 success
hex-p("cbdefghijklnrtuv") = 1
Hex-3 success
hex-p("0123Xabc") = 0
Hex-3 success
hex-encode("test") = 74657374
Hex-1 success
hex-decode("74657374") = test
Hex-2 success
hex-p("0123456789abcdef") = 1
Hex-3 success
hex-p("0123Xabc") = 0
Hex-3 success
aes-decrypt (data=0123456789abcdef, key=abcdef0123456789)
=> 838a467f34639551755bd32a4a2f15e1
AES-1 success
AES-2 success
OTP-1 success
$
Command-line tools
The "modhex" program converts data between modhex, normal hex, and
binary form.
The "ykparse" program decrypts and parses one OTP given the OTP and
the AES key corresponding to that YubiKey.
The "ykgenerate" program constructs and encrypts one OTP given AES key
and internal data values.
Example usage:
$ ./modhex test
ifhgieif
$ ./modhex -d ifhgieif; echo
test
$ ./modhex -h b565716f
nghgibhv
$ ./modhex -h -d nghgibhv
b565716f
$ ./ykparse ecde18dbe76fbd0c33330f1c354871db dteffujedcflcindvdbrblehecuitvjkjevvehjd
warning: overlong token, ignoring prefix: dteffuje
Input:
token: dcflcindvdbrblehecuitvjkjevvehjd
20 4a 07 b2 f2 1c 1a 36 30 e7 df 89 83 ff 36 82
aeskey: ecde18dbe76fbd0c33330f1c354871db
ec de 18 db e7 6f bd 0c 33 33 0f 1c 35 48 71 db
Output:
87 92 eb fe 26 cc 13 00 a8 c0 00 10 b4 08 6f 5b
Struct:
uid: 87 92 eb fe 26 cc
counter: 19 (0x0013)
timestamp (low): 49320 (0xc0a8)
timestamp (high): 0 (0x00)
session use: 16 (0x10)
random: 2228 (0x8b4)
crc: 23407 (0x5b6f)
Derived:
cleaned counter: 19 (0x0013)
modhex uid: jikdunvudhrr
triggered by caps lock: no
crc: F0B8
crc check: ok
$ ./ykparse ecde18dbe76fbd0c33330f1c354871db dteffujehknhfjbrjnlnldnhcujvddbikngjrtgh
warning: overlong token, ignoring prefix: dteffuje
Input:
token: hknhfjbrjnlnldnhcujvddbikngjrtgh
69 b6 48 1c 8b ab a2 b6 0e 8f 22 17 9b 58 cd 56
aeskey: ecde18dbe76fbd0c33330f1c354871db
ec de 18 db e7 6f bd 0c 33 33 0f 1c 35 48 71 db
Output:
87 92 eb fe 26 cc 13 00 30 c2 00 11 c8 9f 23 c8
Struct:
uid: 87 92 eb fe 26 cc
counter: 19 (0x0013)
timestamp (low): 49712 (0xc230)
timestamp (high): 0 (0x00)
session use: 17 (0x11)
random: 40904 (0x9fc8)
crc: 51235 (0xc823)
Derived:
cleaned counter: 19 (0x0013)
modhex uid: jikdunvudhrr
triggered by caps lock: no
crc: F0B8
crc check: ok
$ ./ykgenerate ecde18dbe76fbd0c33330f1c354871db 8792ebfe26cc 0013 c0a8 00 10
hcfktknicvbcnhbkvigcfhgddhhhrknc
$ ./ykparse ecde18dbe76fbd0c33330f1c354871db `./ykgenerate ecde18dbe76fbd0c33330f1c354871db 8792ebfe26cc 0013 c0a8 00 10`
Input:
token: lihggvrgffbjnrehcgnkvknjkvubeekr
a7 65 5f c5 44 18 bc 36 05 b9 f9 b8 9f e1 33 9c
aeskey: ecde18dbe76fbd0c33330f1c354871db
ec de 18 db e7 6f bd 0c 33 33 0f 1c 35 48 71 db
Output:
87 92 eb fe 26 cc 13 00 a8 c0 00 10 95 44 ec e9
Struct:
uid: 87 92 eb fe 26 cc
counter: 19 (0x0013)
timestamp (low): 49320 (0xc0a8)
timestamp (high): 0 (0x00)
session use: 16 (0x10)
random: 17557 (0x4495)
crc: 59884 (0xe9ec)
Derived:
cleaned counter: 19 (0x0013)
modhex uid: jikdunvudhrr
triggered by caps lock: no
crc: F0B8
crc check: ok
$
Questions?
Talk to <yubico-devel@googlegroups.com>.