Lib.rs

身份验证
#yubi-key #configuration #encryption #challenge-response

yubikey-hmac-otp

Yubikey 挑战-响应 & 配置

Ashutosh VermaFlávio Oliveira 贡献

3 个版本

0.10.2 2024年1月7日
0.10.1 2024年1月7日
0.10.0 2024年1月7日

#502 in 身份验证


3 个Crates(2 个直接)中使用

MIT/Apache

38KB
909

Yubikey hmac/otp   构建状态 最新版本 MIT授权 Apache-2.0授权

Yubikey 挑战-响应 & 配置。

当前功能

  • 挑战-响应,YubiKey 2.2及以后版本支持HMAC-SHA1或Yubico挑战-响应操作。
  • 配置。

用法

将其添加到您的Cargo.toml

[dependencies]
yubikey-hmac-otp = "0.10"

配置Yubikey(HMAC-SHA1模式)

注意,请阅读有关初始配置的信息。或者,您可以使用官方的Yubikey个性化GUI配置yubikey。

extern crate rand;
extern crate yubikey-hmac-otp;

use yubikey-hmac-otp::{Yubico};
use yubikey-hmac-otp::config::{Config, Command};
use yubikey-hmac-otp::configure::{ DeviceModeConfig };
use yubikey-hmac-otp::hmacmode::{ HmacKey };
use rand::{thread_rng, Rng};
use rand::distributions::{Alphanumeric};

fn main() {
   let mut yubi = Yubico::new();

   if let Ok(device) = yubi.find_yubikey() {
       println!("Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);

       let config = Config::new_from(device)
           .set_variable_size(true)
           .set_mode(Mode::Sha1)
           .set_slot(Slot::Slot2);

        let mut rng = thread_rng();

        // Secret must have 20 bytes
        // Used rand here, but you can set your own secret: let secret: &[u8; 20] = b"my_awesome_secret_20";
        let secret: String = rng.sample_iter(&Alphanumeric).take(20).collect();
        let hmac_key: HmacKey = HmacKey::from_slice(secret.as_bytes());

        let mut device_config = DeviceModeConfig::default();
        device_config.challenge_response_hmac(&hmac_key, false, false);

        if let Err(err) = yubi.write_config(config, &mut device_config) {
            println!("{:?}", err);
        } else {
            println!("Device configured");
        }

   } else {
       println!("Yubikey not found");
   }
}

示例挑战-响应(HMAC-SHA1模式)

使用Yubikey个性化GUI配置yubikey

extern crate hex;
extern crate yubikey-hmac-otp;

use std::ops::Deref;
use yubikey-hmac-otp::{Yubico};
use yubikey-hmac-otp::config::{Config, Slot, Mode};

fn main() {
   let mut yubi = Yubico::new();

   if let Ok(device) = yubi.find_yubikey() {
       println!("Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);

      let config = Config::new_from(device)
           .set_variable_size(true)
           .set_mode(Mode::Sha1)
           .set_slot(Slot::Slot2);

       // Challenge can not be greater than 64 bytes
       let challenge = String::from("mychallenge");
       // In HMAC Mode, the result will always be the SAME for the SAME provided challenge
       let hmac_result= yubi.challenge_response_hmac(challenge.as_bytes(), config).unwrap();

       // Just for debug, lets check the hex
       let v: &[u8] = hmac_result.deref();
       let hex_string = hex::encode(v);

       println!("{}", hex_string);

   } else {
       println!("Yubikey not found");
   }
}

依赖项

~3MB
~57K SLoC