public void DeriveEncryptionKey(byte[] passphrase, byte[] salt, ref byte[] encryptionKey)
{
byte[] yubikeyHMACsalt = new byte[20];
var success = Yubikey.YkChallengeResponse(salt, out yubikeyHMACsalt, Yubikey.YkSlot.Slot2);
if (!success)
{
throw new Exception("Yubikey error.");
}
var key = new Rfc2898DeriveBytes(passphrase, yubikeyHMACsalt, NumberOfOterations);
encryptionKey = key.GetBytes(encryptionKey.Length);
}
private static void DoErase(object invokedVerbInstance)
{
var eraseOptions = invokedVerbInstance as EraseSubOptions;
if (eraseOptions == null)
{
WriteError("Error parsing the arguments");
return;
}
if (eraseOptions.Slot < 1 || eraseOptions.Slot > 2)
{
WriteError("Slot option must either be 1 or 2.");
return;
}
if (Yubikey.EraseConfig(eraseOptions.Slot == 1 ? Yubikey.YkSlot.Slot1 : Yubikey.YkSlot.Slot2))
{
WriteSuccess("Successfully erased the configuration stored in Slot #{0}", eraseOptions.Slot);
}
else
{
WriteError("An error occurred while erasing the configuration stored in Slot #{0}", eraseOptions.Slot);
}
}
public bool IsExternalTokenAvailable()
{
return(Yubikey.YkPresent());
}
public byte[] GetExternalTokenSerial()
{
return(BitConverter.GetBytes(Yubikey.YkSerial()));
}
private static void PerformCRTest(object invokedVerbInstance)
{
var cmdOptions = invokedVerbInstance as HMACTestSubOptions;
if (cmdOptions == null)
{
WriteError("Error parsing the arguments");
return;
}
if (cmdOptions.Slot < 1 || cmdOptions.Slot > 2)
{
WriteError("Slot option must either be 1 or 2.");
return;
}
WriteWarning("Slot 1 will be erased! Type 'continue' to proceed.");
if (!Console.ReadLine().Equals("continue", StringComparison.InvariantCultureIgnoreCase))
{
return;
}
WriteInfo("Starting test...", cmdOptions);
string testKey = "ffffffffffffffffffffffffffffffffffffffff";
string testMessage = "Hello World";
byte[] testMessageBytes = ASCIIEncoding.ASCII.GetBytes(testMessage);
WriteInfo("Key (Hex): {0}", testKey);
WriteInfo(" Message: {0}", testMessage);
WriteInfo("Writing dummy key to slot 1...", cmdOptions);
if (!Yubikey.WriteTestChallengeResponse())
{
WriteError("Failed to write dummy key to the Yubikey.");
return;
}
WriteInfo("Sending challenge to Yubikey...", cmdOptions);
byte[] ykResponse;
var ykSuccess = Yubikey.YkChallengeResponse(testMessageBytes, out ykResponse, Yubikey.YkSlot.Slot1);
if (!ykSuccess)
{
WriteError("Failed to get a response from the Yubikey.");
return;
}
var ykhash = BitConverter.ToString(ykResponse);
WriteInfo("Got response: {0}", cmdOptions, ykhash);
WriteInfo("Generating HMAC locally...", cmdOptions);
var h = System.Security.Cryptography.HMACSHA1.Create();
h.Key = StringToByteArray(testKey);
var hash = h.ComputeHash(testMessageBytes);
var final = BitConverter.ToString(hash);
WriteInfo("Got response: {0}", cmdOptions, final);
bool areEqual = ykhash.Equals(final);
if (areEqual)
{
WriteSuccess("Test OK!");
}
else
{
WriteError("Test Fail!");
WriteError("Yubikey HMAC: {0}", ykhash);
WriteError("Local HMAC: {0}", final);
}
if (cmdOptions.EraseAfterCompleted)
{
WriteInfo("Erasing Slot 1 config...", cmdOptions);
Yubikey.EraseConfig(Yubikey.YkSlot.Slot1);
WriteInfo("Done.", cmdOptions);
}
}