public static bool WriteNDEF(YkSlot slot)
{
IntPtr ndef = ykp_alloc_ndef();
var res = ykp_construct_ndef_text(ndef, "YubiCryptOTP=", "en", false);
if (res != 1)
{
return(false);
}
res = yk_write_ndef2(GetYubikeyHandle(), ndef, slot == YkSlot.Slot1 ? 1 : 2);
if (res != 1)
{
return(false);
}
return(true);
}
public static bool WriteYubicoOTP(string publicID, string privateID, string privateKey, YkSlot slot)
{
//parameters must be hex encoded
if (!IsHexString(publicID) || !IsHexString(privateID) || !IsHexString(privateKey))
{
return(false);
}
//publicID must be 1-16 bytes
if (publicID.Length < 2 && publicID.Length > 32)
{
return(false);
}
//privateID must be 6 bytes
if (privateID.Length != 12)
{
return(false);
}
//privateKey must be 16 bytes
if (privateKey.Length != 32)
{
return(false);
}
IntPtr yk = GetYubikeyHandle();
var status = YkStatus();
IntPtr statusPtr = Marshal.AllocHGlobal(Marshal.SizeOf(status));
Marshal.StructureToPtr(status, statusPtr, true);
IntPtr cfg = ykp_alloc();
ykp_configure_version(cfg, statusPtr);
byte[] publicIDBytes = StringToByteArray(publicID);
var res = ykp_set_fixed(cfg, publicIDBytes, (uint)publicIDBytes.Length);
if (res != 1)
{
return(false);
}
byte[] privateIDBytes = StringToByteArray(privateID);
res = ykp_set_uid(cfg, privateIDBytes, 6);
if (res != 1)
{
return(false);
}
byte[] secretKey = StringToByteArray(privateKey);
res = ykp_AES_key_from_raw(cfg, secretKey);
if (res != 0)
{
return(false);
}
res = ykp_configure_command(cfg, YKConsts.SLOT_CONFIG);
if (res != 1)
{
return(false);
}
res = ykp_set_tktflag_APPEND_CR(cfg, 1);
if (res != 1)
{
return(false);
}
var flagsResult = WriteConfigFlags(cfg);
if (!flagsResult)
{
return(false);
}
var success = yk_write_command(yk, ykp_core_config(cfg), ykp_command(cfg), 0) == 1;
return(success);
}
public static bool EraseConfig(YkSlot slot)
{
return(yk_write_command(GetYubikeyHandle(), IntPtr.Zero, slot == YkSlot.Slot1 ? YKConsts.SLOT_CONFIG : YKConsts.SLOT_CONFIG2, 0) == 1);
}
/// <summary>
/// Write a HMAC-SHA1 Challenge-Response configuration to the Yubikey
/// </summary>
/// <param name="key">The secret cryptographic key to be used in the HMAC-SHA1 function.</param>
/// <param name="slot">The Yubikey slot to where the configuration will be written to.</param>
/// <returns></returns>
public static bool WriteChallengeResponse(string key, YkSlot slot)
{
//key must be hex encoded
if (!IsHexString(key))
{
return(false);
}
//Key must be 20 bytes
if (key.Length != 40)
{
return(false);
}
IntPtr yk = GetYubikeyHandle();
var status = YkStatus();
IntPtr statusPtr = Marshal.AllocHGlobal(Marshal.SizeOf(status));
Marshal.StructureToPtr(status, statusPtr, true);
IntPtr cfg = ykp_alloc();
ykp_configure_version(cfg, statusPtr);
var res = ykp_set_tktflag_CHAL_RESP(cfg, 1);
if (res != 1)
{
return(false);
}
res = ykp_set_cfgflag_CHAL_HMAC(cfg, 1);
if (res != 1)
{
return(false);
}
res = ykp_set_cfgflag_HMAC_LT64(cfg, 1);
if (res != 1)
{
return(false);
}
res = ykp_set_cfgflag_CHAL_BTN_TRIG(cfg, 0);
if (res != 1)
{
return(false);
}
res = ykp_configure_command(cfg, slot == YkSlot.Slot1 ? YKConsts.SLOT_CONFIG : YKConsts.SLOT_CONFIG2);
if (res != 1)
{
return(false);
}
res = ykp_HMAC_key_from_hex(cfg, key);
if (res != 0)
{
return(false);
}
var success = yk_write_command(yk, ykp_core_config(cfg), ykp_command(cfg), 0) == 1;
return(success);
}
public static bool YkChallengeResponse(byte[] challenge, out byte[] response, YkSlot slot)
{
uint yubiBufferLen = 64;
//Send the challenge to yubikey and get response
IntPtr yk = IntPtr.Zero;
while (yk == IntPtr.Zero)
{
yk = yk_open_first_key();
if (yk == IntPtr.Zero)
{
throw new YubikeyNotFoundException();
}
}
bool success = false;
byte[] temp = new byte[yubiBufferLen];
success = yk_challenge_response(yk, slot == YkSlot.Slot1 ? SLOT_CHAL_HMAC1 : SLOT_CHAL_HMAC2, 1, Convert.ToUInt32(challenge.Length), challenge, yubiBufferLen, temp) == 1;
response = new byte[20];
Array.Copy(temp, response, response.Length);
return(success);
}
