9 unstable releases (3 breaking)
Uses old Rust 2015
0.9.0 | Aug 29, 2021 |
---|---|
0.8.2 | Jul 30, 2021 |
0.8.1 | Jan 2, 2021 |
0.8.0 | Dec 8, 2020 |
0.6.2 | Oct 2, 2019 |
#483 in Authentication
58 downloads per month
Used in 3 crates
33KB
748 lines
Yubico Manager
Yubikey Challenge-Response & Configuration.
Current features
- Challenge-Response, YubiKey 2.2 and later supports HMAC-SHA1 or Yubico challenge-response operations.
- Configuration.
Usage
Add this to your Cargo.toml
[dependencies]
yubico_manager = "0.8"
Configure Yubikey (HMAC-SHA1 mode)
Note, please read about the initial configuration Alternatively you can configure the yubikey with the official Yubikey Personalization GUI.
extern crate rand;
extern crate yubico_manager;
use yubico_manager::{Yubico};
use yubico_manager::config::{Config, Command};
use yubico_manager::configure::{ DeviceModeConfig };
use yubico_manager::hmacmode::{ HmacKey };
use rand::{thread_rng, Rng};
use rand::distributions::{Alphanumeric};
fn main() {
let mut yubi = Yubico::new();
if let Ok(device) = yubi.find_yubikey() {
println!("Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);
let config = Config::default()
.set_vendor_id(device.vendor_id)
.set_product_id(device.product_id)
.set_command(Command::Configuration2);
let mut rng = thread_rng();
// Secret must have 20 bytes
// Used rand here, but you can set your own secret: let secret: &[u8; 20] = b"my_awesome_secret_20";
let secret: String = rng.sample_iter(&Alphanumeric).take(20).collect();
let hmac_key: HmacKey = HmacKey::from_slice(secret.as_bytes());
let mut device_config = DeviceModeConfig::default();
device_config.challenge_response_hmac(&hmac_key, false, false);
if let Err(err) = yubi.write_config(config, &mut device_config) {
println!("{:?}", err);
} else {
println!("Device configured");
}
} else {
println!("Yubikey not found");
}
}
Example Challenge-Response (HMAC-SHA1 mode)
Configure the yubikey with Yubikey Personalization GUI
extern crate hex;
extern crate yubico_manager;
use std::ops::Deref;
use yubico_manager::{Yubico};
use yubico_manager::config::{Config, Slot, Mode};
fn main() {
let mut yubi = Yubico::new();
if let Ok(device) = yubi.find_yubikey() {
println!("Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);
let config = Config::default()
.set_vendor_id(device.vendor_id)
.set_product_id(device.product_id)
.set_variable_size(true)
.set_mode(Mode::Sha1)
.set_slot(Slot::Slot2);
// Challenge can not be greater than 64 bytes
let challenge = String::from("mychallenge");
// In HMAC Mode, the result will always be the SAME for the SAME provided challenge
let hmac_result= yubi.challenge_response_hmac(challenge.as_bytes(), config).unwrap();
// Just for debug, lets check the hex
let v: &[u8] = hmac_result.deref();
let hex_string = hex::encode(v);
println!("{}", hex_string);
} else {
println!("Yubikey not found");
}
}
Dependencies
~3MB
~61K SLoC