Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:01 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Sun Aug 02, 2009 6:27 am 
Offline

Joined: Fri Jul 31, 2009 12:10 am
Posts: 2
I just got my first Yubikey and of course had to play with it. Since I've been experimenting with webapps in python I figured I might as well figure out how to verify a OTP in python. Sure there are a couple of other python libraries out there, but none of them supported validating against the HMAC signatures, so I wrote one of my own. The documentation on http://yubico.com/developers/api/ was a bit harder to understand than it needed to be so I'm sharing my implementation at http://code.google.com/p/python-yubikey-auth/

A couple of things about validating HMAC signatures that I learned in the process and that others trying to do their own implementations might find helpful:

  • The API Key that you get from https://api.yubico.com/get-api-key/ is base64 encoded - before you use it to generate or check signatures you need to decode it! This wasn't obvious to me and I wasted a lot of time because of this.
  • The API docs talk about key value pairs and the keys needing to be in alphabetical order when verifying the signature. When explaining the procedure for generating signatures they keep talking about keys a, b & c but in reality the keys you care about are "info" (not always there), "status" and "t". (Keys "a", "b", and "c" aren't ever used anytime in the whole process so why even mention them!)


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Sat Aug 08, 2009 6:22 am 
Offline

Joined: Fri Jul 31, 2009 12:10 am
Posts: 2
Made a minor update today - you can use without providing your api key now if you really want to (not sure why you would, but hey). Still need to get yourself a client id though - that seems to be required by Yubico. Included BSD license in file now to make licensing clear for everyone.

http://code.google.com/p/python-yubikey ... loads/list


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group