Yubico Forum
https://forum.yubico.com/

where is the documentation?
https://forum.yubico.com/viewtopic.php?f=5&t=283
Page 1 of 2

Author:  metamind [ Thu Mar 05, 2009 4:20 pm ]
Post subject:  where is the documentation?

I have decrypted the token and got:

000000000000010063BA01051FAC0C00
0000000000000200000000006EC25E00


Now where is that documentation so I can decode this? It is probably me being blind but I have been looking around the site for about an hour now and can't find it.

Author:  network-marvels [ Thu Mar 05, 2009 4:39 pm ]
Post subject:  Re: where is the documentation?

We would appreciate if you can elaborate on which documentation you want. We would provide it ASAP.

Author:  metamind [ Thu Mar 05, 2009 4:49 pm ]
Post subject:  Re: where is the documentation?

Hi,

I am looking for information on how to decode the decrypted token (e.g. 0000000000000200000000006EC25E00). Including how the timestamps and crc are used. I think I know how the counter and session use work.

I found this:

Code:
Input:
  token: hknhfjbrjnlnldnhcujvddbikngjrtgh
          69 b6 48 1c 8b ab a2 b6 0e 8f 22 17 9b 58 cd 56
  aeskey: urtubjtnuihvntcreeeecvbregfjibtn
          ec de 18 db e7 6f bd 0c 33 33 0f 1c 35 48 71 db
Output:
          87 92 eb fe 26 cc 13 00 30 c2 00 11 c8 9f 23 c8

Struct:
  uid: 87 92 eb fe 26 cc
  counter: 19 (0x0013)
  timestamp (low): 49712 (0xc230)
  timestamp (high): 0 (0x00)
  session use: 17 (0x11)
  random: 40904 (0x9fc8)
  crc: 51235 (0xc823)


in the readme of the sdk. It mentions that the first 6 bytes are the "uid". Should this be the same as the static string at the beginning of the yk's output when the key is pressed? Mine are all zeros.

Thanks.

Author:  Kamikaze28 [ Thu Mar 05, 2009 5:06 pm ]
Post subject:  Re: where is the documentation?

No, the secret ID and the public ID do not have to be the same, although they could, but they shouldn't :D This is just a measure of determining if the public ID, AES cypher and secret ID match together:

Server gets a key - looks up the AES cypher that goes with the public ID
Server decrypts the whole thing with this AES cypher
Server compares secret ID of the decrypted token to the secret ID that belongs to the public ID
If they match, everything's fine, if they don't, the OTP is not valid.

Author:  network-marvels [ Thu Mar 05, 2009 5:12 pm ]
Post subject:  Re: where is the documentation?

Here is the link to download the documentation which provides more information on the YubiKey structure:

http://www.yubico.com/files/YubiKey_Security_Review.pdf

Author:  metamind [ Thu Mar 05, 2009 5:18 pm ]
Post subject:  Re: where is the documentation?

Is there a way to set the secret id with the personalisation tool?

Also, is there a specification of the crc check somewhere?

Thanks

Author:  metamind [ Thu Mar 05, 2009 5:51 pm ]
Post subject:  Re: where is the documentation?

OK. I think I have the secret ID bit. I think you need to use the sdk in "C:\Program Files\Yubico\YubiKCom SDK"

Correct me if there is a simpler way.

Author:  metamind [ Thu Mar 05, 2009 8:32 pm ]
Post subject:  Re: where is the documentation?

any pointers on the crc?

Author:  network-marvels [ Fri Mar 06, 2009 7:13 am ]
Post subject:  Re: where is the documentation?

Please refer to the following Project for the token parsing information and CRC computation:

http://code.google.com/p/yubico-c/

Feel free to write back to us in case you face any problems.

Author:  metamind [ Fri Mar 06, 2009 9:53 am ]
Post subject:  Re: where is the documentation?

Hmm. I was hoping you weren't going to say that. I have been looking in there but I don't really speak c very well.

Quote:
Code:
uint16_t
yubikey_crc16 (const uint8_t *buf, size_t buf_size)
{
  uint16_t m_crc = 0xffff;

  while (buf_size--)
    {
      int i, j;
      m_crc ^= (uint8_t) * buf++ & 0xFF;
      for (i = 0; i < 8; i++)
   {
     j = m_crc & 1;
     m_crc >>= 1;
     if (j)
       m_crc ^= 0x8408;
   }
    }

  return m_crc;
}


Page 1 of 2 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/