Yubico Forum :: View topic - [QUESTION] How do I make python-yubico work under Windows

I am trying to develop a challenge/response cross-platform authentication app using python. I am hoping to support Linux, OSX, and recent Windows versions from the same codebase. I've installed Python 2.7 (32-bit), python-yubico, pyusb (32-bit), and libusb-win32 on Windows 7. Following the libusb-win32 directions, I created an .inf file and installed the Yubikey as a libusb-win32 device. It appears in the Device Manager when the key is installed. I am able to get a test application (the inventory example in yubico-python) to execute. If no Yubikey is installed, it completes without error and say "No YubiKey found." But, if a key is installed, I get an error message indicating that usb_detach_kernel_driver_np is not found. Libusb documentation indicates that the "_np" represents that the function call is non-portable and this function is only implemented in Linux. Indeed, the call seems to be made on line 378 of yubikey_usb_hid.py in the python-yubico source tree.

So, have I done something wrong? Do I need another libusb? Have I missed a compatibility library? Has anyone succeeding in running the python-yubico applications under Windows? Google and forum searches have netted nothing helpful. I am reluctant to pick up the Windows COM library and start afresh simply because there is a lot of GUI development that I don't want to write multiple times. Any help here is appreciated.

Author:	mprinkey [ Thu Feb 14, 2013 7:48 am ]
Post subject:	[QUESTION] How do I make python-yubico work under Windows
I am trying to develop a challenge/response cross-platform authentication app using python. I am hoping to support Linux, OSX, and recent Windows versions from the same codebase. I've installed Python 2.7 (32-bit), python-yubico, pyusb (32-bit), and libusb-win32 on Windows 7. Following the libusb-win32 directions, I created an .inf file and installed the Yubikey as a libusb-win32 device. It appears in the Device Manager when the key is installed. I am able to get a test application (the inventory example in yubico-python) to execute. If no Yubikey is installed, it completes without error and say "No YubiKey found." But, if a key is installed, I get an error message indicating that usb_detach_kernel_driver_np is not found. Libusb documentation indicates that the "_np" represents that the function call is non-portable and this function is only implemented in Linux. Indeed, the call seems to be made on line 378 of yubikey_usb_hid.py in the python-yubico source tree. So, have I done something wrong? Do I need another libusb? Have I missed a compatibility library? Has anyone succeeding in running the python-yubico applications under Windows? Google and forum searches have netted nothing helpful. I am reluctant to pick up the Windows COM library and start afresh simply because there is a lot of GUI development that I don't want to write multiple times. Any help here is appreciated.

Author:	Simon [ Tue Feb 19, 2013 3:07 pm ]
Post subject:	Re: [QUESTION] How do I make python-yubico work under Window
mprinkey wrote: I am trying to develop a challenge/response cross-platform authentication app using python. I am hoping to support Linux, OSX, and recent Windows versions from the same codebase. I've installed Python 2.7 (32-bit), python-yubico, pyusb (32-bit), and libusb-win32 on Windows 7. Following the libusb-win32 directions, I created an .inf file and installed the Yubikey as a libusb-win32 device. It appears in the Device Manager when the key is installed. I am able to get a test application (the inventory example in yubico-python) to execute. If no Yubikey is installed, it completes without error and say "No YubiKey found." But, if a key is installed, I get an error message indicating that usb_detach_kernel_driver_np is not found. Libusb documentation indicates that the "_np" represents that the function call is non-portable and this function is only implemented in Linux. Indeed, the call seems to be made on line 378 of yubikey_usb_hid.py in the python-yubico source tree. So, have I done something wrong? Do I need another libusb? Have I missed a compatibility library? Has anyone succeeding in running the python-yubico applications under Windows? Google and forum searches have netted nothing helpful. I am reluctant to pick up the Windows COM library and start afresh simply because there is a lot of GUI development that I don't want to write multiple times. Any help here is appreciated. Hi! I have opened a issue about the usb_detach_kernel_driver_np problem you noticed, see: https://github.com/Yubico/python-yubico/issues/3 However generally the supported and recommended way to work with Yubikey challenge/response is through the ykpers library: https://github.com/Yubico/yubikey-personalization That project has been verified to work well under Windows, we have binaries for Windows here: http://code.google.com/p/yubikey-person ... loads/list I believe there is a short list of applications actually using it on Windows already. However there are no python bindings for it -- we'd welcome that. If someone would like to pick up and improve the python-yubico project, that would be nice too. Removing the usb kernel detach thing should probably just be a one-line to only do it for GNU-like systems. /Simon

Author:	mprinkey [ Thu Mar 14, 2013 7:16 am ]
Post subject:	Re: [QUESTION] How do I make python-yubico work under Window
OK, so I have resigned myself to use the win32 version of ykchalresp.exe (from ykpers-1.11.3-win32) to generate the hmac-sha1 from the yubikey. I have been plagued by a problem of inconsistency in the output of ykchalresp.exe vs HMAC in python and HashCalc for 64-byte challenges. Python (import Crypto) and HashCalc both give the same result for 64-byte challenges. The ykchalresp.exe seems to ignore the 64th byte of the challenge. All numbers below are hex. Slot-1 has the following secretHMAC programmed: Code: 303132333435363738393a3b3c3d3e3f40414243 64-byte challenge is: Code: c5e8ae90d425d81c64dd164bed1b737f7127d247e116 7f1f48b39ff5aaddc4047f25264d382e61611c32b879 3ef7ed4cf4f7967876c810ab736fe34722c784d6 Python HMAC and HashCalc both give a response of: Code: ca7f7a4c61df39be4fff19b4a88e78961ef616b3 Here is the command line and result from ykchalresp.exe: Code: C:\Users\Mike\Documents\python>ykchalresp.exe -1 -H -x "c5e8ae90d425d81c64dd164b ed1b737f7127d247e1167f1f48b39ff5aaddc4047f25264d382e61611c32b8793ef7ed4cf4f79678 76c810ab736fe34722c784d6" 03afc07a58d983034234e141fd9d1a7c683d7a46 I verified that it is not a quoting issue: Code: C:\Users\Mike\Documents\python>ykchalresp.exe -1 -H -x c5e8ae90d425d81c64dd164be d1b737f7127d247e1167f1f48b39ff5aaddc4047f25264d382e61611c32b8793ef7ed4cf4f796787 6c810ab736fe34722c784d6 03afc07a58d983034234e141fd9d1a7c683d7a46 Here is the command line and result from ykchalresp.exe with the last byte removed: Code: C:\Users\Mike\Documents\python>ykchalresp.exe -1 -H -x c5e8ae90d425d81c64dd164be d1b737f7127d247e1167f1f48b39ff5aaddc4047f25264d382e61611c32b8793ef7ed4cf4f796787 6c810ab736fe34722c784 03afc07a58d983034234e141fd9d1a7c683d7a46 So, the response from the 64-byte challenge and 63-byte challenge are exactly the same. Removing the 63rd byte does yield a different result: Code: C:\Users\Mike\Documents\python>ykchalresp.exe -1 -H -x c5e8ae90d425d81c64dd164be d1b737f7127d247e1167f1f48b39ff5aaddc4047f25264d382e61611c32b8793ef7ed4cf4f796787 6c810ab736fe34722c7 ffcd6d5ec489e289c5f2726398e5cd47187806f1 Perhaps I am doing something wrong. My read of the HMAC-SHA1 spec says that a 64-byte challenge should be accepted. I can easily work around this by just using a shorter challenge, but I am curious if this is a hardware problem, some issue with ykchalresp.c, or something buried in the driver code. I looked briefly at the ykchalresp.c code, but nothing jumped out at me. Any guidance here is appreciated.

Author:	Klas [ Thu Mar 14, 2013 9:04 am ]
Post subject:	Re: [QUESTION] How do I make python-yubico work under Window
Hello, With the 2.2 YubiKey there's a bug that makes you want to turn on the config flag HMAC_LT64 (the personalization gui does this for you), which caps the challenge at 63 bytes as you discovered. /klas

Author:	mprinkey [ Thu Mar 14, 2013 3:26 pm ]
Post subject:	Re: [QUESTION] How do I make python-yubico work under Window
Thanks for the prompt reply.

Yubico Forum https://forum.yubico.com/

[QUESTION] How do I make python-yubico work under Windows https://forum.yubico.com/viewtopic.php?f=16&t=956	Page 1 of 1

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/