Yubico Forum :: View topic - Announce: New C library implementation

Hi Simon --

Do you have any plans to add request signature and reply signature validation to this library?

بسم الله الرحمن الرحيم

It is good library,
Could you tell us how to use this library ?
Could you send us a simple test code that use this library ?

Can you please tell me why you use a client id to identify the Yubikey? Isn't this what the 6 byte public id at the beginning of every OTP is for? Or am I getting completely mixed up here.

There are two identities:

* The 6 byte (12 modhex characters) public id in the prefix of the OTP.

* The id # for a client that connects to api.yubico.com.

The second identity is needed to retrieve and use the proper HMAC key when signing and verifying requests.

Simon wrote:

And why can't you use the 6 byte public id to identify the HMAC key?

Because the client id doesn't strictly speaking have anything to do with any particular yubikey -- a client can validate OTPs from any yubikey. The client id is the identity of the relationship between api.yubico.com and clients.
/Simon

Author:	Simon [ Mon Jun 16, 2008 11:52 pm ]
Post subject:	Announce: New C library implementation
I've created a new C library that uses curl to validate OTPs. It will be used by the PAM module in the future. It contains a nifty command line tool 'ykclient' that can be used to validate OTPs easily. More info at the google code project: http://code.google.com/p/yubico-c-client/ Have fun, Simon

Author:	jkbauer24 [ Thu Jul 24, 2008 4:14 am ]
Post subject:	Re: Announce: New C library implementation
Hi Simon -- Do you have any plans to add request signature and reply signature validation to this library? -- Justin

Author:	Simon [ Thu Jul 24, 2008 12:30 pm ]
Post subject:	Re: Announce: New C library implementation
jkbauer24 wrote: Hi Simon -- Do you have any plans to add request signature and reply signature validation to this library? I don't have patches ready to do it yet, but the library certainly should support that. Patches welcome. /Simon

Author:	owidat [ Thu Aug 07, 2008 1:12 pm ]
Post subject:	Re: Announce: New C library implementation
بسم الله الرحمن الرحيم It is good library, Could you tell us how to use this library ? Could you send us a simple test code that use this library ?

Author:	PatrickN [ Thu Aug 07, 2008 2:16 pm ]
Post subject:	Re: Announce: New C library implementation
Can you please tell me why you use a client id to identify the Yubikey? Isn't this what the 6 byte public id at the beginning of every OTP is for? Or am I getting completely mixed up here.

Yubico Forum https://forum.yubico.com/

Announce: New C library implementation https://forum.yubico.com/viewtopic.php?f=3&t=106	Page 1 of 1

Author:	Simon [ Tue Aug 19, 2008 2:28 pm ]
Post subject:	Re: Announce: New C library implementation
owidat wrote: بسم الله الرحمن الرحيم It is good library, Could you tell us how to use this library ? Could you send us a simple test code that use this library ? Hi! There are some instructions at: http://code.google.com/p/yubico-c-client/wiki/ReadMe As for code-examples, please see the included self test: http://code.google.com/p/yubico-c-clien ... selftest.c And the command line tool: http://code.google.com/p/yubico-c-clien ... ykclient.c /Simon

Author:	Simon [ Tue Aug 19, 2008 2:29 pm ]
Post subject:	Re: Announce: New C library implementation
PatrickN wrote: Can you please tell me why you use a client id to identify the Yubikey? Isn't this what the 6 byte public id at the beginning of every OTP is for? Or am I getting completely mixed up here. Yup, sort of. There are two identities: * The 6 byte (12 modhex characters) public id in the prefix of the OTP. * The id # for a client that connects to api.yubico.com. The second identity is needed to retrieve and use the proper HMAC key when signing and verifying requests. /Simon

Author:	PatrickN [ Tue Aug 19, 2008 3:06 pm ]
Post subject:	Re: Announce: New C library implementation
Simon wrote: There are two identities: * The 6 byte (12 modhex characters) public id in the prefix of the OTP. * The id # for a client that connects to api.yubico.com. The second identity is needed to retrieve and use the proper HMAC key when signing and verifying requests. And why can't you use the 6 byte public id to identify the HMAC key?

Author:	Simon [ Tue Aug 19, 2008 3:21 pm ]
Post subject:	Re: Announce: New C library implementation
PatrickN wrote: Simon wrote: There are two identities: * The 6 byte (12 modhex characters) public id in the prefix of the OTP. * The id # for a client that connects to api.yubico.com. The second identity is needed to retrieve and use the proper HMAC key when signing and verifying requests. And why can't you use the 6 byte public id to identify the HMAC key? Because the client id doesn't strictly speaking have anything to do with any particular yubikey -- a client can validate OTPs from any yubikey. The client id is the identity of the relationship between api.yubico.com and clients. /Simon

Author:	PatrickN [ Tue Aug 19, 2008 3:34 pm ]
Post subject:	Re: Announce: New C library implementation
Simon wrote: Because the client id doesn't strictly speaking have anything to do with any particular yubikey -- a client can validate OTPs from any yubikey. The client id is the identity of the relationship between api.yubico.com and clients. /Simon Of course, I see. thanks for setting me straight.

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/