Yubico Forum
https://forum.yubico.com/

Yubikey Challenge-Response (HmacSha1) integration in java
https://forum.yubico.com/viewtopic.php?f=16&t=1872
Page 1 of 1

Author:  bobo [ Fri May 08, 2015 7:25 am ]
Post subject:  Yubikey Challenge-Response (HmacSha1) integration in java

Hello,

I would like to integrate the challenge-response mechanism of the Yubikey in a java project, i.e. the program sends a 64-byte challenge to the yubikey, which ansers with the corresponding HmacSha1.

I found a python library that supports that (https://github.com/Yubico/python-yubico ... e_response).
Is there a similar library in java, or any documentation available?

Thanks for your help.

Author:  henrik [ Fri May 08, 2015 12:48 pm ]
Post subject:  Re: Yubikey Challenge-Response (HmacSha1) integration in jav

Hi!

There's no Java library for talking via USB with the YubiKey.

Your best bets in Java is probably to use the C lib: https://developers.yubico.com/yubikey-personalization/

...or to implement to protocol yourself using https://github.com/nyholku/purejavahidapi


May I ask what kind of project you're working on?

Author:  bobo [ Mon May 11, 2015 9:39 am ]
Post subject:  Re: Yubikey Challenge-Response (HmacSha1) integration in jav

Thanks for the indication, I'll have a look at that!

I would like to use the HmacSha1 challenge-response mechanism to authorize transaction signature in a javacard Bitcoin Wallet based on the yubikey neo. See the project here: https://bitcointalk.org/index.php?topic=995415.0.

The wallet would send a challenge request and sign a transaction only if the user provides the correct response to the challenge.

Best regards

Author:  bobo [ Thu May 28, 2015 9:15 pm ]
Post subject:  Re: Yubikey Challenge-Response (HmacSha1) integration in jav

I made a small java project that uses the Usb4java library to communicate with the Yubikey. Only the the Hmac-Sha1 challenge-response is supported so far. The code is available here:

https://github.com/Toporin/yubikey4java

Apparently, it is not possible to communicate with the Yubikey via the Windows Hid driver and Hidapi library because Windows blocks access to mouse and keyboard (user page 0x06) with this driver. Is it correct?

The workaround is to use the usb4java/libusb library and install a libusb-win32/WinUSB driver for the Yubikey, for example using Zadig (to replace the default Hidusb default driver on interface 1).

This works fine using a Yubikey with firmware version 3.4.0 (VID:1050 & PID:114), However communication fails with a Yubikey Neo (VID:1050 & PID:111) with firmware 3.2.0. Communication also fails using the python-yubico library (which also uses libusb), but it works with the yubico-personalization tool written in C. Any idea why?

Author:  Klas [ Fri May 29, 2015 11:48 am ]
Post subject:  Re: Yubikey Challenge-Response (HmacSha1) integration in jav

Hello,

yubikey-personalization uses a windows specific backend (https://github.com/Yubico/yubikey-perso ... _windows.c) which basically uses the same functions as hidapi to talk with the device, so it should be possible to get the same behaviour from them. python-yubico on the other hand uses libusb which might run into other restrictions.

There has been quite a few changes in the Neo platform since 3.2.0 so it's hard to point to anything specific that might have changed behaviour like this, it'd help if you could post specifically what goes wrong (and what is read/written at that point).

/klas

Author:  bobo [ Sun May 31, 2015 8:31 pm ]
Post subject:  Re: Yubikey Challenge-Response (HmacSha1) integration in jav

Using the Yubikey 3.2 with the Usb4java library, I get the following errors:

Using the libusb-win32 driver (from Zadig):
Exception in thread "main" org.usb4java.LibUsbException: USB error 12: Unable to open USB device: Operation not supported or unimplemented on this platform at org.toporin.yubikey4java.YubikeyConnector.main(YubikeyConnector.java:366)

Using the default hidusb 6.2.92:
Exception in thread "main" org.usb4java.LibUsbException: USB error 3: Unable to open USB device: Access denied (insufficient permissions) at org.toporin.yubikey4java.YubikeyConnector.main(YubikeyConnector.java:366)

The error is thrown when trying to open the device ("result = LibUsb.open(device, handle);")

With the same configuration but a Yubikey 3.4, it works fine with the libusb-win32 driver.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/