Yubico Forum :: View topic - [QUESTION] configure plain text static pass - COM API

Yubico Forum https://forum.yubico.com/

[QUESTION] configure plain text static pass - COM API https://forum.yubico.com/viewtopic.php?f=30&t=959	Page 1 of 1

Author:	gabor [ Tue Feb 19, 2013 11:41 am ]
Post subject:	[QUESTION] configure plain text static pass - COM API
Hi yubico experts! I'd like to configure slot2 of my yubikey 2.2 to emit a plain text static password provided by me. Using the YubiKey Personalisation Tool, I can do this easily: Select "Static Password" Select "Scan Code" Select "Configuration Slot 2" Enter my plain text password in the "Password" field, e.g. YUBITEST123 This gets automatically converted into "Scan codes", e.g. 9c98858c978896971e1f20 Click "Write Configuration" Now when pressing YubiKey for 3 sec, it simply writes YUBITEST123 I want to achieve the exact same thing with the ActiveX COM API. I'm using the yksample.html as a basis, extending it with a new button. Code: function programstatic_onclick() { yk.ykEnableDebug = true; yk.ykClear(); yk.ykStaticId = "9c98858c978896971e1f20"; yk.ykUID = ""; yk.ykKey = ""; yk.ykFlagProperty(11) = true; yk.ykFlagProperty(5) = true; // append an "enter" at the end. yk.ykFlagProperty(17) = true; // use 2nd config yk.ykFlagProperty(12) = true; // short ticket yk.ykFlagProperty(13) = false; // strong_pw1 yk.ykFlagProperty(14) = false; // strong_pw2 yk.ykFlagProperty(15) = true; // man update var programResult = yk.ykProgram; if (programResult == 0) { alert('success'); } else { alert('error: ' + programResult); } } The YubiKey is programmed, but slot 2 writes this static text: krkjjgjrkijjkhkibubvdcncejelrjvjvvcicl This seems to be the modhex representation of my hex string 9c98858c978896971e1f20, plus the string ncejelrjvjvvcicl. How can I program the YubiKey not to emit modhex, but plaintext instead? How do I get it to output the exact text YUBITEST123, without any appended keys? Thanks for the help in advance. Gabor

Author:	Jakob [ Fri Feb 22, 2013 12:16 am ]
Post subject:	Re: [QUESTION] configure plain text static pass - COM API
Hi Gabor, The catch here is the yk.ykFlagProperty(11) = true which means you're setting the 'static mode' flag to true. This does of course seem sensible to do, but in the case with scan code mode, this flag shall be cleared. We've been keen to maintain backwards compatibility with tools and applications, all way back to the very first Yubikey. This have caused extensive overlaying and re-use of configuration bits, which may appear a bit strange at first sight. The functionality matrix looks like this: Standard OTP, modhex encoded: CFGFLAG_STATIC_TICKET = FALSE, CFGFLAG_SHORT_TICKET = FALSE Static OTP, modhex encoded: CFGFLAG_STATIC_TICKET = TRUE, CFGFLAG_SHORT_TICKET = FALSE Truncated static OTP, modhex encoded CFGFLAG_STATIC_TICKET = TRUE, CFGFLAG_SHORT_TICKET = TRUE Static OTP, scancode mode CFGFLAG_STATIC_TICKET = FALSE, CFGFLAG_SHORT_TICKET = TRUE Please let me know if this resolved your issue. Best regards, JakobE Hardware- and firmware guy @ Yubico

Author:	gabor [ Fri Feb 22, 2013 4:10 pm ]
Post subject:	Re: [RESOLVED] configure plain text static pass - COM API
Hi JakobE, thanks for the help. this answers my question. based on your input and the source code of the personalization tool, i could get this working. https://github.com/Yubico/yubikey-perso ... icpage.cpp https://github.com/Yubico/yubikey-perso ... re/ykdef.h my final javascript PoC code is posted below for future reference. up to 38 characters can be programmed into the yubikey 2.2. cheers, gabor Code: function programstatic_onclick() { var FIXED_SIZE = 16; var UID_SIZE = 6; var KEY_SIZE = 16; // read and validate plain text input, max 38 chars // e.g. 'abcdefghijklmnopqrstuvwxyz1234567890AB' var input = staticPWD.value; var maxLength = FIXED_SIZE + UID_SIZE + KEY_SIZE; if (input.length > maxLength) { alert('text too long, max ' + maxLength + ' chars'); return; } // encode plain text into keyboard scan codes var scanCodes = text2scancode(input); // split key to fit in various yubikey properties var key1 = scanCodes.substr(0, FIXED_SIZE * 2); var key2 = scanCodes.substr(FIXED_SIZE * 2, UID_SIZE * 2); var key3 = scanCodes.substr(FIXED_SIZE * 2 + UID_SIZE * 2); //yk.ykEnableDebug = true; yk.ykClear(); yk.ykFlagProperty(17) = true; // use 2nd config yk.ykFlagProperty(5) = true; // append an "enter" at the end. // use staic password mode, scancode mode yk.ykFlagProperty(11) = false; // static mode: false => output scancodes (as opposed to modhex) yk.ykFlagProperty(12) = true; // short ticket // set key parts yk.ykStaticId = key1; yk.ykUID = key2; yk.ykKey = key3; // write config to yubikey var programResult = yk.ykProgram; if (programResult == 0) { alert('success'); } else { alert('error: ' + programResult); } // logging var log = 'input: ' + input + '\n' + 'input length: ' + input.length + '\n' + 'scancodes: ' + scanCodes + '\n' + 'key1: ' + key1 + '\n' + 'key2: ' + key2 + '\n' + 'key3: ' + key3 + '\n'; logBox.value = log; } // scancode conversion table var SHIFT = 0x80; var key2usb = [ 0x00, /* 0 0x00 / 0x00, / 1 0x01 / 0x00, / 2 0x02 / 0x00, / 3 0x03 / 0x00, / 4 0x04 / 0x00, / 5 0x05 / 0x00, / 6 0x06 / 0x00, / 7 0x07 / 0x00, / 8 0x08 Backspace (0x2a) / 0x00, / 9 0x09 Tab (0x2b) / 0x00, / 10 0x0a Back Tab (0x2b \| SHIFT) / 0x00, / 11 0x0b Home (0x4a)/ 0x00, / 12 0x0c Form Feed / 0x28, / 13 0x0d Return / 0x00, / 14 0x0e / 0x00, / 15 0x0f / 0x00, / 16 0x10 / 0x00, / 17 0x11 / 0x00, / 18 0x12 / 0x00, / 19 0x13 / 0x00, / 20 0x14 / 0x00, / 21 0x15 / 0x00, / 22 0x16 / 0x00, / 23 0x17 / 0x00, / 24 0x18 Cancel (0x9b) / 0x00, / 25 0x19 / 0x00, / 26 0x1a / 0x00, / 27 0x1b Escape (0x29) / 0x00, / 28 0x1c / 0x00, / 29 0x1d / 0x00, / 30 0x1e / 0x00, / 31 0x1f / 0x2c, / 32 0x20 / 0x1e \| SHIFT, / 33 0x21 ! / 0x34 \| SHIFT, / 34 0x22 " / 0x20 \| SHIFT, / 35 0x23 # / 0x21 \| SHIFT, / 36 0x24 $ / 0x22 \| SHIFT, / 37 0x25 % / 0x24 \| SHIFT, / 38 0x26 & / 0x34, / 39 0x27 ' / 0x26 \| SHIFT, / 40 0x28 ( / 0x27 \| SHIFT, / 41 0x29 ) / 0x25 \| SHIFT, / 42 0x2a * / 0x2e \| SHIFT, / 43 0x2b + / 0x36, / 44 0x2c , / 0x2d, / 45 0x2d - / 0x37, / 46 0x2e . / 0x38, / 47 0x2f / / 0x27, / 48 0x30 0 / 0x1e, / 49 0x31 1 / 0x1f, / 50 0x32 2 / 0x20, / 51 0x33 3 / 0x21, / 52 0x34 4 / 0x22, / 53 0x35 5 / 0x23, / 54 0x36 6 / 0x24, / 55 0x37 7 / 0x25, / 56 0x38 8 / 0x26, / 57 0x39 9 / 0x33 \| SHIFT, / 58 0x3a : / 0x33, / 59 0x3b ; / 0x36 \| SHIFT, / 60 0x3c < / 0x2e, / 61 0x3d = / 0x37 \| SHIFT, / 62 0x3e > / 0x38 \| SHIFT, / 63 0x3f ? / 0x1f \| SHIFT, / 64 0x40 @ / 0x04 \| SHIFT, / 65 0x41 A / 0x05 \| SHIFT, / 66 0x42 B / 0x06 \| SHIFT, / 67 0x43 C / 0x07 \| SHIFT, / 68 0x44 D / 0x08 \| SHIFT, / 69 0x45 E / 0x09 \| SHIFT, / 70 0x46 F / 0x0a \| SHIFT, / 71 0x47 G / 0x0b \| SHIFT, / 72 0x48 H / 0x0c \| SHIFT, / 73 0x49 I / 0x0d \| SHIFT, / 74 0x4a J / 0x0e \| SHIFT, / 75 0x4b K / 0x0f \| SHIFT, / 76 0x4c L / 0x10 \| SHIFT, / 77 0x4d M / 0x11 \| SHIFT, / 78 0x4e N / 0x12 \| SHIFT, / 79 0x4f O / 0x13 \| SHIFT, / 80 0x50 P / 0x14 \| SHIFT, / 81 0x51 Q / 0x15 \| SHIFT, / 82 0x52 R / 0x16 \| SHIFT, / 83 0x53 S / 0x17 \| SHIFT, / 84 0x54 T / 0x18 \| SHIFT, / 85 0x55 U / 0x19 \| SHIFT, / 86 0x56 V / 0x1a \| SHIFT, / 87 0x57 W / 0x1b \| SHIFT, / 88 0x58 X / 0x1c \| SHIFT, / 89 0x59 Y / 0x1d \| SHIFT, / 90 0x5a Z / 0x2f, / 91 0x5b [ / 0x32, / 92 0x5c \ / 0x30, / 93 0x5d ] / 0X23 \| SHIFT, / 94 0x5e ^ / 0x2d \| SHIFT, / 95 0x5f _ / 0x35, / 96 0x60 ` / 0x04, / 97 0x61 a / 0x05, / 98 0x62 b / 0x06, / 99 0x63 c / 0x07, / 100 0x64 d / 0x08, / 101 0x65 e / 0x09, / 102 0x66 f / 0x0a, / 103 0x67 g / 0x0b, / 104 0x68 h / 0x0c, / 105 0x69 i / 0x0d, / 106 0x6a j / 0x0e, / 107 0x6b k / 0x0f, / 108 0x6c l / 0x10, / 109 0x6d m / 0x11, / 110 0x6e n / 0x12, / 111 0x6f o / 0x13, / 112 0x70 p / 0x14, / 113 0x71 q / 0x15, / 114 0x72 r / 0x16, / 115 0x73 s / 0x17, / 116 0x74 t / 0x18, / 117 0x75 u / 0x19, / 118 0x76 v / 0x1a, / 119 0x77 w / 0x1b, / 120 0x78 x / 0x1c, / 121 0x79 y / 0x1d, / 122 0x7a z / 0x2f \| SHIFT, / 123 0x7b { / 0x32 \| SHIFT, / 124 0x7c \| / 0x30 \| SHIFT, / 125 0x7d } / 0x35 \| SHIFT, / 126 0x7e ~ / 0x00, / 127 0x7f */ ]; // convert plain text to scancode representation function text2scancode(text) { var result = ''; for (var i=0; i<text.length; i++) { var charCode = text.charCodeAt(i); var scanCode = key2usb[charCode]; var hexPadded = '00' + scanCode.toString(16); var hex = hexPadded.substr(hexPadded.length - 2); result += hex; } return result; }

Author:	Tom [ Mon Feb 25, 2013 8:47 am ]
Post subject:	Re: [QUESTION] configure plain text static pass - COM API
Hello Gabor, It would be great if you'll take 3 minutes to post this in the community project section. You will join the YubiCompetition viewtopic.php?f=8&t=943 Please follow the guidelines available here: viewtopic.php?f=8&t=930 Thank you, Tom.

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/