Yubico Forum

Choosing appropriate hex values for the TokenID
Page 1 of 1

Author:  tpohl [ Thu Apr 30, 2009 7:42 pm ]
Post subject:  Choosing appropriate hex values for the TokenID


I'm working on a web-based approach for reprogramming the yubikey through a web interface using the sample html page example from the personalization tool. I have it programming the keys just fine, but I find that there seems to be a "secret" in choosing appropriate hex values for the TokenID.

Here are 2 examples 1 works and 1 does not:

TokenID (in hex): 22255f563465
converted to base64: IiVfVjRl

Doesn't work:
TokenID (in hex): b257e81803c8
converted to base64: ALJX6BgDyA==

Are there rules around hex values that aren't acceptable for the token id? I was simply taking the first 12 characters of an AES key in hex and using that for a token id and a second AES key as the private key, but it appears my plan won't work unless I get a handle on appropriate values of the token id! :)

Any ideas?

Author:  Jakob [ Mon May 04, 2009 12:25 am ]
Post subject:  Re: Choosing appropriate hex values for the TokenID

I guess the "Token ID" refers to what is also known as the public ID... ?

The OTP as it goes today is 44 modhex characters. It is made up of a public ID (= static information) that is by default 6 bytes (= 12 modhex characters) and an OTP (= dynamic information) that is 16 bytes (= 32 modhex characters). This means that the concatinated OTP from a default deployed Yubikey is 12 + 32 = 44 characters, where the public ID part is being sent first.

Please let me know if this brings any light into the question.


Hardware- and firmware guy @ Yubico

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group