README
¶
go-yubilib
Primitives for operating with Yubikeys (mostly around OTP parts).
Assumptions:
- most stuff like keys are encoded in hex, to be compatible with the reference implementation
- structs have GORM/JSON/YAML annotations where appropriate so they can be used directly in GORM and/or API
- functions operating on modhex/hex just replace invalid characters with X. Normally that is either checked or just makes
hexmodule fail on conversion so it is safe and fast to use inside the module but take care, giving wrong output toModHex2Hexfor example will return invalid hex string
Documentation
¶
Index ¶
- Variables
- func Byte2ModHex(b []byte) string
- func DecryptAES128ECB(hexKey string, hexCiphertext string) (plain []byte, err error)
- func EncryptAES128ECB(hexKey string, plain []byte) (encryptedHex string, err error)
- func ModHex2Hex(modhex string) (hex string)
- type Decoder
- type ErrorNotFound
- type OTPDecoder
- type YubikeyKSM
- type YubikeyOTP
Constants ¶
This section is empty.
Variables ¶
View Source
var RegexpModhex = regexp.MustCompile("^[cbdefghijklnrtuv]+$")
Functions ¶
func Byte2ModHex ¶
func DecryptAES128ECB ¶
func EncryptAES128ECB ¶
func ModHex2Hex ¶
ModHex2Hex returns hex encoded string from modhex. unconvertable characters are replaced with X
Types ¶
type Decoder ¶
type Decoder interface {
Decode(otp string) (*YubikeyOTP, error)
}
type ErrorNotFound ¶
type ErrorNotFound struct {
}
func (*ErrorNotFound) Error ¶
func (e *ErrorNotFound) Error() string
type OTPDecoder ¶
type OTPDecoder struct {
// contains filtered or unexported fields
}
func (*OTPDecoder) Decode ¶
func (d *OTPDecoder) Decode(otp string) (*YubikeyOTP, error)
type YubikeyKSM ¶
type YubikeyKSM struct {
SerialNr int `gorm:"UNIQUE;column:serialnr;unique_index:serialnr_publicname" json:"serialnr"`
PublicName string `gorm:"PRIMARY_KEY;column:publicname;unique_index:serialnr_publicname" json:"publicname"`
CreatedAt time.Time `gorm:"column:created"`
UpdatedAt time.Time `gorm:"column:modified"`
InternalName string `gorm:"column:internalname" json:"internalname"`
AESKey string `gorm:"column:aeskey;size:32" json:"aeskey"`
LockCode string `gorm:"column:lockcode" json:"lockcode"`
Creator string `gorm:"column:creator" json:"creator"`
Active bool `gorm:"column:active"`
// whether it is hardware key
Hardware bool `gorm:"column:hardware"`
// static key if present/used
Static string `gorm:"column:static" json:"static,omitempty"`
}
YubikeyKSM is GORM schema with info used by KSM, mostly similar to what Yubico tooling uses.
func (YubikeyKSM) TableName ¶
func (YubikeyKSM) TableName() string
type YubikeyOTP ¶
type YubikeyOTP struct {
PublicName string `gorm:"PRIMARY_KEY;column:ykpublicname"`
Active bool `gorm:"column:active"`
// names same as in gorm.Model
CreatedAt time.Time `gorm:"column:created"`
UpdatedAt time.Time `gorm:"column:modified"`
// increments after first generation after power on
// increments if use counter overflows, persistent
SessionCounter uint16 `gorm:"column:yk_counter"`
// increments by 1 each token generation after first (0x00-0xff), overflows into session counter
UseCounter uint8 `gorm:"column:yk_use"`
// 24 bit timestamp
YKTSLow uint16 `gorm:"column:yk_low"`
YKTSHigh uint8 `gorm:"column:yk_high"`
Notes string `gorm:"column:notes"`
// contains filtered or unexported fields
}
func DecodeOTP ¶
func DecodeOTP(decryptedOTPData []byte) (*YubikeyOTP, error)
func (YubikeyOTP) TableName ¶
func (YubikeyOTP) TableName() string
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.