def _get_devices(self, otp_mode=False): res = [] for dev, info in list_all_devices(): usb_enabled = info.config.enabled_capabilities[TRANSPORT.USB] interfaces_enabled = [] if CAPABILITY.OTP & usb_enabled: interfaces_enabled.append("OTP") if (CAPABILITY.U2F | CAPABILITY.FIDO2) & usb_enabled: interfaces_enabled.append("FIDO") if ( CAPABILITY.OATH | CAPABILITY.PIV | CAPABILITY.OPENPGP ) & usb_enabled: interfaces_enabled.append("CCID") if otp_mode: selectable = "OTP" in interfaces_enabled has_password = False else: selectable = "CCID" in interfaces_enabled if selectable: with connect_to_device(info.serial, [SmartCardConnection])[ 0 ] as conn: oath = OathSession(conn) has_password = oath.locked else: has_password = False res.append( { "name": get_name(info, dev.pid.get_type()), "version": ".".join(str(d) for d in info.version), "serial": info.serial or "", "usbInterfacesEnabled": interfaces_enabled, "hasPassword": has_password, "selectable": selectable, "validated": not has_password, } ) return res
def test_yk5_fips_formfactors(): kt = YUBIKEY.YK4 assert get_name(fips(info(FORM_FACTOR.USB_A_KEYCHAIN)), kt) == "YubiKey 5A FIPS" assert (get_name(fips(info_nfc(FORM_FACTOR.USB_A_KEYCHAIN)), kt) == "YubiKey 5 NFC FIPS") assert get_name(fips(info(FORM_FACTOR.USB_A_NANO)), kt) == "YubiKey 5 Nano FIPS" assert get_name(fips(info(FORM_FACTOR.USB_C_KEYCHAIN)), kt) == "YubiKey 5C FIPS" assert (get_name(fips(info_nfc(FORM_FACTOR.USB_C_KEYCHAIN)), kt) == "YubiKey 5C NFC FIPS") assert get_name(fips(info(FORM_FACTOR.USB_C_NANO)), kt) == "YubiKey 5C Nano FIPS" assert get_name(fips(info(FORM_FACTOR.USB_C_LIGHTNING)), kt) == "YubiKey 5Ci FIPS" assert get_name(fips(info(FORM_FACTOR.USB_A_BIO)), kt) == "YubiKey Bio FIPS" assert get_name(fips(info(FORM_FACTOR.USB_C_BIO)), kt) == "YubiKey C Bio FIPS" assert get_name(fips(info(FORM_FACTOR.UNKNOWN)), kt) == "YubiKey 5 FIPS" assert get_name(fips(info_nfc(FORM_FACTOR.UNKNOWN)), kt) == "YubiKey 5 NFC FIPS"
def test_yk5_fido(): kt = YUBIKEY.YK4 assert (get_name(fido(info(FORM_FACTOR.USB_A_BIO)), kt) == "YubiKey Bio - FIDO Edition") assert (get_name(fido(info(FORM_FACTOR.USB_C_BIO)), kt) == "YubiKey C Bio - FIDO Edition")
def test_yk5_formfactors(): kt = YUBIKEY.YK4 assert get_name(info(FORM_FACTOR.USB_A_KEYCHAIN), kt) == "YubiKey 5A" assert get_name(info_nfc(FORM_FACTOR.USB_A_KEYCHAIN), kt) == "YubiKey 5 NFC" assert get_name(info(FORM_FACTOR.USB_A_NANO), kt) == "YubiKey 5 Nano" assert get_name(info(FORM_FACTOR.USB_C_KEYCHAIN), kt) == "YubiKey 5C" assert get_name(info_nfc(FORM_FACTOR.USB_C_KEYCHAIN), kt) == "YubiKey 5C NFC" assert get_name(info(FORM_FACTOR.USB_C_NANO), kt) == "YubiKey 5C Nano" assert get_name(info(FORM_FACTOR.USB_C_LIGHTNING), kt) == "YubiKey 5Ci" assert get_name(info(FORM_FACTOR.USB_A_BIO), kt) == "YubiKey Bio" assert get_name(info(FORM_FACTOR.USB_C_BIO), kt) == "YubiKey C Bio" assert get_name(info(FORM_FACTOR.UNKNOWN), kt) == "YubiKey 5" assert get_name(info_nfc(FORM_FACTOR.UNKNOWN), kt) == "YubiKey 5 NFC"
def refresh_devices(self, otp_mode=False, reader_filter=None): self._devices = [] if not otp_mode and reader_filter: self._reader_filter = reader_filter dev = self._get_dev_from_reader() if dev: with dev.open_connection(SmartCardConnection) as conn: info = read_info(dev.pid, conn) try: oath = OathSession(conn) has_password = oath.locked selectable = True except ApplicationNotAvailableError: selectable = False has_password = False usb_enabled = info.config.enabled_capabilities[TRANSPORT.USB] interfaces_enabled = [] if CAPABILITY.OTP & usb_enabled: interfaces_enabled.append("OTP") if (CAPABILITY.U2F | CAPABILITY.FIDO2) & usb_enabled: interfaces_enabled.append("FIDO") if ( CAPABILITY.OATH | CAPABILITY.PIV | CAPABILITY.OPENPGP ) & usb_enabled: interfaces_enabled.append("CCID") self._devices.append( { "name": get_name( info, dev.pid.get_type() if dev.pid else None ), "version": ".".join(str(d) for d in info.version), "serial": info.serial or "", "usbInterfacesEnabled": interfaces_enabled, "hasPassword": has_password, "selectable": selectable, "validated": True, # not has_password } ) return success({"devices": self._devices}) else: return success({"devices": []}) else: self._reader_filter = None # Forget current serial and derived key if no descriptors # Return empty list of devices if not self._devs: self._current_serial = None self._current_derived_key = None return success({"devices": []}) self._devices = self._get_devices(otp_mode) # If no current serial, or current serial seems removed, # select the first serial found. if not self._current_serial or ( self._current_serial not in [dev["serial"] for dev in self._devices] ): for dev in self._devices: if dev["serial"]: self._current_serial = dev["serial"] break return success({"devices": self._devices})