def otp_add_credential(self, slot, key, touch):
key = parse_b32_key(key)
with self._open_otp() as otp_controller:
otp_controller.put_configuration(
int(slot), HmacSha1SlotConfiguration(key).require_touch(touch)
)
return success()
def parse_oath_key(val: str) -> bytes:
"""Parse a secret key encoded as either Hex or Base32."""
val = val.upper()
if re.match(r"^([0-9A-F]{2})+$", val): # hex
return bytes.fromhex(val)
else:
# Key should be b32 encoded
return parse_b32_key(val)
def add(
ctx,
secret,
name,
issuer,
period,
oath_type,
digits,
touch,
algorithm,
counter,
force,
password,
remember,
):
"""
Add a new account.
This will add a new OATH account to the YubiKey.
\b
NAME Human readable name of the account, such as a username or e-mail address.
SECRET Base32-encoded secret/key value provided by the server.
"""
digits = int(digits)
if not secret:
while True:
secret = click_prompt("Enter a secret key (base32)")
try:
secret = parse_b32_key(secret)
break
except Exception as e:
click.echo(e)
_init_session(ctx, password, remember)
_add_cred(
ctx,
CredentialData(
name, oath_type, algorithm, secret, digits, period, counter, issuer
),
touch,
force,
)
def ccid_add_credential(
self,
name,
secret,
issuer,
oath_type,
algo,
digits,
period,
touch,
overwrite=False,
):
secret = parse_b32_key(secret)
with self._open_oath() as oath_controller:
try:
self._unlock(oath_controller)
cred_data = CredentialData(
name,
OATH_TYPE[oath_type],
HASH_ALGORITHM[algo],
secret,
int(digits),
int(period),
0,
issuer,
)
if not overwrite:
key = cred_data.get_id()
if key in [
cred.id for cred in oath_controller.list_credentials()
]:
return failure("credential_already_exists")
oath_controller.put_credential(cred_data, touch)
except ApduError as e:
# NEO doesn't return a no space error if full,
# but a command aborted error. Assume it's because of
# no space in this context.
if e.sw in (SW.NO_SPACE, SW.COMMAND_ABORTED):
return failure("no_space")
else:
raise
return success()
def add(
ctx,
secret,
name,
issuer,
period,
oath_type,
digits,
touch,
algorithm,
counter,
force,
password,
remember,
):
"""
Add a new account.
This will add a new OATH account to the YubiKey.
"""
digits = int(digits)
if not secret:
while True:
secret = click_prompt("Enter a secret key (base32)")
try:
secret = parse_b32_key(secret)
break
except Exception as e:
click.echo(e)
_init_session(ctx, password, remember)
_add_cred(
ctx,
CredentialData(name, oath_type, algorithm, secret, digits, period,
counter, issuer),
touch,
force,
)
def add(
ctx,
secret,
name,
issuer,
period,
oath_type,
digits,
touch,
algorithm,
counter,
force,
):
"""
Add a new credential.
This will add a new credential to your YubiKey.
"""
digits = int(digits)
if not secret:
while True:
secret = click_prompt("Enter a secret key (base32)")
try:
secret = parse_b32_key(secret)
break
except Exception as e:
click.echo(e)
ensure_validated(ctx)
_add_cred(
ctx,
CredentialData(
name, oath_type, algorithm, secret, digits, period, counter, issuer
),
touch,
force,
)
def click_parse_b32_key(ctx, param, val):
return parse_b32_key(val)
def otp_add_credential(self, slot, key, touch):
key = parse_b32_key(key)
with self._open_otp() as otp_controller:
otp_controller.program_chalresp(int(slot), key, touch)
return success()
