def swap_slots(self):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.swap_slots()
except YkpersError as e:
return e.errno
def erase_slot(self, slot):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.zap_slot(slot)
except YkpersError as e:
return e.errno
def program_challenge_response(self, slot, key, touch):
try:
key = a2b_hex(key)
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_chalresp(slot, key, touch)
except YkpersError as e:
return e.errno
def add_slot_credential(self, slot, key, touch):
key = parse_b32_key(key)
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
try:
controller.program_chalresp(int(slot), key, touch)
except Exception as e:
return str(e)
def _read_slot_code(self, slot, digits, timestamp, wait_for_touch):
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
code = controller.calculate(
slot, challenge=timestamp, totp=True, digits=int(digits),
wait_for_touch=wait_for_touch)
valid_from = timestamp - (timestamp % 30)
valid_to = valid_from + 30
return Code(code, valid_from, valid_to)
def program_otp(self, slot, public_id, private_id, key):
try:
key = a2b_hex(key)
public_id = modhex_decode(public_id)
private_id = a2b_hex(private_id)
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_otp(slot, key, public_id, private_id)
except YkpersError as e:
return e.errno
def program_static_password(self, slot, key, keyboard_layout):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_static(
slot,
key,
keyboard_layout=KEYBOARD_LAYOUT[keyboard_layout])
except YkpersError as e:
return e.errno
def _read_slot_code(self, slot, digits, timestamp, wait_for_touch):
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
code = controller.calculate(slot,
challenge=timestamp,
totp=True,
digits=int(digits),
wait_for_touch=wait_for_touch)
valid_from = timestamp - (timestamp % 30)
valid_to = valid_from + 30
return Code(code, valid_from, valid_to)
def swap_slots(self):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.swap_slots()
return {'success': True, 'error': None}
except YkpersError as e:
if e.errno == 3:
return {'success': False, 'error': 'write error'}
return {'success': False, 'error': str(e)}
except Exception as e:
return {'success': False, 'error': str(e)}
def program_challenge_response(self, slot, key, touch):
try:
key = a2b_hex(key)
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_chalresp(slot, key, touch)
return {'success': True, 'error': None}
except YkpersError as e:
if e.errno == 3:
return {'success': False, 'error': 'write error'}
return {'success': False, 'error': str(e)}
except Exception as e:
return {'success': False, 'error': str(e)}
def add_slot_credential(self, slot, key, touch):
try:
key = parse_b32_key(key)
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_chalresp(int(slot), key, touch)
return {'success': True, 'error': None}
except Exception as e:
if str(e) == 'Incorrect padding':
return {'success': False, 'error': 'wrong padding'}
if str(e) == 'key lengths >20 bytes not supported':
return {'success': False, 'error': 'too large key'}
return {'success': False, 'error': str(e)}
def program_oath_hotp(self, slot, key, digits):
try:
unpadded = key.upper().rstrip('=').replace(' ', '')
key = b32decode(unpadded + '=' * (-len(unpadded) % 8))
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_hotp(slot, key, hotp8=(digits == 8))
return {'success': True, 'error': None}
except YkpersError as e:
if e.errno == 3:
return {'success': False, 'error': 'write error'}
return {'success': False, 'error': str(e)}
except Exception as e:
return {'success': False, 'error': str(e)}
def program_static_password(self, slot, key, keyboard_layout):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_static(
slot,
key,
keyboard_layout=KEYBOARD_LAYOUT[keyboard_layout])
return {'success': True, 'error': None}
except YkpersError as e:
if e.errno == 3:
return {'success': False, 'error': 'write error'}
return {'success': False, 'error': str(e)}
except Exception as e:
return {'success': False, 'error': str(e)}
def program_otp(self, slot, public_id, private_id, key):
try:
key = a2b_hex(key)
public_id = modhex_decode(public_id)
private_id = a2b_hex(private_id)
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.program_otp(slot, key, public_id, private_id)
return {'success': True, 'error': None}
except YkpersError as e:
if e.errno == 3:
return {'success': False, 'error': 'write error'}
return {'success': False, 'error': str(e)}
except Exception as e:
return {'success': False, 'error': str(e)}
def slots_status(self):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
return controller.slot_status
except Exception as e:
logger.error('Failed to read slot status', exc_info=e)
def slots_status(self):
try:
with self._open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
return {'status': controller.slot_status, 'error': None}
except YkpersError as e:
if e.errno == 4:
return {'status': None, 'error': 'timeout'}
logger.error('Failed to read slot status', exc_info=e)
return {'status': None, 'error': str(e)}
except Exception as e:
logger.error('Failed to read slot status', exc_info=e)
return {'status': None, 'error': str(e)}
def __enter__(self):
return OtpController(self._dev.driver)
def slot_status(self):
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
return list(controller.slot_status)
def delete_slot_credential(self, slot):
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.zap_slot(slot)
def delete_slot_credential(self, slot):
with self._descriptor.open_device(TRANSPORT.OTP) as dev:
controller = OtpController(dev.driver)
controller.zap_slot(slot)