def _has_mode(mode):
if not _one_yubikey:
return False
yubikeys = list(get_descriptors())
if len(yubikeys) is not 1:
return False
return yubikeys[0].mode.has_transport(mode)
def refresh(self, otp_mode=False):
descriptors = get_descriptors()
if len(descriptors) != 1:
self._descriptor = None
return None
desc = descriptors[0]
if desc.fingerprint != (
self._descriptor.fingerprint if self._descriptor else None) \
or not otp_mode and not self._dev_info.get('version'):
try:
dev = desc.open_device(
TRANSPORT.OTP if otp_mode else TRANSPORT.CCID)
if otp_mode:
version = None
else:
controller = OathController(dev.driver)
version = controller.version
except Exception:
return None
self._descriptor = desc
self._dev_info = {
'name': dev.device_name,
'version': version,
'serial': dev.serial or '',
'enabled': [c.name for c in CAPABILITY if c & dev.enabled],
'connections':
[t.name for t in TRANSPORT if t & dev.capabilities]
}
return self._dev_info
def _descriptors_changed(self):
old_descs = self._descs[:]
old_descs_fps = self._descs_fps[:]
self._descs = get_descriptors()
self._descs_fps = [desc.fingerprint for desc in self._descs]
descs_changed = (old_descs_fps != self._descs_fps)
n_descs_changed = len(self._descs) != len(old_descs)
return n_descs_changed or descs_changed
def refresh(self, otp_mode=False):
descriptors = get_descriptors()
if len(descriptors) != 1:
self._descriptor = None
return None
desc = descriptors[0]
unmatched_otp_mode = otp_mode and not desc.mode.has_transport(
TRANSPORT.OTP)
unmatched_ccid_mode = not otp_mode and not desc.mode.has_transport(
TRANSPORT.CCID)
if unmatched_otp_mode or unmatched_ccid_mode:
return {
'transports':
[t.name for t in TRANSPORT.split(desc.mode.transports)],
'usable':
False,
}
if desc.fingerprint != (
self._descriptor.fingerprint if self._descriptor else None) \
or not otp_mode and not self._dev_info.get('version'):
try:
dev = desc.open_device(
TRANSPORT.OTP if otp_mode else TRANSPORT.CCID)
if otp_mode:
version = None
else:
controller = OathController(dev.driver)
version = controller.version
except Exception as e:
logger.debug('Failed to refresh YubiKey', exc_info=e)
return None
self._descriptor = desc
self._dev_info = {
'usable':
True,
'name':
dev.device_name,
'version':
version,
'serial':
dev.serial or '',
'usb_interfaces_supported':
[t.name for t in TRANSPORT if t & dev.config.usb_supported],
'usb_interfaces_enabled':
str(dev.mode).split('+')
}
return self._dev_info
def _descriptors_changed(self):
old_state = self._state
_, self._state = scan_devices()
return self._state != old_state
old_descs = self._descs[:]
old_descs_fps = self._descs_fps[:]
self._descs = get_descriptors()
self._descs_fps = [desc.fingerprint for desc in self._descs]
descs_changed = old_descs_fps != self._descs_fps
n_descs_changed = len(self._descs) != len(old_descs)
return n_descs_changed or descs_changed
def refresh(self):
descriptors = list(get_descriptors())
if len(descriptors) != 1:
self._descriptor = None
return
desc = descriptors[0]
if desc.fingerprint != (self._descriptor.fingerprint
if self._descriptor else None):
self._descriptor = desc
with self._open_device() as dev:
if not dev:
return
self._dev_info = {
'name':
dev.device_name,
'version':
'.'.join(str(x) for x in dev.version),
'serial':
dev.serial or '',
'usb_enabled': [
a.name for a in APPLICATION
if a & dev.config.usb_enabled
],
'usb_supported': [
a.name for a in APPLICATION
if a & dev.config.usb_supported
],
'usb_interfaces_supported': [
t.name for t in TRANSPORT
if t & dev.config.usb_supported
],
'nfc_enabled': [
a.name for a in APPLICATION
if a & dev.config.nfc_enabled
],
'nfc_supported': [
a.name for a in APPLICATION
if a & dev.config.nfc_supported
],
'usb_interfaces_enabled':
str(dev.mode).split('+'),
'can_write_config':
dev.can_write_config,
'configuration_locked':
dev.config.configuration_locked
}
return self._dev_info
def refresh(self, otp_mode=False):
descriptors = get_descriptors()
if len(descriptors) != 1:
self._descriptor = None
return None
desc = descriptors[0]
unmatched_otp_mode = otp_mode and not desc.mode.has_transport(
TRANSPORT.OTP)
unmatched_ccid_mode = not otp_mode and not desc.mode.has_transport(
TRANSPORT.CCID)
if unmatched_otp_mode or unmatched_ccid_mode:
return {
'transports': [
t.name for t in TRANSPORT.split(desc.mode.transports)
],
'usable': False,
}
if desc.fingerprint != (
self._descriptor.fingerprint if self._descriptor else None) \
or not otp_mode and not self._dev_info.get('version'):
try:
dev = desc.open_device(TRANSPORT.OTP if otp_mode
else TRANSPORT.CCID)
if otp_mode:
version = None
else:
controller = OathController(dev.driver)
version = controller.version
except Exception as e:
logger.debug('Failed to refresh YubiKey', exc_info=e)
return None
self._descriptor = desc
self._dev_info = {
'usable': True,
'name': dev.device_name,
'version': version,
'serial': dev.serial or '',
'usb_interfaces_supported': [
t.name for t in TRANSPORT
if t & dev.config.usb_supported],
'usb_interfaces_enabled': str(dev.mode).split('+')
}
return self._dev_info
def refresh(self):
descriptors = list(get_descriptors())
if len(descriptors) != 1:
self._descriptor = None
return failure('multiple_devices')
desc = descriptors[0]
# If we have a cached descriptor
if self._descriptor:
# Same device, return
if desc.fingerprint == self._descriptor.fingerprint:
return success({'dev': self._dev_info})
self._descriptor = desc
self._dev_info = None
with self._open_device() as dev:
if not dev:
return failure('no_device')
self._dev_info = {
'name': dev.device_name,
'version': '.'.join(str(x) for x in dev.version),
'serial': dev.serial or '',
'usb_enabled': [
a.name for a in APPLICATION
if a & dev.config.usb_enabled],
'usb_supported': [
a.name for a in APPLICATION
if a & dev.config.usb_supported],
'usb_interfaces_supported': [
t.name for t in TRANSPORT
if t & dev.config.usb_supported],
'nfc_enabled': [
a.name for a in APPLICATION
if a & dev.config.nfc_enabled],
'nfc_supported': [
a.name for a in APPLICATION
if a & dev.config.nfc_supported],
'usb_interfaces_enabled': str(dev.mode).split('+'),
'can_write_config': dev.can_write_config,
'configuration_locked': dev.config.configuration_locked,
'form_factor': dev.config.form_factor
}
return success({'dev': self._dev_info})
def refresh(self):
descriptors = list(get_descriptors())
if len(descriptors) != 1:
self._descriptor = None
return
desc = descriptors[0]
if desc.fingerprint != (self._descriptor.fingerprint
if self._descriptor else None):
dev = desc.open_device()
if not dev:
return
self._descriptor = desc
self._dev_info = {
'name': dev.device_name,
'version': '.'.join(str(x) for x in dev.version),
'serial': dev.serial or '',
'enabled': [c.name for c in CAPABILITY if c & dev.enabled],
'connections':
[t.name for t in TRANSPORT if t & dev.capabilities],
}
return self._dev_info
def count_devices(self):
return len(get_descriptors())
def _get_version():
if not _one_yubikey:
return None
return list(get_descriptors())[0].version
URI_TOTP_EXAMPLE = ('otpauth://totp/ACME%20Co:[email protected]?'
'secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co'
'&algorithm=SHA1&digits=6&period=30')
DEFAULT_MANAGEMENT_KEY = '010203040506070801020304050607080102030405060708'
_one_yubikey = False
if os.environ.get('INTEGRATION_TESTS') == 'TRUE':
try:
from ykman.descriptor import get_descriptors
click.confirm(
'Run integration tests? This will erase data on the YubiKey,'
' make sure it is a key used for development.',
abort=True)
_one_yubikey = len(list(get_descriptors())) == 1
except Exception:
sys.exit()
_skip = False
else:
_skip = True
def _has_mode(mode):
if not _one_yubikey:
return False
yubikeys = list(get_descriptors())
if len(yubikeys) is not 1:
return False
return yubikeys[0].mode.has_transport(mode)
def count_devices(self):
return len(get_descriptors())
