def _has_mode(mode): if not _one_yubikey: return False yubikeys = list(get_descriptors()) if len(yubikeys) is not 1: return False return yubikeys[0].mode.has_transport(mode)
def refresh(self, otp_mode=False): descriptors = get_descriptors() if len(descriptors) != 1: self._descriptor = None return None desc = descriptors[0] if desc.fingerprint != ( self._descriptor.fingerprint if self._descriptor else None) \ or not otp_mode and not self._dev_info.get('version'): try: dev = desc.open_device( TRANSPORT.OTP if otp_mode else TRANSPORT.CCID) if otp_mode: version = None else: controller = OathController(dev.driver) version = controller.version except Exception: return None self._descriptor = desc self._dev_info = { 'name': dev.device_name, 'version': version, 'serial': dev.serial or '', 'enabled': [c.name for c in CAPABILITY if c & dev.enabled], 'connections': [t.name for t in TRANSPORT if t & dev.capabilities] } return self._dev_info
def _descriptors_changed(self): old_descs = self._descs[:] old_descs_fps = self._descs_fps[:] self._descs = get_descriptors() self._descs_fps = [desc.fingerprint for desc in self._descs] descs_changed = (old_descs_fps != self._descs_fps) n_descs_changed = len(self._descs) != len(old_descs) return n_descs_changed or descs_changed
def refresh(self, otp_mode=False): descriptors = get_descriptors() if len(descriptors) != 1: self._descriptor = None return None desc = descriptors[0] unmatched_otp_mode = otp_mode and not desc.mode.has_transport( TRANSPORT.OTP) unmatched_ccid_mode = not otp_mode and not desc.mode.has_transport( TRANSPORT.CCID) if unmatched_otp_mode or unmatched_ccid_mode: return { 'transports': [t.name for t in TRANSPORT.split(desc.mode.transports)], 'usable': False, } if desc.fingerprint != ( self._descriptor.fingerprint if self._descriptor else None) \ or not otp_mode and not self._dev_info.get('version'): try: dev = desc.open_device( TRANSPORT.OTP if otp_mode else TRANSPORT.CCID) if otp_mode: version = None else: controller = OathController(dev.driver) version = controller.version except Exception as e: logger.debug('Failed to refresh YubiKey', exc_info=e) return None self._descriptor = desc self._dev_info = { 'usable': True, 'name': dev.device_name, 'version': version, 'serial': dev.serial or '', 'usb_interfaces_supported': [t.name for t in TRANSPORT if t & dev.config.usb_supported], 'usb_interfaces_enabled': str(dev.mode).split('+') } return self._dev_info
def _descriptors_changed(self): old_state = self._state _, self._state = scan_devices() return self._state != old_state old_descs = self._descs[:] old_descs_fps = self._descs_fps[:] self._descs = get_descriptors() self._descs_fps = [desc.fingerprint for desc in self._descs] descs_changed = old_descs_fps != self._descs_fps n_descs_changed = len(self._descs) != len(old_descs) return n_descs_changed or descs_changed
def refresh(self): descriptors = list(get_descriptors()) if len(descriptors) != 1: self._descriptor = None return desc = descriptors[0] if desc.fingerprint != (self._descriptor.fingerprint if self._descriptor else None): self._descriptor = desc with self._open_device() as dev: if not dev: return self._dev_info = { 'name': dev.device_name, 'version': '.'.join(str(x) for x in dev.version), 'serial': dev.serial or '', 'usb_enabled': [ a.name for a in APPLICATION if a & dev.config.usb_enabled ], 'usb_supported': [ a.name for a in APPLICATION if a & dev.config.usb_supported ], 'usb_interfaces_supported': [ t.name for t in TRANSPORT if t & dev.config.usb_supported ], 'nfc_enabled': [ a.name for a in APPLICATION if a & dev.config.nfc_enabled ], 'nfc_supported': [ a.name for a in APPLICATION if a & dev.config.nfc_supported ], 'usb_interfaces_enabled': str(dev.mode).split('+'), 'can_write_config': dev.can_write_config, 'configuration_locked': dev.config.configuration_locked } return self._dev_info
def refresh(self, otp_mode=False): descriptors = get_descriptors() if len(descriptors) != 1: self._descriptor = None return None desc = descriptors[0] unmatched_otp_mode = otp_mode and not desc.mode.has_transport( TRANSPORT.OTP) unmatched_ccid_mode = not otp_mode and not desc.mode.has_transport( TRANSPORT.CCID) if unmatched_otp_mode or unmatched_ccid_mode: return { 'transports': [ t.name for t in TRANSPORT.split(desc.mode.transports) ], 'usable': False, } if desc.fingerprint != ( self._descriptor.fingerprint if self._descriptor else None) \ or not otp_mode and not self._dev_info.get('version'): try: dev = desc.open_device(TRANSPORT.OTP if otp_mode else TRANSPORT.CCID) if otp_mode: version = None else: controller = OathController(dev.driver) version = controller.version except Exception as e: logger.debug('Failed to refresh YubiKey', exc_info=e) return None self._descriptor = desc self._dev_info = { 'usable': True, 'name': dev.device_name, 'version': version, 'serial': dev.serial or '', 'usb_interfaces_supported': [ t.name for t in TRANSPORT if t & dev.config.usb_supported], 'usb_interfaces_enabled': str(dev.mode).split('+') } return self._dev_info
def refresh(self): descriptors = list(get_descriptors()) if len(descriptors) != 1: self._descriptor = None return failure('multiple_devices') desc = descriptors[0] # If we have a cached descriptor if self._descriptor: # Same device, return if desc.fingerprint == self._descriptor.fingerprint: return success({'dev': self._dev_info}) self._descriptor = desc self._dev_info = None with self._open_device() as dev: if not dev: return failure('no_device') self._dev_info = { 'name': dev.device_name, 'version': '.'.join(str(x) for x in dev.version), 'serial': dev.serial or '', 'usb_enabled': [ a.name for a in APPLICATION if a & dev.config.usb_enabled], 'usb_supported': [ a.name for a in APPLICATION if a & dev.config.usb_supported], 'usb_interfaces_supported': [ t.name for t in TRANSPORT if t & dev.config.usb_supported], 'nfc_enabled': [ a.name for a in APPLICATION if a & dev.config.nfc_enabled], 'nfc_supported': [ a.name for a in APPLICATION if a & dev.config.nfc_supported], 'usb_interfaces_enabled': str(dev.mode).split('+'), 'can_write_config': dev.can_write_config, 'configuration_locked': dev.config.configuration_locked, 'form_factor': dev.config.form_factor } return success({'dev': self._dev_info})
def refresh(self): descriptors = list(get_descriptors()) if len(descriptors) != 1: self._descriptor = None return desc = descriptors[0] if desc.fingerprint != (self._descriptor.fingerprint if self._descriptor else None): dev = desc.open_device() if not dev: return self._descriptor = desc self._dev_info = { 'name': dev.device_name, 'version': '.'.join(str(x) for x in dev.version), 'serial': dev.serial or '', 'enabled': [c.name for c in CAPABILITY if c & dev.enabled], 'connections': [t.name for t in TRANSPORT if t & dev.capabilities], } return self._dev_info
def count_devices(self): return len(get_descriptors())
def _get_version(): if not _one_yubikey: return None return list(get_descriptors())[0].version
URI_TOTP_EXAMPLE = ('otpauth://totp/ACME%20Co:[email protected]?' 'secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co' '&algorithm=SHA1&digits=6&period=30') DEFAULT_MANAGEMENT_KEY = '010203040506070801020304050607080102030405060708' _one_yubikey = False if os.environ.get('INTEGRATION_TESTS') == 'TRUE': try: from ykman.descriptor import get_descriptors click.confirm( 'Run integration tests? This will erase data on the YubiKey,' ' make sure it is a key used for development.', abort=True) _one_yubikey = len(list(get_descriptors())) == 1 except Exception: sys.exit() _skip = False else: _skip = True def _has_mode(mode): if not _one_yubikey: return False yubikeys = list(get_descriptors()) if len(yubikeys) is not 1: return False return yubikeys[0].mode.has_transport(mode)
def count_devices(self): return len(get_descriptors())