def yubi_mass_enroll(lotpc,
proc_params,
yubi_mode,
yubi_slot,
yubi_prefix_serial,
yubi_prefix,
yubi_prefix_random,
yubi_cr,
):
'''
Do the Yubikey mass enrollment
:param lotpc: the linotp connnection
:param proc_params: the additional parameters from the command line
:param yubi_mode: yubikey modus: YUBI_STATIC_MODE, YUBI_OATH_MODE, YUBI_AES_MODE
:param yubi_slot: slot of the yubikey [1,2]
:param yubi_prefix_serial: serial number added to the prefix
:param yubi_prefix: the public prefix
:param yubi_prefix_random: the rendom prefix
:param yubi_cr: boolean - uses as TOTP token
'''
yp = YubikeyPlug()
while 0 == 0:
print "\nPlease insert the next yubikey.",
sys.stdout.flush()
submit_param = {}
#input = raw_input("Please insert the next yubikey and press enter (x=Exit): ")
#if "x" == input.lower():
# break
ret = yp.wait_for_new_yubikey()
# if otplen is set and YUBI_OATH mode, we add the digits
# parameter to the yubienroll
ykparams = {}
if (yubi_mode == YUBI_OATH_MODE and
'otplen' in proc_params and proc_params['otplen'] in ['6','8']):
ykparams['digits'] = int(proc_params['otplen'])
otpkey, serial = enrollYubikey(debug=False,
prefix_serial=yubi_prefix_serial,
fixed_string=yubi_prefix,
len_fixed_string=yubi_prefix_random,
slot=yubi_slot,
mode=yubi_mode,
challenge_response=yubi_cr, **ykparams)
description = proc_params.get('description', "mass enrolled")
if yubi_mode == YUBI_OATH_MODE:
# According to http://www.openauthentication.org/oath-id/prefixes/
# The OMP of Yubico is UB
# As TokenType we use OM (oath mode)
submit_param = {'serial':"UBOM%s_%s" % (serial, yubi_slot),
'otpkey':otpkey,
'description':description}
# add the otplen if set as ykparam
if ykparams and 'digits' in ykparams:
submit_param['otplen'] = ykparams['digits']
if yubi_cr:
submit_param['type'] = 'TOTP'
submit_param['timeStep'] = 30
elif yubi_mode == YUBI_STATIC_MODE:
password = create_static_password(otpkey)
#print "otpkey ", otpkey
#print "password ", password
submit_param = {'serial':"UBSM%s_%s" % (serial, yubi_slot),
'otpkey':password,
'type': "pw",
'description':description}
elif yubi_mode == YUBI_AES_MODE:
yubi_otplen = 32
if yubi_prefix_serial:
yubi_otplen = 32 + len(serial) * 2
elif yubi_prefix:
yubi_otplen = 32 + (len(yubi_prefix) * 2)
elif yubi_prefix_random:
yubi_otplen = 32 + (yubi_prefix_random * 2)
# According to http://www.openauthentication.org/oath-id/prefixes/
# The OMP of Yubico is UB
# As TokenType we use AM (AES mode)
submit_param = {'type': 'yubikey',
'serial':"UBAM%s_%s" % (serial, yubi_slot),
'otpkey':otpkey,
'otplen':yubi_otplen,
'description':description}
else:
print "Unknown Yubikey mode"
pass
if 'realm' in proc_params:
submit_param['realm'] = proc_params.get('realm')
r1 = lotpc.inittoken(submit_param)
showresult(r1)
def yubi_mass_enroll(lotpc, proc_params, yubi_mode, yubi_slot,
yubi_prefix_serial, yubi_prefix, yubi_prefix_random,
yubi_cr):
'''
Do the Yubikey mass enrollment
:param lotpc: the linotp connnection
:param proc_params: the additional parameters from the command line
:param yubi_mode: yubikey modus: YUBI_STATIC_MODE, YUBI_OATH_MODE, YUBI_AES_MODE
:param yubi_slot: slot of the yubikey [1,2]
:param yubi_prefix_serial: serial number added to the prefix
:param yubi_prefix: the public prefix
:param yubi_prefix_random: the rendom prefix
:param yubi_cr: boolean - uses as TOTP token
'''
yp = YubikeyPlug()
while 0 == 0:
print "\nPlease insert the next yubikey.",
sys.stdout.flush()
submit_param = {}
#input = raw_input("Please insert the next yubikey and press enter (x=Exit): ")
#if "x" == input.lower():
# break
ret = yp.wait_for_new_yubikey()
otpkey, serial = enrollYubikey(debug=False,
prefix_serial=yubi_prefix_serial,
fixed_string=yubi_prefix,
len_fixed_string=yubi_prefix_random,
slot=yubi_slot,
mode=yubi_mode,
challenge_response=yubi_cr)
description = proc_params.get('description', "mass enrolled")
if yubi_mode == YUBI_OATH_MODE:
# According to http://www.openauthentication.org/oath-id/prefixes/
# The OMP of Yubico is UB
# As TokenType we use OM (oath mode)
submit_param = {
'serial': "UBOM%s_%s" % (serial, yubi_slot),
'otpkey': otpkey,
'description': description
}
if yubi_cr:
submit_param['type'] = 'TOTP'
submit_param['timeStep'] = 30
elif yubi_mode == YUBI_STATIC_MODE:
password = create_static_password(otpkey)
#print "otpkey ", otpkey
#print "password ", password
submit_param = {
'serial': "UBSM%s_%s" % (serial, yubi_slot),
'otpkey': password,
'type': "pw",
'description': description
}
elif yubi_mode == YUBI_AES_MODE:
yubi_otplen = 32
if yubi_prefix_serial:
yubi_otplen = 32 + len(serial) * 2
elif yubi_prefix:
yubi_otplen = 32 + (len(yubi_prefix) * 2)
elif yubi_prefix_random:
yubi_otplen = 32 + (yubi_prefix_random * 2)
# According to http://www.openauthentication.org/oath-id/prefixes/
# The OMP of Yubico is UB
# As TokenType we use AM (AES mode)
submit_param = {
'type': 'yubikey',
'serial': "UBAM%s_%s" % (serial, yubi_slot),
'otpkey': otpkey,
'otplen': yubi_otplen,
'description': description
}
else:
print "Unknown Yubikey mode"
pass
if 'realm' in proc_params:
submit_param['realm'] = proc_params.get('realm')
r1 = lotpc.inittoken(submit_param)
showresult(r1)