"-ifile read configuration from file.\n"
" (if file is -, read from stdin)\n"
"-axxx.. A 32 char hex value (not modhex) of a fixed AES key to use\n"
+#if 0
+"-cxxx.. A 12 char modhex value to use as access code for programming\n"
+#endif
"-ooption change configuration option. Possible option arguments are:\n"
" salt=ssssssss Salt to be used for key generation. If\n"
" none is given, a unique random one will be\n"
" This is 0-16 characters long.\n"
" hexfixed=fffffff Fixed part, but encoded in hex.\n"
" This is 0-16 characters long.\n"
-" uid=uuuuuu The uid part of the generated ticket. Can\n"
-" be up to 6 characters long.\n"
+" uid=uuuuuu The uid part of the generated ticket.\n"
+" MUST be 12 characters long.\n"
+#if 0
+" access=fffffffffff New modhex access code to set.\n"
+" MUST be 12 characters long.\n"
+#endif
" [-]tab-first set/clear the TAB_FIRST ticket flag.\n"
" [-]append-tab1 set/clear the APPEND_TAB1 ticket flag.\n"
" [-]append-tab2 set/clear the APPEND_TAB1 ticket flag.\n"
"-v verbose\n"
"-h help (this text)\n"
;
-const char *optstring = "a:hi:o:s:v";
+const char *optstring = "a:c:hi:o:s:v";
static int reader(char *buf, size_t count, void *stream)
{
FILE *outf = NULL; const char *outfname = NULL;
bool verbose = false;
bool aesviahash = false; const char *aeshash = NULL;
+ bool use_access_code = false, new_access_code = false;
+ unsigned char access_code[256];
YK_KEY *yk = NULL;
YKP_CONFIG *cfg = ykp_create_config();
YK_STATUS *st = ykds_alloc();
aesviahash = true;
aeshash = optarg;
break;
+#if 0
+ case 'c':
+ if (strlen(optarg) != 12) {
+ fprintf(stderr,
+ "Invalid access code string: %s\n",
+ optarg);
+ exit_code = 1;
+ goto err;
+ }
+ yubikey_modhex_decode(access_code,
+ optarg, strlen(optarg));
+ if (!new_access_code)
+ ykp_set_access_code(cfg,
+ access_code,
+ strlen(optarg) / 2);
+ use_access_code = true;
+ break;
+#endif
case 'o':
if (strncmp(optarg, "salt=", 5) == 0)
salt = strdup(optarg+5);
yubikey_modhex_decode (fixedbin, fixed,
fixedlen);
ykp_set_fixed(cfg, fixedbin, fixedlen / 2);
+ new_access_code = true;
}
else if (strncmp(optarg, "hexfixed=", 9) == 0) {
const char *fixed = optarg+9;
yubikey_hex_decode (uidbin, uid, uidlen);
ykp_set_uid(cfg, uidbin, uidlen / 2);
}
+#if 0
+ else if (strncmp(optarg, "access=", 7) == 0) {
+ const char *acc = optarg+7;
+ size_t acclen = strlen (acc);
+ char accbin[256];
+ if (acclen % 2 || acclen != 12)
+ {
+ fprintf(stderr,
+ "Invalid modhex access code string: %s\n",
+ acc);
+ exit_code = 1;
+ goto err;
+ }
+ yubikey_modhex_decode (accbin, acc, acclen);
+ ykp_set_access_code(cfg, accbin, acclen / 2);
+ }
+#endif
else if (strcmp(optarg, "tab-first") == 0)
ykp_set_tktflag_TAB_FIRST(cfg, true);
else if (strcmp(optarg, "-tab-first") == 0)
if (verbose)
printf("Attempting to write configuration to the yubikey...");
- if (!yk_write_config(yk, cfg, NULL)) {
+ if (!yk_write_config(yk, ykp_core_config(cfg),
+ use_access_code ? access_code : NULL)) {
if (verbose)
printf(" failure\n");
goto err;
projects / yubikey-personalization.old / commitdiff