char *salt = NULL;
char ndef[128];
char ndef_type = 0;
- unsigned char usb_mode = -1;
+ unsigned char usb_mode = 0;
+ unsigned char cr_timeout = 0;
+ unsigned char autoeject_timeout = 0;
+ int num_modes_seen = 0;
bool zap = false;
unsigned char scan_map[sizeof(SCAN_MAP)];
st, &verbose, &dry_run,
access_code, &use_access_code,
&aesviahash, &ndef_type, ndef, &usb_mode, &zap,
- scan_map, &exit_code);
+ scan_map, &cr_timeout, &autoeject_timeout, &num_modes_seen,
+ &exit_code);
return rc;
}
char *salt = NULL;
char ndef[128];
char ndef_type = 0;
- unsigned char usb_mode = -1;
+ unsigned char usb_mode = 0;
+ unsigned char cr_timeout = 0;
+ unsigned char autoeject_timeout = 0;
+ int num_modes_seen = 0;
bool zap = false;
unsigned char scan_map[sizeof(SCAN_MAP)];
st, &verbose, &dry_run,
access_code, &use_access_code,
&aesviahash, &ndef_type, ndef, &usb_mode, &zap,
- scan_map, &exit_code);
+ scan_map, &cr_timeout, &autoeject_timeout, &num_modes_seen,
+ &exit_code);
assert(rc == 1);
i = strcmp(infname, "in"); assert(i == 0);
i = strcmp(outfname, "out"); assert(i == 0);
" (this does NOT SET the access code, that's done with -oaccess=)\n"
"-nXXX.. Write NDEF URI to YubiKey NEO, must be used with -1 or -2\n"
"-tXXX.. Write NDEF text to YubiKey NEO, must be used with -1 or -2\n"
-"-mMODE Set the USB operation mode of the YubiKey NEO.\n"
-" Possible MODE arguments are:\n"
-" 0 HID device only.\n"
-" 1 CCID device only.\n"
-" 2 HID/CCID composite device.\n"
-" Add 80 to set MODE_FLAG_EJECT, for example: 81\n"
+"-mMODE Set the USB device configuration of the YubiKey NEO.\n"
+" See the manpage for details\n"
"-S0605.. Set the scanmap to use with the YubiKey NEO. Must be 45 unique bytes,\n"
" in hex. Use with no argument to reset to the default.\n"
"-oOPTION change configuration option. Possible OPTION arguments are:\n"
unsigned char *access_code, bool *use_access_code,
bool *aesviahash, char *ndef_type, char *ndef,
unsigned char *usb_mode, bool *zap,
- unsigned char *scan_bin, int *exit_code)
+ unsigned char *scan_bin, unsigned char *cr_timeout,
+ unsigned char *autoeject_timeout, int *num_modes_seen,
+ int *exit_code)
{
int c;
const char *aeshash = NULL;
*exit_code = 1;
return 0;
}
- if(optarg[1] != '\0') {
- *usb_mode = (optarg[0] - '0') << 4;
- optarg++;
- }
- if(optarg[1] == '\0') {
- int mode = optarg[0] - '0';
- if(mode >= 0 && mode < MODE_MASK) {
- *usb_mode |= mode;
- usb_mode_seen = true;
+ unsigned char mode, crtime, autotime;
+ int matched = sscanf(optarg, "%hhx:%hhd:%hhd", &mode, &crtime, &autotime);
+ if(matched > 0) {
+ *usb_mode = mode;
+ if(matched > 1) {
+ *cr_timeout = crtime;
+ if(matched > 2) {
+ *autoeject_timeout = autotime;
+ }
}
- }
- /* Only true if we've parsed a valid USB mode number */
- if(!usb_mode_seen) {
+ usb_mode_seen = true;
+ *num_modes_seen = matched;
+ } else {
fprintf(stderr, "Invalid USB operation mode.\n");
*exit_code = 1;
return 0;
YK_STATUS *st, bool *verbose, bool *dry_run,
unsigned char *access_code, bool *use_access_code,
bool *aesviahash, char *ndef_type, char *ndef, unsigned char *usb_mode,
- bool *zap, unsigned char *scan_bin, int *exit_code);
+ bool *zap, unsigned char *scan_bin, unsigned char *cr_timeout,
+ unsigned char *autoeject_timeout, int *num_modes_seen, int *exit_code);
void report_yk_error(void);
.RS
.TP
\fB-m mode\fR
-set the mode of operation for the YubiKey NEO. 0 for HID device only,
-1 for CCID device only and 2 for HID/CCID composite device. To set the
-autoeject flag add 80, for example: 82.
+set device configuration for the YubiKey NEO. It is parsed in the form
+\fImode:cr_timeout:autoeject_timeout\fR
+.br
+where mode is:
+.br
+0 HID device only.
+.br
+1 CCID device only.
+.br
+2 HID/CCID composite device.
+.br
+Add 80 to set MODE_FLAG_EJECT, for example: 81
+.br
+cr_timeout is the timeout in seconds for the YubiKey to wait on button press for challenge response (default is 15)
+.br
+autoeject_timeout is the timeout in seconds before the card is automatically ejected in mode 81
.TP
\fB-S\fI0605...\fR
set the scanmap to be used with the YubiKey NEO. It must be 45 unique
char ndef_string[128] = {0};
char ndef_type = 0;
unsigned char usb_mode = 0;
+ unsigned char cr_timeout = 0;
+ unsigned char autoeject_timeout = 0;
+ int num_modes_seen = 0;
bool zap = false;
bool error = false;
st, &verbose, &dry_run,
access_code, &use_access_code,
&aesviahash, &ndef_type, ndef_string,
- &usb_mode, &zap, scan_codes, &exit_code)) {
+ &usb_mode, &zap, scan_codes, &cr_timeout,
+ &autoeject_timeout, &num_modes_seen, &exit_code)) {
goto err;
}
fprintf(stderr, "New NDEF will be written as:\n%s\n", ndef_string);
} else if(ykp_command(cfg) == SLOT_DEVICE_CONFIG) {
fprintf(stderr, "The USB mode will be set to: 0x%x\n", usb_mode);
+ if(num_modes_seen > 1) {
+ fprintf(stderr, "The challenge response timeout will be set to: %d\n", cr_timeout);
+ if(num_modes_seen > 2) {
+ fprintf(stderr, "The smartcard autoeject timeout will be set to: %d\n", autoeject_timeout);
+ }
+ }
} else if(ykp_command(cfg) == SLOT_SCAN_MAP) {
fprintf(stderr, "A new scanmap will be written.\n");
} else if(zap) {
} else if(ykp_command(cfg) == SLOT_DEVICE_CONFIG) {
YK_DEVICE_CONFIG *device_config = ykp_alloc_device_config();
ykp_set_device_mode(device_config, usb_mode);
+ if(num_modes_seen > 1) {
+ ykp_set_device_chalresp_timeout(device_config, cr_timeout);
+ if(num_modes_seen > 2) {
+ ykp_set_device_autoeject_time(device_config, autoeject_timeout);
+ }
+ }
+
if(!yk_write_device_config(yk, device_config)) {
if(verbose)
printf(" failure\n");
projects / yubikey-personalization / commitdiff