From ff96dfb5186b1f44814e392009b42624ff67cf54 Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Tue, 17 Sep 2013 13:00:27 +0200 Subject: [PATCH] let -m take challengeresponse time and autoeject time as well --- tests/test_args_to_config.c | 16 ++++++++++++---- ykpers-args.c | 36 +++++++++++++++++------------------- ykpers-args.h | 3 ++- ykpersonalize.1 | 19 ++++++++++++++++--- ykpersonalize.c | 19 ++++++++++++++++++- 5 files changed, 65 insertions(+), 28 deletions(-) diff --git a/tests/test_args_to_config.c b/tests/test_args_to_config.c index 97169b4..b742844 100644 --- a/tests/test_args_to_config.c +++ b/tests/test_args_to_config.c @@ -117,7 +117,10 @@ int _test_config (YKP_CONFIG *cfg, YK_STATUS *st, int argc, char **argv) char *salt = NULL; char ndef[128]; char ndef_type = 0; - unsigned char usb_mode = -1; + unsigned char usb_mode = 0; + unsigned char cr_timeout = 0; + unsigned char autoeject_timeout = 0; + int num_modes_seen = 0; bool zap = false; unsigned char scan_map[sizeof(SCAN_MAP)]; @@ -144,7 +147,8 @@ int _test_config (YKP_CONFIG *cfg, YK_STATUS *st, int argc, char **argv) st, &verbose, &dry_run, access_code, &use_access_code, &aesviahash, &ndef_type, ndef, &usb_mode, &zap, - scan_map, &exit_code); + scan_map, &cr_timeout, &autoeject_timeout, &num_modes_seen, + &exit_code); return rc; } @@ -307,7 +311,10 @@ int _test_non_config_args(void) char *salt = NULL; char ndef[128]; char ndef_type = 0; - unsigned char usb_mode = -1; + unsigned char usb_mode = 0; + unsigned char cr_timeout = 0; + unsigned char autoeject_timeout = 0; + int num_modes_seen = 0; bool zap = false; unsigned char scan_map[sizeof(SCAN_MAP)]; @@ -339,7 +346,8 @@ int _test_non_config_args(void) st, &verbose, &dry_run, access_code, &use_access_code, &aesviahash, &ndef_type, ndef, &usb_mode, &zap, - scan_map, &exit_code); + scan_map, &cr_timeout, &autoeject_timeout, &num_modes_seen, + &exit_code); assert(rc == 1); i = strcmp(infname, "in"); assert(i == 0); i = strcmp(outfname, "out"); assert(i == 0); diff --git a/ykpers-args.c b/ykpers-args.c index dcfcdf4..66ea07e 100644 --- a/ykpers-args.c +++ b/ykpers-args.c @@ -73,12 +73,8 @@ const char *usage = " (this does NOT SET the access code, that's done with -oaccess=)\n" "-nXXX.. Write NDEF URI to YubiKey NEO, must be used with -1 or -2\n" "-tXXX.. Write NDEF text to YubiKey NEO, must be used with -1 or -2\n" -"-mMODE Set the USB operation mode of the YubiKey NEO.\n" -" Possible MODE arguments are:\n" -" 0 HID device only.\n" -" 1 CCID device only.\n" -" 2 HID/CCID composite device.\n" -" Add 80 to set MODE_FLAG_EJECT, for example: 81\n" +"-mMODE Set the USB device configuration of the YubiKey NEO.\n" +" See the manpage for details\n" "-S0605.. Set the scanmap to use with the YubiKey NEO. Must be 45 unique bytes,\n" " in hex. Use with no argument to reset to the default.\n" "-oOPTION change configuration option. Possible OPTION arguments are:\n" @@ -238,7 +234,9 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, YK_KEY *yk, unsigned char *access_code, bool *use_access_code, bool *aesviahash, char *ndef_type, char *ndef, unsigned char *usb_mode, bool *zap, - unsigned char *scan_bin, int *exit_code) + unsigned char *scan_bin, unsigned char *cr_timeout, + unsigned char *autoeject_timeout, int *num_modes_seen, + int *exit_code) { int c; const char *aeshash = NULL; @@ -437,19 +435,19 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, YK_KEY *yk, *exit_code = 1; return 0; } - if(optarg[1] != '\0') { - *usb_mode = (optarg[0] - '0') << 4; - optarg++; - } - if(optarg[1] == '\0') { - int mode = optarg[0] - '0'; - if(mode >= 0 && mode < MODE_MASK) { - *usb_mode |= mode; - usb_mode_seen = true; + unsigned char mode, crtime, autotime; + int matched = sscanf(optarg, "%hhx:%hhd:%hhd", &mode, &crtime, &autotime); + if(matched > 0) { + *usb_mode = mode; + if(matched > 1) { + *cr_timeout = crtime; + if(matched > 2) { + *autoeject_timeout = autotime; + } } - } - /* Only true if we've parsed a valid USB mode number */ - if(!usb_mode_seen) { + usb_mode_seen = true; + *num_modes_seen = matched; + } else { fprintf(stderr, "Invalid USB operation mode.\n"); *exit_code = 1; return 0; diff --git a/ykpers-args.h b/ykpers-args.h index 61e8c70..23e33e8 100644 --- a/ykpers-args.h +++ b/ykpers-args.h @@ -40,7 +40,8 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, YK_KEY *yk, YK_STATUS *st, bool *verbose, bool *dry_run, unsigned char *access_code, bool *use_access_code, bool *aesviahash, char *ndef_type, char *ndef, unsigned char *usb_mode, - bool *zap, unsigned char *scan_bin, int *exit_code); + bool *zap, unsigned char *scan_bin, unsigned char *cr_timeout, + unsigned char *autoeject_timeout, int *num_modes_seen, int *exit_code); void report_yk_error(void); diff --git a/ykpersonalize.1 b/ykpersonalize.1 index e311911..fc448a6 100644 --- a/ykpersonalize.1 +++ b/ykpersonalize.1 @@ -140,9 +140,22 @@ Version .RS .TP \fB-m mode\fR -set the mode of operation for the YubiKey NEO. 0 for HID device only, -1 for CCID device only and 2 for HID/CCID composite device. To set the -autoeject flag add 80, for example: 82. +set device configuration for the YubiKey NEO. It is parsed in the form +\fImode:cr_timeout:autoeject_timeout\fR +.br +where mode is: +.br +0 HID device only. +.br +1 CCID device only. +.br +2 HID/CCID composite device. +.br +Add 80 to set MODE_FLAG_EJECT, for example: 81 +.br +cr_timeout is the timeout in seconds for the YubiKey to wait on button press for challenge response (default is 15) +.br +autoeject_timeout is the timeout in seconds before the card is automatically ejected in mode 81 .TP \fB-S\fI0605...\fR set the scanmap to be used with the YubiKey NEO. It must be 45 unique diff --git a/ykpersonalize.c b/ykpersonalize.c index 0609843..8ad1682 100644 --- a/ykpersonalize.c +++ b/ykpersonalize.c @@ -63,6 +63,9 @@ int main(int argc, char **argv) char ndef_string[128] = {0}; char ndef_type = 0; unsigned char usb_mode = 0; + unsigned char cr_timeout = 0; + unsigned char autoeject_timeout = 0; + int num_modes_seen = 0; bool zap = false; bool error = false; @@ -125,7 +128,8 @@ int main(int argc, char **argv) st, &verbose, &dry_run, access_code, &use_access_code, &aesviahash, &ndef_type, ndef_string, - &usb_mode, &zap, scan_codes, &exit_code)) { + &usb_mode, &zap, scan_codes, &cr_timeout, + &autoeject_timeout, &num_modes_seen, &exit_code)) { goto err; } @@ -216,6 +220,12 @@ int main(int argc, char **argv) fprintf(stderr, "New NDEF will be written as:\n%s\n", ndef_string); } else if(ykp_command(cfg) == SLOT_DEVICE_CONFIG) { fprintf(stderr, "The USB mode will be set to: 0x%x\n", usb_mode); + if(num_modes_seen > 1) { + fprintf(stderr, "The challenge response timeout will be set to: %d\n", cr_timeout); + if(num_modes_seen > 2) { + fprintf(stderr, "The smartcard autoeject timeout will be set to: %d\n", autoeject_timeout); + } + } } else if(ykp_command(cfg) == SLOT_SCAN_MAP) { fprintf(stderr, "A new scanmap will be written.\n"); } else if(zap) { @@ -275,6 +285,13 @@ int main(int argc, char **argv) } else if(ykp_command(cfg) == SLOT_DEVICE_CONFIG) { YK_DEVICE_CONFIG *device_config = ykp_alloc_device_config(); ykp_set_device_mode(device_config, usb_mode); + if(num_modes_seen > 1) { + ykp_set_device_chalresp_timeout(device_config, cr_timeout); + if(num_modes_seen > 2) { + ykp_set_device_autoeject_time(device_config, autoeject_timeout); + } + } + if(!yk_write_device_config(yk, device_config)) { if(verbose) printf(" failure\n"); -- 2.39.5