titanous / yubikey Goto Github PK

View Code? Open in Web Editor NEW

139.0 8.0 35.0 549 KB

A Ruby library for verifying, decoding, decrypting and parsing Yubikey one-time passwords.

Home Page: http://rubygems.org/gems/yubikey

License: MIT License

Ruby 100.00%

yubikey's Introduction

yubikey

Description

A library to verify, decode, decrypt and parse Yubikey one-time passwords.

Usage

OTP Decryption

key = 'ecde18dbe76fbd0c33330f1c354871db'
otp = 'dteffujehknhfjbrjnlnldnhcujvddbikngjrtgh'
token = Yubikey::OTP.new(otp, key)

p "Device public id: #{token.public_id}" #=> 'dteffuje'
p "Device secret id: #{token.secret_id}" #=> '8792ebfe26cc'
p "Device insertions: #{token.insert_counter}" #=> 19
p "Session activation counter: #{token.session_counter}" #=> 17
p "Session timestamp: #{token.timestamp}" #=> 49712
p "OTP random data: #{token.random_number}" #=> 40904

OTP Verification

Use your own api_key and api_id, which you can get at yubico.com.

begin
  otp = Yubikey::OTP::Verify.new(:api_id => 1234,
                                 :api_key => 'NiSwGZBQ0gTbwXbRGWAf4kM5xXg=',
                                 :otp => 'dteffujehknhfjbrjnlnldnhcujvddbikngjrtgh')

  if otp.valid?
    p 'valid OTP'
  elsif otp.replayed?
    p 'replayed OTP'
  end
rescue Yubikey::OTP::InvalidOTPError
  p 'invalid OTP'
end

Install

Yubikey is available as a gem, to install it just install the gem:

gem install yubikey

If you're using Bundler, add the gem to Gemfile.

gem 'yubikey'

Then run bundle install.

Copyright

Ruby library

The MIT License. See LICENSE.

Contributors

List of contributors

yubikey's People

Contributors

Stargazers

Watchers

yubikey's Issues

Chain File is missing in gemspec. Intentional?

I've just tried out this gem and the otp validation example from the readme fails because the certificate file is not contained in the gem. As it is on github, I must assume that this is an error?

I would do a pull request, but wanted to check first if I missed something.

I've fixed this so far for me by downloading the pem and using args[:certificate_chain]

verify requires api_id and api_key

This is more like a question, than a problem report. I find myself in the position of fixing the yubikey_database_authenticatable gem (for use with Devise), in order to work with the 1.3 release. And I have got it working, but I'd like to get it working right.

The problem is that yubikey_database_authenticatable, when calling the OTP::Verify.new, needs to send the api_id and api_key parameters. Now, I started to fix this problem by adding a configuration module that allows me to set defaults for those two values in an initializer for my Rails app. But this gem feels like the wrong place to add this configuration, since yubikey_database_authenticatable doesn't need to do anything except pass those values thru. Yubikey gem is the one that requires these two parameters.

Would you accept a pull request to add a configuration module that sets defaults for api_id and api_key in the yubikey gem?

InvalidOTPError thrown on long OTPs

If the OTP is overly long, the following exception is thrown:

Yubikey::OTP::InvalidOTPError (OTP must be at least 32 characters of mod hex)

However, the yubico-c library handles long OTPs as follows:

./ykparse 15224a067211ac6107c7d816689325c3 7T7Vhuifidhviehgedecebechlcrugcheidvutctjjenreeteeduutirdh warning: overlong token, ignoring prefix: 7T7Vhuifidhviehgedecebechl

i.e. only take the last 32 characters. Unless there's another reason why, this library should probably try to strip to the last 32 chars then parse?

James

Migrate to Openssl ruby standard library

The previous crypt gem was yanked as noted: #5

make use of the all yubico api machines for fault tolerance

Currently using only api.yubico.com by default. Sync level is nice to have.

Should be querying all 5 api in case one is down.

api.yubico.com
api2.yubico.com
api3.yubico.com
api4.yubico.com

Specs fail with Ruby 2.0.0-p0

Failures:

  1) hex decodes hex to binary
     Failure/Error: should == "i\266H\034\213\253\242\266\016\217\"\027\233X\315V"
     ArgumentError:
       invalid byte sequence in UTF-8
     # ./spec/hex_spec.rb:12:in `block (2 levels) in <top (required)>'

  2) Yubikey::Modhex decodes modhex
     Failure/Error: Yubikey::ModHex.decode('hknhfjbrjnlnldnhcujvddbikngjrtgh').should == "i\266H\034\213\253\242\266\016\217\"\027\233X\315V"
     ArgumentError:
       invalid byte sequence in UTF-8
     # ./spec/yubikey/modhex_spec.rb:4:in `block (2 levels) in <top (required)>'

Warning/error about invalid gemspec

Attempting to use the current version, since a new gem for 1.3 is not available, I got this error:

Using yubikey (1.3.0) from git://github.com/titanous/yubikey.git (at master) 
yubikey at /Users/lori/.rvm/gems/jruby-1.7.3@rails3-bootstrap-devise-cancan/bundler/gems/yubikey-fd9fb1a4838d did not have a valid gemspec.
This prevents bundler from installing bins or native extensions, but that may not affect its functionality.
The validation message from Rubygems was:
  ["README.rdoc"] are not files

Your bundle is complete!
Use `bundle show [gemname]` to see where a bundled gem is installed.

Please release a new gem

1.4.0 is broken due to the missing chain.pem

titanous / yubikey Goto Github PK

yubikey's Introduction

yubikey

Description

Usage

OTP Decryption

OTP Verification

Install

Copyright

Ruby library

Contributors

yubikey's People

Contributors

Stargazers

Watchers

Forkers

yubikey's Issues

Recommend Projects

Recommend Topics

Recommend Org