mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 12:21:35 +00:00
Yubikey updates. Fixes #1862
This commit is contained in:
@@ -19,12 +19,11 @@
|
|||||||
"""YubiKey"""
|
"""YubiKey"""
|
||||||
|
|
||||||
import base64
|
import base64
|
||||||
|
from datetime import datetime, timedelta
|
||||||
from secrets import SystemRandom
|
from secrets import SystemRandom
|
||||||
import string
|
import string
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
import arrow
|
|
||||||
|
|
||||||
from gam import mplock
|
from gam import mplock
|
||||||
|
|
||||||
from gam import systemErrorExit
|
from gam import systemErrorExit
|
||||||
@@ -41,7 +40,6 @@ from ykman.piv import generate_self_signed_certificate, generate_chuid
|
|||||||
from yubikit.piv import DEFAULT_MANAGEMENT_KEY, \
|
from yubikit.piv import DEFAULT_MANAGEMENT_KEY, \
|
||||||
InvalidPinError, \
|
InvalidPinError, \
|
||||||
KEY_TYPE, \
|
KEY_TYPE, \
|
||||||
MANAGEMENT_KEY_TYPE, \
|
|
||||||
PIN_POLICY, \
|
PIN_POLICY, \
|
||||||
PivSession, \
|
PivSession, \
|
||||||
OBJECT_ID, \
|
OBJECT_ID, \
|
||||||
@@ -149,17 +147,17 @@ class YubiKey():
|
|||||||
piv.change_puk('12345678', new_puk)
|
piv.change_puk('12345678', new_puk)
|
||||||
piv.change_pin('123456', new_pin)
|
piv.change_pin('123456', new_pin)
|
||||||
writeStdout(Msg.YUBIKEY_PIN_SET_TO.format(new_pin))
|
writeStdout(Msg.YUBIKEY_PIN_SET_TO.format(new_pin))
|
||||||
piv.authenticate(MANAGEMENT_KEY_TYPE.TDES, DEFAULT_MANAGEMENT_KEY)
|
piv.authenticate(piv.management_key_type, DEFAULT_MANAGEMENT_KEY)
|
||||||
piv.verify_pin(new_pin)
|
piv.verify_pin(new_pin)
|
||||||
writeStdout(Msg.YUBIKEY_GENERATING_NONEXPORTABLE_PRIVATE_KEY)
|
writeStdout(Msg.YUBIKEY_GENERATING_NONEXPORTABLE_PRIVATE_KEY)
|
||||||
pubkey = piv.generate_key(SLOT.AUTHENTICATION,
|
pubkey = piv.generate_key(SLOT.AUTHENTICATION,
|
||||||
KEY_TYPE.RSA2048,
|
KEY_TYPE.RSA2048,
|
||||||
PIN_POLICY.ALWAYS,
|
PIN_POLICY.ALWAYS,
|
||||||
TOUCH_POLICY.NEVER)
|
TOUCH_POLICY.NEVER)
|
||||||
now = arrow.utcnow()
|
now = datetime.utcnow()
|
||||||
valid_to = now.shift(days=36500)
|
valid_to = now + timedelta(days=3650)
|
||||||
subject = 'CN=GAM Created Key'
|
subject = 'CN=GAM Created Key'
|
||||||
piv.authenticate(MANAGEMENT_KEY_TYPE.TDES, DEFAULT_MANAGEMENT_KEY)
|
piv.authenticate(piv.management_key_type, DEFAULT_MANAGEMENT_KEY)
|
||||||
piv.verify_pin(new_pin)
|
piv.verify_pin(new_pin)
|
||||||
cert = generate_self_signed_certificate(piv,
|
cert = generate_self_signed_certificate(piv,
|
||||||
SLOT.AUTHENTICATION,
|
SLOT.AUTHENTICATION,
|
||||||
|
|||||||
Reference in New Issue
Block a user