yubioath 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8eb587a6db8969e2eda9a0d2d803ac5588436469
-  data.tar.gz: 7876610c35706ce8c4df01d98eb896aa1ef999a2
+  metadata.gz: 8cafd4ebf2444b9e960b25d326c7357d7d31583f
+  data.tar.gz: f2a66945a9c2355e24dd1717b58cf57c522473e0
 SHA512:
-  metadata.gz: b0c6e55417ec96be82a2783399416b056930399d54ffcf48d8c72433fa1f6183da3f98edecc33b459250b44296f539ab8338aa54fd62bc37e6899a43577e211b
-  data.tar.gz: 77237c1030bc425b2dd2128d7777dae8e76a67086843542058f03f097f509ddcca15d171eebfe25853c29d6419db69998d628138b27428e915b0ba746f80dc0c
+  metadata.gz: 90d0ee58ddb0904823589b38a142905f5321dfcd00bd0b5692e5d16aa9e778373e0391935fff8d497201031e0aa18562b709cec0e3c55282c9a11df076d90ac5
+  data.tar.gz: 4b447d74069a87c974425b6920c3b52d15e3cb4b8096355b906f849e655955266edad2cd22119e1b1c10a263828143e1c4d927c76ca28ea6528cfa67ecc0c99a

data/.ruby-version

@@ -1 +1 @@
-2.2
+2.2.0

data/exe/yubioath

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+$LOAD_PATH.unshift File.expand_path(File.join(__dir__, '..', 'lib'))
+require 'cli'
+CLI.start

data/lib/card.rb

@@ -1,13 +1,24 @@
 require 'smartcard'
+require 'yubioath'
 
 class Card
-  def initialize
-    Context.new do |context|
+  def initialize(name:)
+    @name = name
+  end
+
+  def yubioath
+    tap do |card|
+      yield YubiOATH.new(card)
+    end
+  end
+
+  private
+
+  def tap(&block)
+    Context.tap do |context|
       begin
-        fail 'Unable to find exactly ONE smart card' unless context.readers.count == 1
-        name = context.readers.first
-        card = context.card(name)
-        yield card
+        card = context.card(@name)
+        block.call(card)
       ensure
         card.disconnect unless card.nil?
       end
@@ -15,9 +26,9 @@ class Card
   end
 
   class Context
-    def initialize
+    def self.tap(&block)
       context = Smartcard::PCSC::Context.new
-      yield context
+      block.call(context)
     ensure
       context.release
     end

data/lib/cli.rb

@@ -0,0 +1,51 @@
+require 'thor'
+require 'card'
+
+class CLI < Thor
+  package_name 'yubioath'
+
+  desc 'list', 'list current OTP tokens'
+  def list
+    card.yubioath do |yubioath|
+      all = yubioath.calculate_all(timestamp: Time.now)
+
+      STDOUT.puts
+      STDOUT.puts 'YubiOATH Tokens:'
+      STDOUT.puts '----------------'
+
+      all[:codes].each_with_index do |token, index|
+        STDOUT.puts "#{index+1}. #{token.name}: #{token.code}"
+      end
+    end
+  end
+
+  desc 'token NAME', 'get the current OTP value for NAME'
+  def token(name)
+    card.yubioath do |yubioath|
+      token = yubioath.calculate(name: name, timestamp: Time.now)
+      STDOUT.print token.code
+    end
+  end
+
+  desc 'add NAME SECRET', 'add a new OTP secret'
+  def add(name, secret)
+    card.yubioath do |yubioath|
+      response = yubioath.put(name: name, secret: secret, algorithm: 'SHA256', type: 'totp', digits: 6)
+      throw unless response.success?
+    end
+  end
+
+  desc 'delete NAME', 'remove the OTP token called NAME'
+  def delete(name)
+    card.yubioath do |yubioath|
+      response = yubioath.send(name: name)
+      throw unless response.success?
+    end
+  end
+
+  private
+
+  def card
+    @card ||= Card.new(name: 'Yubico Yubikey NEO OTP+CCID')
+  end
+end

data/lib/yubioath.rb

@@ -1,4 +1,65 @@
-module YubiOATH
-  CLA = 0x00
+require 'bindata'
+require 'yubioath/instructions'
+require 'yubioath/response'
+
+class YubiOATH
   AID = [0xA0, 0x00, 0x00, 0x05, 0x27, 0x21, 0x01, 0x01]
+
+  def initialize(card)
+    @card = card
+    select(AID)
+  end
+
+  def calculate(name:, timestamp:)
+    data = Calculate::Request::Data.new(name: name, timestamp: timestamp.to_i / 30)
+    request = Calculate::Request.new(data: data.to_binary_s)
+    response = Response.read(@card.transmit(request.to_binary_s))
+    throw unless response.success?
+    Calculate::Response.read(response.data)
+  end
+
+  def calculate_all(timestamp:)
+    data = CalculateAll::Request::Data.new(timestamp: timestamp.to_i / 30)
+    request = CalculateAll::Request.new(data: data.to_binary_s)
+    response = Response.read(@card.transmit(request.to_binary_s))
+    throw unless response.success?
+    CalculateAll::Response.read(response.data)
+  end
+
+  def delete(name:)
+    data = Delete::Request::Data.new(name: name)
+    request = Delete::Request.new(data: data.to_binary_s)
+    Response.read(@card.transmit(request.to_binary_s))
+  end
+
+  def list
+    request = List::Request.new.to_binary_s
+    response = Response.read(@card.transmit(request))
+    throw unless response.success?
+    List::Response.read(response.data)
+  end
+
+  def put(name:, secret:, algorithm:, type:, digits:)
+    data = Put::Request::Data.new(
+      name: name,
+      key_algorithm: (Put::ALGORITHMS[algorithm] | Put::TYPES[type]),
+      digits: digits,
+      secret: secret,
+    )
+    request = Put::Request.new(data: data.to_binary_s)
+    Response.read(@card.transmit(request.to_binary_s))
+  end
+
+  def reset
+    Response.read(@card.transmit(Reset::Request.new.to_binary_s))
+  end
+
+  private
+
+  def select(aid)
+    request = Select::Request.new(aid: aid).to_binary_s
+    response = Response.read(@card.transmit(request))
+    throw unless response.success?
+    Select::Response.read(response.data)
+  end
 end

data/lib/yubioath/calculate.rb

@@ -0,0 +1,39 @@
+require 'bindata'
+
+class YubiOATH
+  class Calculate
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0xA2
+      uint8 :p1, value: 0x00
+      uint8 :p2, value: 0x01
+      uint8 :data_length, value: -> { data.length }
+      string :data
+
+      class Data < BinData::Record
+        uint8 :name_tag, value: 0x71
+        uint8 :name_length, value: -> { name.length }
+        string :name
+
+        uint8 :challenge_tag, value: 0x74
+        uint8 :challenge_length, value: 8
+        uint64be :timestamp
+      end
+    end
+
+    class Response < BinData::Record
+      class Code < BinData::Record
+        uint8 :digits
+        uint32be :response
+
+        def to_s
+          (response % 10**digits).to_s.rjust(digits, '0')
+        end
+      end
+
+      uint8 :response_tag
+      uint8 :response_length
+      code :code, read_length: :response_length
+    end
+  end
+end

data/lib/yubioath/calculate_all.rb

@@ -0,0 +1,41 @@
+require 'bindata'
+
+class YubiOATH
+  class CalculateAll
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0xA4
+      uint8 :p1, value: 0x00
+      uint8 :p2, value: 0x01
+      uint8 :data_length, value: -> { data.length }
+      string :data
+
+      class Data < BinData::Record
+        uint8 :challenge_tag, value: 0x74
+        uint8 :challenge_length, value: 8
+        uint64be :timestamp
+      end
+    end
+
+    class Response < BinData::Record
+      class Code < BinData::Record
+        uint8 :digits
+        uint32be :response
+
+        def to_s
+          (response % 10**digits).to_s.rjust(digits, '0')
+        end
+      end
+
+      array :codes, read_until: :eof do
+        uint8 :name_tag
+        uint8 :name_length
+        string :name, read_length: :name_length
+
+        uint8 :response_tag
+        uint8 :response_length
+        code :code, read_length: :response_length
+      end
+    end
+  end
+end

data/lib/yubioath/delete.rb

@@ -0,0 +1,20 @@
+require 'bindata'
+
+class YubiOATH
+  class Delete
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0x02
+      uint8 :p1, value: 0x00
+      uint8 :p2, value: 0x00
+      uint8 :data_length, value: -> { data.length }
+      string :data
+
+      class Data < BinData::Record
+        uint8 :name_tag, value: 0x71
+        uint8 :name_length, value: -> { name.length }
+        string :name
+      end
+    end
+  end
+end

data/lib/yubioath/instructions.rb

@@ -0,0 +1,7 @@
+require 'yubioath/calculate'
+require 'yubioath/calculate_all'
+require 'yubioath/delete'
+require 'yubioath/list'
+require 'yubioath/put'
+require 'yubioath/reset'
+require 'yubioath/select'

data/lib/yubioath/list.rb

@@ -0,0 +1,20 @@
+require 'bindata'
+
+class YubiOATH
+  class List
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0xA1
+      uint8 :p1, value: 0x00
+      uint8 :p2, value: 0x00
+    end
+
+    class Response < BinData::Record
+      array :codes, read_until: :eof do
+        uint8 :name_tag
+        uint8 :name_length
+        string :name, read_length: :name_length
+      end
+    end
+  end
+end

data/lib/yubioath/put.rb

@@ -0,0 +1,30 @@
+require 'bindata'
+
+class YubiOATH
+  class Put
+    ALGORITHMS = {'SHA1' => 0x01, 'SHA256' => 0x02}
+    TYPES = {'hotp' => 0x10, 'totp' => 0x20}
+
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0x01
+      uint8 :p1, value: 0x00
+      uint8 :p2, value: 0x00
+      uint8 :data_length, value: -> { data.length }
+      string :data
+
+      class Data < BinData::Record
+        uint8 :name_tag, value: 0x71
+        uint8 :name_length, value: -> { name.length }
+        string :name
+
+        uint8 :key_tag, value: 0x73
+        uint8 :key_length, value: -> { secret.length + 2 }
+        uint8 :key_algorithm
+
+        uint8 :digits
+        string :secret
+      end
+    end
+  end
+end

data/lib/yubioath/reset.rb

@@ -0,0 +1,12 @@
+require 'bindata'
+
+class YubiOATH
+  class Reset
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0x04
+      uint8 :p1, value: 0xDE
+      uint8 :p2, value: 0xAD
+    end
+  end
+end

data/lib/yubioath/response.rb

@@ -0,0 +1,13 @@
+require 'bindata'
+
+class YubiOATH
+  class Response < BinData::Record
+    count_bytes_remaining :data_length
+    string :data, read_length: -> { data_length - 2 }
+    array :success, type: :uint8, initial_length: 2
+
+    def success?
+      success == [0x90, 0x00]
+    end
+  end
+end

data/lib/yubioath/select.rb

@@ -0,0 +1,24 @@
+require 'bindata'
+
+class YubiOATH
+  class Select
+    class Request < BinData::Record
+      uint8 :cla, value: 0x00
+      uint8 :ins, value: 0xA4
+      uint8 :p1, value: 0x04
+      uint8 :p2, value: 0x00
+      uint8 :aid_length, value: -> { aid.length }
+      array :aid, type: :uint8
+    end
+
+    class Response < BinData::Record
+      uint8 :version_tag, assert: 0x79
+      uint8 :version_length
+      array :version, type: :uint8, initial_length: :version_length
+
+      uint8 :name_tag, assert: 0x71
+      uint8 :name_length
+      array :name, type: :uint8, initial_length: :name_length
+    end
+  end
+end

data/yubioath.gemspec

@@ -4,20 +4,22 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |spec|
   spec.name          = 'yubioath'
-  spec.version       = '0.0.1'
+  spec.version       = '0.1.0'
   spec.authors       = ['James Ottaway']
-  spec.email         = ['git@james.ottaway.io']
+  spec.email         = ['yubioath@james.ottaway.io']
   spec.summary       = 'Securely manage your 2FA tokens using your Yubikey NEO'
   spec.homepage      = 'https://github.com/jamesottaway/yubioath'
   spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0")
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'thor', '~> 0.19.1'
   spec.add_dependency 'bindata', '~> 2.1'
-  spec.add_dependency 'smartcard', '~> 0.5'
+  spec.add_dependency 'smartcard', '~> 0.5.5'
 
   spec.add_development_dependency 'bundler', '~> 1.7'
   spec.add_development_dependency 'rake', '~> 10.0'

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: yubioath
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - James Ottaway
 autorequire: 
-bindir: bin
+bindir: exe
 cert_chain: []
-date: 2015-03-16 00:00:00.000000000 Z
+date: 2015-06-27 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.19.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.19.1
 - !ruby/object:Gem::Dependency
   name: bindata
   requirement: !ruby/object:Gem::Requirement
@@ -30,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.5.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.5.5
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -68,8 +82,9 @@ dependencies:
         version: '10.0'
 description: 
 email:
-- git@james.ottaway.io
-executables: []
+- yubioath@james.ottaway.io
+executables:
+- yubioath
 extensions: []
 extra_rdoc_files: []
 files:
@@ -80,8 +95,19 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- exe/yubioath
 - lib/card.rb
+- lib/cli.rb
 - lib/yubioath.rb
+- lib/yubioath/calculate.rb
+- lib/yubioath/calculate_all.rb
+- lib/yubioath/delete.rb
+- lib/yubioath/instructions.rb
+- lib/yubioath/list.rb
+- lib/yubioath/put.rb
+- lib/yubioath/reset.rb
+- lib/yubioath/response.rb
+- lib/yubioath/select.rb
 - yubioath.gemspec
 homepage: https://github.com/jamesottaway/yubioath
 licenses: