seedkeeper-manager 5.9.2__tar.gz

seedkeeper_manager-5.9.2/COPYING

@@ -0,0 +1,26 @@
+Copyright (c) 2015 Yubico AB
+All rights reserved.
+
+  Redistribution and use in source and binary forms, with or
+  without modification, are permitted provided that the following
+  conditions are met:
+
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above
+      copyright notice, this list of conditions and the following
+      disclaimer in the documentation and/or other materials provided
+      with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.

seedkeeper_manager-5.9.2/NEWS

@@ -0,0 +1,404 @@
+* Version 5.9.1 (released 2026-04-15)
+ ** Restrict DLL search paths (YSA-2026-01).
+ ** Improve device information when listing YubiKeys with no serial number visible over OTP.
+ ** Windows and MacOS installers build with Python 3.14.4
+
+* Version 5.9.0 (released 2026-01-22)
+ ** OATH: Add support for importing credentials from PSKC files.
+ ** OATH: Add --generate flag to "oath accounts add" command to generate random secrets.
+ ** CLI: Include attached devices in error output when device selection fails.
+ ** PIV: Add support for decompressing certificates using CXF.
+ ** PIV: Correct display of PIN attempts remaining when >= 15.
+ ** PIV: Deprecate ykman.piv.parse_rfc4514_string. Use from_rfc4514_string from cryptography instead.
+ ** OpenPGP: Improve error handling for YubiKey NEO.
+ ** HSM Auth: Add "hsmauth credentials change-password" command.
+ ** Bugfix: Fix error handling in "apdu" command.
+ ** Dependency: Add python-pskc library for PSKC support.
+ ** Windows and MacOS installers built with Python 3.14.2
+
+* Version 5.8.0 (released 2025-09-03)
+ ** Python 3.10 or later is now required.
+ ** CLI: The "otp settings" command now supports --serial-usb-visible.
+ ** CLI: List PIV "retired" key slots after normal slots.
+ ** CLI: Add --no-update-chuid to "piv certificate" commands.
+ ** CLI: Improve "fido" command error handing when FIDO2 is disabled/missing.
+ ** CLI: Support "fido reset" when multiple keys are connected.
+ ** Windows CLI: Fix issue with command line arguments starting with "~".
+ ** Add "YkmanDevice.reinsert" method to simplify reconnecting a YubiKey.
+ ** PIV: Add "PivSession.get_serial" method.
+ ** Building the project now uses uv.
+ ** Windows and MacOS installers built with Python 3.13.7
+
+* Version 5.7.2 (released 2025-06-09)
+  This is a Windows-only patch release.
+ ** FIDO reset over NFC on Windows fixed.
+ ** Windows installer built with Python 3.13.4
+
+* Version 5.7.1 (released 2025-06-09)
+ ** Bugfix: Fix OTP connections for YubiKeys with all other USB interfaces deactivated.
+ ** Windows and MacOS installers built with Python 3.13.4
+
+* Version 5.7.0 (released 2025-05-28)
+ ** Python 3.9 or later is now required.
+ ** PIV: Improve error handling for the Printed data slot.
+ ** PIV: Improve error handling when decompressing malformed certificates.
+ ** Fix incompatibility with pyscard 2.2.2.
+ ** Improve compatibility with NFC readers that don't support extended APDUs.
+ ** Building the project now requires Poetry version 2.0 or later.
+ ** Windows and MacOS installers built with Python 3.13.3
+
+* Version 5.6.1 (released 2025-03-18)
+ ** Fix: Version 5.6.0 uses Exclusive smart card connections, which caused connections
+    to fail if another application was accessing the YubiKey. This version adds a
+    fallback to use non-exclusive connections in case of such a failure.
+ ** Bugfix: APDU encoding was slightly incorrect for commands which specify Le, but no
+    data body. This caused issued on some platforms.
+ ** CLI: The "fido info" command now shows the YubiKey AAGUID, when available.
+
+* Version 5.6.0 (released 2025-03-12)
+ ** SCP: Add support for specifying Le (needed in OpenPGP get_challenge).
+ ** PIV: When writing a new CHUID, prefer to keep data from the old one if possible.
+ ** CLI: Specifying public-key is now optional when generating a PIV certificate,
+    if a public key can be read from the YubiKey itself.
+ ** CLI: (YK FIPS) Disallow --protect for PIV when not in FIPS approved state.
+ ** CLI: Support specifying Le in "apdu" command.
+ ** CLI: Show OpenPGP key information in "openpgp info" and "openpgp keys info" commands.
+ ** CLI: Detect OpenPGP memory corruption, and correctly factory reset OpenPGP if needed.
+ ** CLI: Don't fail on corrupted configuration files, instead show a warning.
+ ** Require Poetry >= 2.0 for building and packaging of the library.
+ ** Bugfix: CLI - Don't use extended APDUs in the "apdu" command on old YubiKeys which
+    do not support it.
+
+* Version 5.5.1 (released 2024-07-01)
+ ** Bugfix: CLI - Don't use formatting that doesn't work on older Python versions.
+    Note: As the 5.5.0 installers bundle Python 3.12, this will be a source-only release.
+
+* Version 5.5.0 (released 2024-06-26)
+ ** Add Secure Channel support to smartcard sessions.
+ ** Support extended APDUs in the "apdu" command (this is now the default).
+ ** HSMAuth: Treat management key as a PIN/password instead of a key, adding new CLI
+    commands.
+ ** PIV: Deprecate explicit passing of management key type when authenticating.
+ ** CLI: Add "config nfc --restrict" command to set "NFC restricted mode".
+ ** CLI: Display more information about PIN complexity and FIPS status for compatible
+    YubiKeys.
+ ** CLI: Improved error messages for illegal values of PIV PIN and PUK.
+ ** CLI: Drop error messages for old 3.x commands.
+ ** CLI: Removal of --upload for YubiCloud credentials. Export to CSV and upload via web
+    instead.
+ ** CLI: Add more detailed information to the CLI output for several commands.
+
+* Version 5.4.0 (released 2024-03-27)
+ ** Support for YubiKey Bio Multi-protocol Edition.
+ ** CLI: Improve error messages for several failures.
+ ** Attempt to send SIGHUP to yubikey-agent if it is blocking the connection.
+ ** Bugfix: Allow "fido config" to work when no PIN is set on the YubiKey.
+ ** Bugfix: MacOS - Fix race condition resulting in unneeded delay in fido commands over
+    USB.
+ ** Bugfix: Linux - Fix error when listing OTP devices when no YubiKeys are attached.
+ ** Bugfix: OpenPGP - Fix RSA key generation on YubiKey NEO.
+
+* Version 5.3.0 (released 2024-01-31)
+ ** FIDO: Add new CLI commands for PIN management and authenticator config
+    (force-change, set-min-length, toggle-always-uv, enable-ep-attestation).
+ ** PIV: Improve handling of legacy "PUK blocked" flag.
+ ** PIV: Improve handling of malformed certificates.
+ ** PIV: Display key information in "piv info" output on supported devices.
+ ** OTP: Fix some commands incorrectly showing errors when used over NFC/CCID.
+ ** Add tab-completion for YubiKey serial numbers and NFC readers.
+
+* Version 5.2.1 (released 2023-10-10)
+ ** Add support for Python 3.12.
+ ** OATH: detect and remove corrupted credentials.
+ ** Bugfix: HSMAUTH: Fix order of CLI arguments.
+
+* Version 5.2.0 (released 2023-08-21)
+ ** PIV: Support for compressed certificates.
+ ** OpenPGP: Use InvalidPinError for wrong PIN.
+ ** Add YubiHSM Auth application support.
+ ** Improved API documentation.
+ ** Scripting: Add name attribute to device.
+ ** Bugfix: PIV: don't throw InvalidPasswordError on malformed PEM private key.
+
+* Version 5.1.1 (released 2023-04-27)
+ ** Bugfix: PIV: string representation of SLOT caused infinite loop on Python <3.11.
+ ** Bugfix: Fix errors in 'ykman config nfc' on YubiKeys without NFC capability.
+ ** Bugfix: Fix error message shown when invalid modhex input length given for YubiOTP.
+
+* Version 5.1.0 (released 2023-04-17)
+ ** Add OpenPGP functionality to supported API.
+ ** Add PIV key info command to CLI.
+ ** PIV: Support signing prehashed data via API.
+ ** Bugfix: Fix signing PIV certificates/CSRs with key that always requires PIN.
+ ** Bugfix: Fix incorrect display name detection for certain keys over NFC.
+
+* Version 5.0.1 (released 2023-01-17)
+ ** Bugfix: Fix the interactive confirmation prompt for some CLI commands.
+ ** Bugfix: OpenPGP Signature PIN policy values were swapped.
+ ** Bugfix: FIDO: Handle discoverable credentials that are missing name or displayName.
+ ** Add support for Python 3.11.
+ ** Remove extra whitespace characters from CLI into command output.
+
+* Version 5.0.0 (released 2022-10-19)
+ ** Various cleanups and improvements to the API.
+ ** Improvements to the handling of YubiKeys and connections.
+ ** Command aliases for ykman 3.x (introduced in ykman 4.0) have now been dropped.
+ ** Installers for ykman are now provided for Windows (amd64) and MacOS (universal2).
+ ** Logging has been improved, and a new TRAFFIC level has been introduced.
+ ** The codebase has been improved for scripting usage, either directly as a Python
+    module, or via the new "ykman script" command.
+    See doc/Scripting.adoc, doc/Library_Usage.adoc, and examples/ for more details.
+ ** PIV: Add support for dotted-string OIDs when parsing RFC4514 strings.
+ ** PIV: Drop support for signing certificates and CSRs with SHA-1.
+ ** FIDO: Credential management commands have been improved to deal with ambiguity
+    in certain cases.
+ ** OATH: Access Keys ("remembered" passwords) are now stored in the system keyring.
+ ** OpenPGP: Commands have been added to manage PINs.
+
+* Version 4.0.9 (released 2022-06-17)
+ ** Dependency: Add support for python-fido2 1.x
+ ** Fix: Drop stated support for Click 6 as features from 7 are being used.
+
+* Version 4.0.8 (released 2022-01-31)
+ ** Bugfix: Fix error message for invalid modhex when programing a YubiOTP credential.
+ ** Bugfix: Fix issue with displaying a Steam credential when it is the only account.
+ ** Bugfix: Prevent installation of files in site-packages root.
+ ** Bugfix: Fix cleanup logic in PIV for protected management key.
+ ** Add support for token identifier when programming slot-based HOTP.
+ ** Add support for programming NDEF in text mode.
+ ** Dependency: Add support for Cryptography <= 38.
+
+* Version 4.0.7 (released 2021-09-08)
+ ** Bugfix release: Fix broken naming for "YubiKey 4", and a small OATH issue with
+    touch Steam credentials.
+
+* Version 4.0.6 (released 2021-09-08)
+ ** Improve handling of YubiKey device reboots.
+ ** More consistently mask PIN/password input in prompts.
+ ** Support switching mode over CCID for YubiKey Edge.
+ ** Run pkill from PATH instead of fixed location.
+
+* Version 4.0.5 (released 2021-07-16)
+ ** Bugfix: Fix PIV feature detection for some YubiKey NEO versions.
+ ** Bugfix: Fix argument short form for --period when adding TOTP credentials.
+ ** Bugfix: More strict validation for some arguments, resulting in better error messages.
+ ** Bugfix: Correctly handle TOTP credentials using period != 30 AND touch_required.
+ ** Bugfix: Fix prompting for access code in the otp settings command (now uses "-A -").
+
+* Version 4.0.3 (released 2021-05-17)
+ ** Add support for fido reset over NFC.
+ ** Bugfix: The --touch argument to piv change-management-key was ignored.
+ ** Bugfix: Don't prompt for password when importing PIV key/cert if file is invalid.
+ ** Bugfix: Fix setting touch-eject/auto-eject for YubiKey 4 and NEO.
+ ** Bugfix: Detect PKCS#12 format when outer sequence uses indefinite length.
+ ** Dependency: Add support for Click 8.
+
+* Version 4.0.2 (released 2021-04-12)
+ ** Update device names.
+ ** Add read_info output to the --diagnose command, and show exception types.
+ ** Bugfix: Fix read_info for YubiKey Plus.
+
+* Version 4.0.1 (released 2021-03-29)
+ ** Add support for YK5-based FIPS YubiKeys.
+ ** Bugfix: Fix OTP device enumeration on Win32.
+
+* Version 4.0.0 (released 2021-03-02)
+ ** Drop support for Python < 3.6.
+ ** Drop reliance on libusb and libykpersonalize.
+ ** Support the "fido" and "otp" subcommands over NFC (using the --reader flag)
+ ** New "ykman --diagnose" command to aid in troubleshooting.
+ ** New "ykman apdu" command for sending raw APDUs over the smart card interface.
+ ** Restructuring of subcommands, with aliases for old versions (to be removed
+    in a future release).
+ ** Major changes to the underlying "library" code:
+  *** New "yubikit" package added for custom development and advanced scripting.
+  *** Type hints added for a large part of the "public" API.
+ ** OpenPGP: Add support for KDF enabled YubiKeys.
+ ** Static password: Add support for FR, IT, UK and BEPO keyboard layouts.
+
+* Version 3.1.2 (released 2021-01-21)
+ ** Bugfix release: Fix dependency on python-fido2 version.
+
+* Version 3.1.1 (released 2020-01-29)
+ ** Add support for YubiKey 5C NFC
+ ** OpenPGP: set-touch now performs compatibility checks before prompting for PIN
+ ** OpenPGP: Improve error messages and documentation for set-touch
+ ** PIV: read-object command no longer adds a trailing newline
+ ** CLI: Hint at missing permissions when opening a device fails
+ ** Linux: Improve error handling when pcscd is not running
+ ** Windows: Improve how .DLL files are loaded, thanks to Marius Gabriel Mihai for reporting this!
+ ** Bugfix: set-touch now accepts the cached-fixed option
+ ** Bugfix: Fix crash in OtpController.prepare_upload_key() error parsing
+ ** Bugfix: Fix crash in piv info command when a certificate slot contains an invalid certificate
+ ** Library: PivController.read_certificate(slot) now wraps certificate parsing exceptions in new exception type `InvalidCertificate`
+ ** Library: PivController.list_certificates() now returns `None` for slots containing invalid certificate, instead of raising an exception
+
+* Version 3.1.0 (released 2019-08-20)
+ ** Add support for YubiKey 5Ci
+ ** OpenPGP: the info command now prints OpenPGP specification version as well
+ ** OpenPGP: Update support for attestation to match OpenPGP v3.4
+ ** PIV: Use UTC time for self-signed certificates
+ ** OTP: Static password now supports the Norman keyboard layout
+
+* Version 3.0.0 (released 2019-06-24)
+ ** Add support for new YubiKey Preview and lightning form factor
+ ** FIDO: Support for credential management
+ ** OpenPGP: Support for OpenPGP attestation, cardholder certificates and cached touch policies
+ ** OTP: Add flag for using numeric keypad when sending digits
+
+* Version 2.1.1 (released 2019-05-28)
+ ** OTP: Add initial support for uploading Yubico OTP credentials to YubiCloud
+ ** Don't automatically select the U2F applet on YubiKey NEO, it might be blocked by the OS
+ ** ChalResp: Always pad challenge correctly
+ ** Bugfix: Don't crash with older versions of cryptography
+ ** Bugfix: Password was always prompted in OATH command, even if sent as argument
+
+* Version 2.1.0 (released 2019-03-11)
+ ** Add --reader flag to ykman list, to list available smart card readers
+ ** FIPS: Checking if a YubiKey FIPS is in FIPS mode is now opt-in, with the --check-fips flag
+ ** PIV: Add commands for writing and reading arbitrary PIV objects
+ ** PIV: Verify that the PIN must be between 6 - 8 characters long
+ ** PIV: In import-certificate, make the verification that the certificate and private key matches opt-in, with the --verify flag
+ ** PIV: The piv info command now shows the serial number of the certificates
+ ** PIV: The piv info command now shows the full Distinguished Name (DN) of the certificate subject and issuer, if possible
+ ** PIV: Malformed certificates are now handled better
+ ** OpenPGP: The openpgp touch command now shows current touch policies
+ ** The ykman usb/nfc config command now accepts openpgp as well as opgp as an argument
+ ** Bugfix: Fix support for german (DE) keyboard layout for static passwords
+
+* Version 2.0.0 (released 2019-01-09)
+ ** Add support for Security Key NFC
+ ** Add experimental support for external smart card reader. See --reader flag
+ ** Add a minimal manpage
+ ** Add examples in help texts
+ ** PIV: update CHUID when importing a certificate
+ ** PIV: Optionally validate that private key and certificate match when importing a certificate (on by default in CLI)
+ ** PIV: Improve support for importing certificate chains and .PEM files with comments
+ ** Breaking API changes:
+  *** Merge CCID status word constants into a single SW enum in ykman.driver_ccid
+  *** Throw custom exception types instead of raw APDUErrors from many methods of PivController
+  *** Write CLI prompts to standard error instead of standard output
+  *** Replace function `ykman.util.parse_certificate` with `parse_certificates` which returns a list
+
+* Version 1.0.1 (released 2018-10-10)
+ ** Support for YubiKey 5A
+ ** OATH: Ignore extra parameters in URI parsing
+ ** Bugfix: Never say that NFC is supported for YubiKeys without NFC
+
+* Version 1.0.0 (released 2018-09-24)
+ ** Add support for YubiKey 5 Series
+ ** Config: Add flag to generate a random configuration lock
+ ** OATH: Give a proper error message when a touch credential times out
+ ** NDEF: Allow setting the NDEF prefix from the CLI
+ ** FIDO: Block reset when multiple YubiKeys are connected
+
+* Version 0.7.1 (released 2018-07-09)
+ ** Support for YubiKey FIPS.
+ ** OTP: Allow setting and removing access codes on the slots.
+ ** Interfaces: set-lock-code now only accepts hexadecimal inputs.
+ ** Bugfix: Don't fail to open the YubiKey when the serial is not visible.
+
+* Version 0.7.0 (released 2018-05-07)
+ ** Support for YubiKey Preview.
+ ** Add command to configure enabled applications over USB and NFC. See ykman config -h.
+ ** Add command for selecting which slot to use for NDEF. See ykman otp ndef -h.
+
+* Version 0.6.1 (released 2018-04-16)
+ ** Support for YubiKeys with FIDO2. See ykman fido -h
+ ** Report the form factor for YubiKeys that support it.
+ ** OTP: slot command is now called otp. See ykman otp -h for all changes.
+ ** Static password: Add support for different keyboard layouts. See ykman otp static -h
+ ** PIV: Signatures for CSRs are now correct.
+ ** PIV: Commands on slots with PIN policy ALWAYS no longer fail if the YubiKey has a management key protected by PIN.
+ ** Mode: The U2F mode is now called FIDO.
+ ** Dependencies: libu2f-host is no longer used for FIDO communication over USB, instead the python library fido2 is used.
+
+* Version 0.6.0 (released 2018-02-09)
+ ** OpenPGP: Expose remaining PIN retries in info command and API.
+ ** CCID: Only try YubiKey smart card readers by default.
+ ** Handle NEO issues with challenge-response credentials better.
+ ** Improve logging.
+ ** Improve error handling when opening device over OTP.
+ ** Bugfix: Fix adding OTP data through the interactive prompt.
+
+* Version 0.5.0 (released 2017-12-15)
+ ** API breaking changes:
+  *** OATH: New API more similar to yubioath-android
+ ** CLI breaking changes:
+  *** OATH: Touch prompt now written to stderr instead of stdout
+  *** OATH: `-a|--algorithm` option to `list` command removed
+  *** OATH: Columns in `code` command are now dynamically spaced depending on contents
+  *** OATH: `delete` command now requires confirmation or `-f|--force` argument
+  *** OATH: IDs printed by `list` command now include TOTP period if not 30
+  *** Changed outputs:
+   **** INFO: "Device name" output changed to "Device type"
+   **** PIV: "Management key is stored on device" output changed to "Management key is stored on the YubiKey"
+   **** PIV: "All PIV data have been cleared from the device" output changed to "All PIV data have been cleared from your YubiKey"
+   **** PIV: "The current management key is stored on the device" prompt changed to "The current management key is stored on the YubiKey"
+   **** SLOT: "blank to use device serial" prompt changed to "blank to use YubiKey serial number"
+   **** SLOT: "Using device serial" output changed to "Using YubiKey device serial"
+   **** Lots of failure case outputs changed
+ ** New features:
+  *** Support for multiple devices via new top-level option `-d|--device`
+  *** New top-level option `-l|--log-level` to enable logging
+  *** OATH: Support for remembering passwords locally.
+  *** OATH: New option `-s|--single` for `code` command
+  *** PIV: `set-pin-retries` command now warns that PIN and PUK will be reset to factory defaults, and prints those defaults after resetting
+ ** API bug fixes:
+  *** OATH: `valid_from` and `valid_to` for `Code` are now absolute instead of relative to the credential period
+  *** OATH: `period` for non-TOTP `Code` is now `None`
+
+* Version 0.4.6 (released 2017-10-17)
+ ** Will now attempt to open device 3 times before failing
+ ** OpenPGP: Don't say data is removed when not
+ ** OpenPGP: Don't swallow APDU errors
+ ** PIV: Block on-chip RSA key generation for firmware versions 4.2.0 to 4.3.4 (inclusive) since these chips are vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15361[CVE-2017-15631].
+
+* Version 0.4.5 (released 2017-09-14)
+ ** OATH: Don't print issuer if there is no issuer.
+
+* Version 0.4.4 (released 2017-09-06)
+ ** OATH: Fix yet another issue with backwards compatibility, for adding new credentials.
+
+* Version 0.4.3 (released 2017-09-06)
+ ** OATH: Fix issue with backwards compatibility, when used as a library.
+
+* Version 0.4.2 (released 2017-09-05)
+ ** OATH: Support 7 digit credentials.
+ ** OATH: Support credentials with a period other than 30 seconds.
+ ** OATH: The remove command is now called delete.
+
+* Version 0.4.1 (released 2017-08-10)
+ ** PIV: Dropped support for deriving a management key from PIN.
+ ** PIV: Added support for generating a random management key and storing it on the device protected by the PIN.
+ ** OpenPGP: The reset command now handles a device in terminated state.
+ ** OATH: Credential filtering is now working properly on Python 2.
+
+* Version 0.4.0 (released 2017-06-19)
+ ** Added PIV support. The tool and library now supports most of the PIV functionality found on the YubiKey 4 and NEO. To list the available commands, run ykman piv -h.
+ ** Mode command now supports adding and removing modes incrementally.
+
+* Version 0.3.3 (released 2017-05-08)
+ ** Bugfix: Fix issue with OATH credentials from Steam on YubiKey 4.
+
+* Version 0.3.2 (released 2017-04-24)
+ ** Allow access code input through an interactive prompt.
+ ** Bugfix: Some versions of YubiKey NEO occasionally failed calculating challenge-response credentials with touch.
+
+* Version 0.3.1 (released 2017-03-13)
+ ** Allow programming of TOTP credentials in YubiKey Slots using the chalresp command.
+ ** Add a calculate command (and library support) to perform a challenge-response operation. Can also be used to generate TOTP codes for credentials stored in a slot.
+ ** OATH: Remove whitespace in secret keys provided by the user.
+ ** OATH: Prompt the user to touch the YubiKey for HOTP touch credentials.
+ ** Bugfix: The flag for showing hidden credentials was not working correctly for the oath code command.
+
+* Version 0.3.0 (released 2017-01-23)
+ ** OATH functionality added. The tool now exposes the OATH functionality found on the YubiKey 4 and NEO. To list the available commands, run ykman oath -h.
+ ** Added support for randomly generated static passwords.
+
+* Version 0.2.0 (released 2016-11-23)
+ ** Removed all GUI code. This project is now only for the python library and CLI tool. The GUI will be re-released separately in a different project.
+ ** Added command to update settings for YubiKey Slots.
+
+* Version 0.1.0 (released 2016-07-07)
+ ** Initial release for beta testing.

seedkeeper_manager-5.9.2/PKG-INFO

@@ -0,0 +1,238 @@
+Metadata-Version: 2.4
+Name: seedkeeper-manager
+Version: 5.9.2
+Summary: Satochip fork of yubikey-manager: library and CLI for managing your YubiKey/Seedkeeper configuration. Drop-in replacement (same `yubikit`/`ykman` import names).
+License: Copyright (c) 2015 Yubico AB
+         All rights reserved.
+         
+           Redistribution and use in source and binary forms, with or
+           without modification, are permitted provided that the following
+           conditions are met:
+         
+            1. Redistributions of source code must retain the above copyright
+               notice, this list of conditions and the following disclaimer.
+            2. Redistributions in binary form must reproduce the above
+               copyright notice, this list of conditions and the following
+               disclaimer in the documentation and/or other materials provided
+               with the distribution.
+         
+         THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+         "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+         LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+         FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+         COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+         INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+         BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+         LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+         CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+         LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+         ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+         POSSIBILITY OF SUCH DAMAGE.
+License-File: COPYING
+Keywords: yubikey,yubiotp,piv,fido
+Author: Dain Nilsson
+Author-email: <dain@yubico.com>
+Maintainer: Toporin
+Maintainer-email: <satochip.wallet@gmail.com>
+Requires-Python: >=3.10, <4
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: End Users/Desktop
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: Utilities
+Requires-Dist: click (>=8.0,<9)
+Requires-Dist: cryptography (>=3.0,<49)
+Requires-Dist: fido2 (>=2.0,<3)
+Requires-Dist: keyring (>=23.4,<26)
+Requires-Dist: pyscard (>=2.0,<3)
+Requires-Dist: python-pskc (>=1.3,<2)
+Requires-Dist: pywin32 (>=223) ; sys_platform == "win32"
+Project-URL: Homepage, https://github.com/Toporin/seedkeeper-manager
+Description-Content-Type: text/plain
+
+== YubiKey Manager CLI (Satochip fork)
+
+NOTE: This is a fork of Yubico's https://github.com/Yubico/yubikey-manager[yubikey-manager],
+published to PyPI as `seedkeeper-manager`. It is a *drop-in replacement*: the importable
+package names (`yubikit`, `ykman`) and the `ykman` CLI command are unchanged, so a project can
+switch to this fork by changing only its requirement from `yubikey-manager` to
+`seedkeeper-manager` — no code changes. Note that `seedkeeper-manager` and `yubikey-manager`
+cannot be installed in the same environment at the same time.
+
+image:https://github.com/Toporin/seedkeeper-manager/actions/workflows/source-package.yml/badge.svg["Source package build", link="https://github.com/Toporin/seedkeeper-manager/actions/workflows/source-package.yml"]
+image:https://github.com/Toporin/seedkeeper-manager/actions/workflows/windows.yml/badge.svg["Windows build", link="https://github.com/Toporin/seedkeeper-manager/actions/workflows/windows.yml"]
+image:https://github.com/Toporin/seedkeeper-manager/actions/workflows/macOS.yml/badge.svg["MacOS build", link="https://github.com/Toporin/seedkeeper-manager/actions/workflows/macOS.yml"]
+image:https://github.com/Toporin/seedkeeper-manager/actions/workflows/ubuntu.yml/badge.svg["Ubuntu build", link="https://github.com/Toporin/seedkeeper-manager/actions/workflows/ubuntu.yml"]
+
+Python 3.10 (or later) library and command line tool for configuring a YubiKey.
+If you're looking for a graphical application, check out  https://developers.yubico.com/yubioath-flutter/[Yubico Authenticator].
+
+=== Usage
+For more usage information and examples, see the https://docs.yubico.com/software/yubikey/tools/ykman/Using_the_ykman_CLI.html[YubiKey Manager CLI User Manual].
+
+....
+Usage: ykman [OPTIONS] COMMAND [ARGS]...
+
+  Configure your YubiKey via the command line.
+
+  Examples:
+
+    List connected YubiKeys, only output serial number:
+    $ ykman list --serials
+
+    Show information about YubiKey with serial number 0123456:
+    $ ykman --device 0123456 info
+
+Options:
+  -d, --device SERIAL             specify which YubiKey to interact with by serial number
+  -r, --reader NAME               specify a YubiKey by smart card reader name (can't be used with --device or list)
+  -l, --log-level [ERROR|WARNING|INFO|DEBUG|TRAFFIC]
+                                  enable logging at given verbosity level
+  --log-file FILE                 write log to FILE instead of printing to stderr (requires --log-level)
+  --diagnose                      show diagnostics information useful for troubleshooting
+  -v, --version                   show version information about the app
+  --full-help                     show --help output, including hidden commands
+  -h, --help                      show this message and exit
+
+Commands:
+  info     show general information
+  list     list connected YubiKeys
+  config   enable or disable applications
+  fido     manage the FIDO applications
+  oath     manage the OATH application
+  openpgp  manage the OpenPGP application
+  otp      manage the YubiOTP application
+  piv      manage the PIV application
+....
+
+The `--help` argument can also be used to get detailed information about specific
+subcommands:
+
+    ykman oath --help
+
+=== Versioning/Compatibility
+This project follows https://semver.org/[Semantic Versioning]. Any project
+depending on seedkeeper-manager should take care when specifying version ranges to
+not include any untested major version, as it is likely to have backwards
+incompatible changes. For example, you should NOT depend on ">=5", as it has no
+upper bound. Instead, depend on ">=5, <6", as any release before 6 will be
+compatible.
+
+Note that any private variables (names starting with '_') are not part of the
+public API, and may be changed between versions at any time.
+
+=== Installation
+YubiKey Manager can be installed independently of platform by using pip (or
+equivalent):
+
+  pip install --user seedkeeper-manager
+
+On Linux platforms you will need `pcscd` installed and running to be able to
+communicate with a YubiKey over the SmartCard interface. Additionally, you may
+need to set permissions for your user to access YubiKeys via the HID interfaces.
+More information available link:doc/Device_Permissions.adoc[here].
+
+Some of the libraries used by seedkeeper-manager have C-extensions, and may require
+additional dependencies to build, such as http://www.swig.org/[swig] and
+potentially https://pcsclite.apdu.fr/[PCSC lite].
+
+=== Pre-built packages
+Pre-built packages specific to your platform may be available from Yubico or
+third parties. Please refer to your platforms native package manager for
+detailed instructions on how to install, if available.
+
+==== Windows
+A Windows installer is available to download from the
+https://github.com/Toporin/seedkeeper-manager/releases/latest[Releases page].
+
+==== MacOS
+A MacOS installer is available to download from the
+https://github.com/Toporin/seedkeeper-manager/releases/latest[Releases page].
+
+Additionally, packages are available from Homebrew and MacPorts.
+
+===== Input Monitoring access on MacOS
+When running one of the `ykman otp` commands you may run into an error such as:
+`Failed to open device for communication: -536870174`. This indicates a problem
+with the permission to access the OTP (keyboard) USB interface.
+
+To access a YubiKey over this interface the application needs the `Input
+Monitoring` permission. If you are not automatically prompted to grant this
+permission, you may have to do so manually. Note that it is the _terminal_ you
+are using that needs the permission, not the ykman executable.
+
+To add your terminal application to the `Input Monitoring` permission list, go
+to `System Preferences -> Security & Privacy -> Privacy -> Input Monitoring` to
+resolve this.
+
+===== Uninstallation of the MacOS .pkg
+To uninstall yubikey-manager when installed via the pgk installer, run:
+
+  $ sudo rm -rf /usr/local/bin/ykman /usr/local/ykman
+
+==== Linux
+Packages are available for several Linux distributions by third party package
+maintainers.
+
+Python-specific tools such as pip, pipx, or uv can be used directly to install and
+manage seedkeeper-manager, and is generally the recommended approach.
+
+==== FreeBSD
+Although not being officially supported on this platform, YubiKey Manager can be
+installed on FreeBSD. It's available via its ports tree or as pre-built package.
+Should you opt to install and use YubiKey Manager on this platform, please be aware
+that it's **NOT** maintained by Yubico.
+
+To install the binary package, use `pkg install pyXY-yubikey-manager`, with `pyXY`
+specifying the version of Python the package was built for, so in order to install
+YubiKey Manager for Python 3.8, use:
+
+  # pkg install py38-yubikey-manager
+
+For more information about how to install packages or ports on FreeBSD, please refer
+to its official documentation: https://docs.freebsd.org/en/books/handbook/ports[FreeBSD Handbook].
+
+In order to use `ykman otp` commands, you need to make sure the _uhid(4)_ driver
+attaches to the USB device:
+
+  # usbconfig ugenX.Y add_quirk UQ_KBD_IGNORE
+  # usbconfig ugenX.Y reset
+
+The correct device to operate on _(ugenX.Y)_ can be determined using
+`usbconfig list`.
+
+When using FreeBSD 13 or higher, you can switch to the more modern _hidraw(4)_
+driver. This allows YubiKey Manager to access OTP HID in a non-exclusive way,
+so that the key will still function as a USB keyboard:
+
+  # sysrc kld_list+="hidraw hkbd"
+  # cat >>/boot/loader.conf<<EOF
+  hw.usb.usbhid.enable="1"
+  hw.usb.quirk.0="0x1050 0x0010 0 0xffff UQ_KBD_IGNORE"  # YKS_OTP
+  hw.usb.quirk.1="0x1050 0x0110 0 0xffff UQ_KBD_IGNORE"  # NEO_OTP
+  hw.usb.quirk.2="0x1050 0x0111 0 0xffff UQ_KBD_IGNORE"  # NEO_OTP_CCID
+  hw.usb.quirk.3="0x1050 0x0114 0 0xffff UQ_KBD_IGNORE"  # NEO_OTP_FIDO
+  hw.usb.quirk.4="0x1050 0x0116 0 0xffff UQ_KBD_IGNORE"  # NEO_OTP_FIDO_CCID
+  hw.usb.quirk.5="0x1050 0x0401 0 0xffff UQ_KBD_IGNORE"  # YK4_OTP
+  hw.usb.quirk.6="0x1050 0x0403 0 0xffff UQ_KBD_IGNORE"  # YK4_OTP_FIDO
+  hw.usb.quirk.7="0x1050 0x0405 0 0xffff UQ_KBD_IGNORE"  # YK4_OTP_CCID
+  hw.usb.quirk.8="0x1050 0x0407 0 0xffff UQ_KBD_IGNORE"  # YK4_OTP_FIDO_CCID
+  hw.usb.quirk.9="0x1050 0x0410 0 0xffff UQ_KBD_IGNORE"  # YKP_OTP_FIDO
+  EOF
+  # reboot
+
+==== From source (for development)
+To install from source, see the link:doc/Development.adoc[development]
+instructions.
+
+=== Shell completion
+
+Experimental shell completion for the command line tool is available, provided
+by the underlying CLI library (`click`) but it is not enabled by default. To
+enable it, run this command once (for Bash):
+
+  $ source <(_YKMAN_COMPLETE=bash_source ykman | sudo tee /etc/bash_completion.d/ykman)
+
+More information on shell completion (including instructions for other shells) is
+available at:
+https://click.palletsprojects.com/en/stable/shell-completion/
+