keechallenge icon indicating copy to clipboard operation
keechallenge copied to clipboard

Published 20 hours ago verified publisher icon brush701

Add support for OnlyKey

Open onlykey opened this issue 4 years ago • 3 comments

Hi,

We recently implemented HMAC SHA1 in OnlyKey, it is fully compatible with Yubikey's HMAC SHA1 challenge and response. We have integrated support with KeePassXC https://github.com/keepassxreboot/keepassxc/pull/3352 and are looking to integrate with other projects as well. The only change required is to allow OnlyKey's USB VID/PID to be used in addition to the already allowed Yubikey USB VID/PIDs. Would you be willing to add support for OnlyKey?

Thanks!

onlykey avatar Oct 25 '19 15:10 onlykey

I might be willing to attempt but to but do not own a OnlyKey. Do I just need to call the new functions in the yubikey library?

whinis avatar Oct 28 '20 01:10 whinis

@whinis Yes, we can also send you an OnlyKey to test if you email support at crp.to

OnlyKey supports the same HMAC Sha1 used by the yubikey library. The only change is to call yk_open_key_vid_pid. The way you can do it is first check if a Yubikey is connected yk_open_first_key() then if not check for OnlyKey like this:

m_yk_void = static_cast<void*>(yk_open_first_key());

// New fuction available in yubikey-personalization version >= 1.20.0 that allows
// selecting device VID/PID (yk_open_key_vid_pid) if Yubikey was not found
if (m_yk == nullptr) {
    static const int device_pids[] = {0x60fc}; // OnlyKey PID
    m_yk_void = static_cast<void*>(yk_open_key_vid_pid(0x1d50, device_pids, 1, 0));
    m_onlyKey = true;
}

onlykey avatar Oct 28 '20 16:10 onlykey

Ill make an issue on my fork and will likely take you up on that. https://github.com/whinis/keechallenge/issues/2

whinis avatar Oct 28 '20 16:10 whinis