[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OATH-Toolkit-help] PSKC update
|
From: |
Simon Josefsson |
|
Subject: |
[OATH-Toolkit-help] PSKC update |
|
Date: |
Wed, 26 Sep 2012 11:54:43 +0200 |
|
User-agent: |
Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.1 (gnu/linux) |
Simon Josefsson <address@hidden> writes:
> I have started implementing a command line tool to interact with PSKC
> data. It uses a new library, libpskc, to do the real work. The
> features of the tool (and thus the library) that make sense initially
> appears to be:
>
> * Parse data and validate it against PSKC XML schema.
>
> * Create PSKC data based on input parameters.
>
> * Parse PSKC data, printing certain fields requested by user.
>
> * Convert PSKC data to some simpler format.
>
> I think the above should be implemented before thinking about next
> steps. I have created a branch in git for this, see:
>
> http://git.savannah.gnu.org/cgit/oath-toolkit.git/log/?h=features/pskc
>
> Expect more within the next few days...
A quick update on this. The code on that branch is now able to do some
simple things. I have realized some issues and will being to refactor
the code a bit, but if you want a working tool use
5fb9e4ad19d05b43bcda61b055467f05496531b6.
Validation against the XML schema:
address@hidden:~$ wget --quiet
http://download.gooze.eu/otp/seeds/20120919-test001-4282.xml
address@hidden:~$ ~/src/oath-toolkit/pskctool/pskctool -e
20120919-test001-4282.xml
OK
address@hidden:~$
Print information about PSKC blob extracted from RFC 6030:
address@hidden:~$ cat pskc-basic.xml
<?xml version="1.0" encoding="UTF-8"?>
<KeyContainer Version="1.0"
Id="exampleID1"
xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
<KeyPackage>
<Key Id="12345678"
Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp">
<Issuer>Issuer-A</Issuer>
<Data>
<Secret>
<PlainValue>MTIzNA==
</PlainValue>
</Secret>
</Data>
</Key>
</KeyPackage>
</KeyContainer>
address@hidden:~$ ~/src/oath-toolkit/pskctool/pskctool -c < pskc-basic.xml
Portable Symmetric Key Container (PSKC):
Version: 1.0
Id: exampleID1
KeyPackage 1:
Key:
Id: 12345678
Algorithm: urn:ietf:params:xml:ns:keyprov:pskc:hotp
Issuer: Issuer-A
Data:
Secret:
PlainValue: MTIzNA==
address@hidden:~$
Another blob from RFC 6030:
address@hidden:~$ cat pskc-supp.xml
<?xml version="1.0" encoding="UTF-8"?>
<KeyContainer Version="1.0"
Id="exampleID1"
xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
<KeyPackage>
<DeviceInfo>
<Manufacturer>Manufacturer</Manufacturer>
<SerialNo>987654321</SerialNo>
<UserId>DC=example-bank,DC=net</UserId>
</DeviceInfo>
<CryptoModuleInfo>
<Id>CM_ID_001</Id>
</CryptoModuleInfo>
<Key Id="12345678"
Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp">
<Issuer>Issuer</Issuer>
<AlgorithmParameters>
<ResponseFormat Length="8" Encoding="DECIMAL"/>
</AlgorithmParameters>
<Data>
<Secret>
<PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
</PlainValue>
</Secret>
<Counter>
<PlainValue>0</PlainValue>
</Counter>
</Data>
<UserId>UID=jsmith,DC=example-bank,DC=net</UserId>
</Key>
</KeyPackage>
</KeyContainer>
address@hidden:~$ ~/src/oath-toolkit/pskctool/pskctool -c < pskc-supp.xml
Portable Symmetric Key Container (PSKC):
Version: 1.0
Id: exampleID1
KeyPackage 1:
DeviceInfo:
Manufacturer: Manufacturer
SerialNo: 987654321
UserId: DC=example-bank,DC=net
warning: unsupported KeyPackage member 'CryptoModuleInfo'
Key:
Id: 12345678
Algorithm: urn:ietf:params:xml:ns:keyprov:pskc:hotp
Issuer: Issuer
AlgorithmParameters:
ResponseFormat:
Length: 8
Encoding: DECIMAL
Data:
Secret:
PlainValue: MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
Counter:
PlainValue: 0
UserId: UID=jsmith,DC=example-bank,DC=net
address@hidden:~$
/Simon