Struct ConfigurationFlags
Flags that control the functionality of the programmed OTP slot. This includes switching the slot's mode.
public struct ConfigurationFlags
Fields
AllowManualUpdate
Configures the slot to allow for user-triggered static password change.
public const byte AllowManualUpdate = 128
Field Value
- byte
ChallengeResponse
Enables Challenge-Response mode instead of an OTP mode.
public const byte ChallengeResponse = 32
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, the ChallengeResponse flag must be set.
ExtendedScanCodes
Configures the slot to emit a fixed set of characters, commonly referred to as "static password" mode.
public const byte ExtendedScanCodes = 2
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to enable ExtendedScanCodes mode, the StaticTicket flag must NOT be set.
HmacLessThan64Bytes
Set when the HMAC message is less than 64 bytes.
public const byte HmacLessThan64Bytes = 4
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, this flag must be used with the ChallengeResponse flag.
HmacSha1ChallengeResponse
Enabled HMAC-SHA1 challenge-response mode.
public const byte HmacSha1ChallengeResponse = 34
Field Value
- byte
Remarks
This flag, set together with ChallengeResponse enables HMAC-SHA1 challenge-response mode.
When set, the configuration does not work in normal OTP mode. This flag must be used with the ChallengeResponse and ChallengeResponse flags.
None
No special configuration modifiers are requested for this configuration.
public const byte None = 0
Field Value
- byte
OathFixedModhex
Specifies that all bytes of the token identifier should be modhex.
public const byte OathFixedModhex = 80
Field Value
- byte
Remarks
Note that this flag can only be used if the OathHotp flag is also set. It may have unintended side effects if used in other contexts.
OathFixedModhex1
Specifies that the first byte of the token identifier should be modhex.
public const byte OathFixedModhex1 = 16
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, the OathHotp flag must be set.
OathFixedModhex2
Specifies that the first two bytes of the token identifier should be modhex.
public const byte OathFixedModhex2 = 64
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, the OathHotp flag must also be set.
SendReferenceString
Output a reference string of the ModHex characters 0..15 first.
public const byte SendReferenceString = 1
Field Value
- byte
Remarks
This can be used by the verifying application to verify the mapping of the modhex characters. For all YubiKeys with a firmware version of 2.0 or later, if set in combination with the UseAlphaNumericPassword flag, this string will be replaced with a shifted character '1' (typically '!' on most keyboard layouts). This can be used to meet strong password requirements where at least one character is required to be a "special character".
ShortTicket
Truncate the OTP part to 16 characters.
public const byte ShortTicket = 2
Field Value
- byte
Remarks
This function is only meaningful in static mode as a truncated dynamic OTP cannot be successfully decoded.
Note that this flag's value collides with other flags in this enumeration. In order to enable short ticket mode, this flag must be used with StaticTicket.
StaticTicket
Uses the same "OTP" generation algorithm, but all dynamic fields are set to fixed values.
public const byte StaticTicket = 32
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, the ChallengeResponse flag must NOT be set.
Use10msPacing
Add an inter-character pacing time of 10ms between keystrokes.
public const byte Use10msPacing = 4
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to use 10ms pacing, the ChallengeResponse flag must NOT be set.
Use20msPacing
Add an inter-character pacing time of 20ms between keystrokes.
public const byte Use20msPacing = 8
Field Value
- byte
Remarks
When set, an intra-character pacing time of 20 milliseconds is added between each sent keystroke. Combined with the Use10msPacing flag, the total delay is 30 milliseconds.
Note that this flag's value collides with other flags in this enumeration. In order to use 20ms pacing, the ChallengeResponse flag must NOT be set.
Use8DigitHotp
Configures the slot for OATH-HOTP mode, using an 8 digit password.
public const byte Use8DigitHotp = 2
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to enable 8-digit HOTPs, the OathHotp flag must be set.
UseAlphaNumericPassword
Enable generation of mixed character and digits.
public const byte UseAlphaNumericPassword = 64
Field Value
- byte
Remarks
Setting this flag enables generation of mixed character and digits required by password policy settings in some legacy systems.
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, the ChallengeResponse flag must NOT be set.
UseButtonTrigger
Require YubiKey button touch for challenge response configuration.
public const byte UseButtonTrigger = 8
Field Value
- byte
Remarks
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, this flag must be used with the ChallengeResponse flag.
UseMixedCasePassword
Enable generation of mixed-case characters.
public const byte UseMixedCasePassword = 16
Field Value
- byte
Remarks
Setting this flag enables generation of mixed-case characters required by password policy settings in some legacy systems.
Note that this flag's value collides with other flags in this enumeration. In order to have the intended meaning, the OathHotp flag must NOT be set.
YubicoOtpChallengeResponse
Enables Yubico OTP challenge-response mode.
public const byte YubicoOtpChallengeResponse = 32
Field Value
- byte
Remarks
This flag, set together with ChallengeResponse enables Yubico OTP challenge-response mode.
When set, the configuration does not work in normal OTP mode. This flag must be used with the ChallengeResponse and ChallengeResponse flags.
Methods
ValidateFlagsForUpdate()
Ensure that no flags are set that cannot be used to update an existing configuration.
public void ValidateFlagsForUpdate()
Operators
implicit operator ConfigurationFlags(byte)
Implicitly convert a byte to a ConfigurationFlags object.
public static implicit operator ConfigurationFlags(byte b)
Parameters
b
byteA byte containing the flags.
Returns
implicit operator byte(ConfigurationFlags)
Implicitly convert ConfigurationFlags to a byte.
public static implicit operator byte(ConfigurationFlags flags)
Parameters
flags
ConfigurationFlagsFlag object to convert.
Returns
- byte