Table of Contents

Class ConfigureHotp

Namespace
Yubico.YubiKey.Otp.Operations
Assembly
Yubico.YubiKey.dll

Configures a YubiKey OTP slot to emit sequence-based OTP codes.

public class ConfigureHotp : OperationBase<ConfigureHotp>
Inheritance
object
ConfigureHotp
Inherited Members

Fields

HmacKeySize

The key size for an HMAC credential.

public const int HmacKeySize = 20

Field Value

int

Methods

AppendCarriageReturn(bool)

Sends a carriage return [Enter Key] after all characters have been sent.

public ConfigureHotp AppendCarriageReturn(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

AppendDelayToFixed(bool)

Adds a 500ms delay after sending the fixed string.

public ConfigureHotp AppendDelayToFixed(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

AppendDelayToOtp(bool)

Adds a 500ms delay after sending the OTP string.

public ConfigureHotp AppendDelayToOtp(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

AppendTabToFixed(bool)

Sends a tab character after the fixed string.

public ConfigureHotp AppendTabToFixed(bool setConfig)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

ExecuteOperation()

Execute the operation here.

protected override void ExecuteOperation()

Remarks

This method is called after pre-launch code has run. Everything that could be validated should have been before this method is called.

The only validation could that should be in this method are things that could not be checked in the PreLaunchOperation() method. For example, if an operation must be completed in multiple steps, and subsequent steps depend on the success of previous steps, then it must be in this method by necessity.

GenerateKey(Memory<byte>)

Generates a cryptographically random series of bytes as the key for the credential.

public ConfigureHotp GenerateKey(Memory<byte> key)

Parameters

key Memory<byte>

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

Generating a key is not compatible with setting an explicit byte collection as the key. Specifying both will result in an exception.

Exceptions

InvalidOperationException

This will be thrown if the caller called UseKey(ReadOnlyMemory<byte>) before calling this method.

PreLaunchOperation()

Validate all settings and choices here.

protected override void PreLaunchOperation()

Remarks

All possible validation should be done here. The point of this method is to simplify the ExecuteOperation() method that each operation must implement.

Conflicting choices that could not be checked by the OtpSettings<T> methods should be checked here.

Many of the operation classes use nullable fields (bool?) for choices. This allows the PreLaunchOperation() implementation to verify that a choice has been made. In the ExecuteOperation() method, the field has already been validated, and an exception thrown if it was not set, so null-forgiving operators are used when accessing those fields in ExecuteOperation().

SendReferenceString(bool)

Sends a reference string of the ModHex characters for 0-15 before the fixed or OTP data.

public ConfigureHotp SendReferenceString(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

This can be used by the verifying application to verify the mapping of the modhex characters.

For all YubiKeys with a firmware version of 2.0 or later, if set in combination with UseAlphaNumericPassword(bool), this string will be replaced with a shifted character '1' (typically '!' on most keyboard layouts). This can be used to meet strong password requirements where at least one character is required to be a "special character".

SendTabFirst(bool)

Sends a tab character before the fixed string.

public ConfigureHotp SendTabFirst(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

SetAllowUpdate(bool)

Allows certain non-security related settings to be modified after the configuration has been written.

public ConfigureHotp SetAllowUpdate(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

The list below is of all settings that can be updated when this setting is set. However, some of the options are not compatible with all settings, so it's important to use care when choosing settings to apply later.

Use10msPacing(bool)

Adds an inter-character pacing time of 10ms between each keystroke.

public ConfigureHotp Use10msPacing(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

This setting is not compatible with UseYubicoOtpChallengeResponseMode(bool) nor UseHmacSha1ChallengeResponseMode(bool).

Use20msPacing(bool)

Adds an inter-character pacing time of 20ms between each keystroke.

public ConfigureHotp Use20msPacing(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

This setting is not compatible with UseYubicoOtpChallengeResponseMode(bool) nor UseHmacSha1ChallengeResponseMode(bool).

Use8Digits(bool)

Configures the slot to use an eight-digit password for OATH-HOTP.

public ConfigureHotp Use8Digits(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

This setting must be used with SetOathHotp(bool).

By default, OATH-HOTP uses six-digit passwords.

UseFastTrigger(bool)

Causes the trigger action of the YubiKey button to become faster.

public ConfigureHotp UseFastTrigger(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

This only applies when one configuration is written. If both configurations are active, this setting has no effect.

UseInitialMovingFactor(int)

Set the initial moving factor for the credential.

public ConfigureHotp UseInitialMovingFactor(int imf)

Parameters

imf int

Initial moving factor to set. Must be an integer between 0 and 0xffff0 (1,048,560) that is divisible by 0x10 (16).

Returns

ConfigureHotp

The current ConfigureHotp instance.

UseKey(ReadOnlyMemory<byte>)

Explicitly sets the key of the credential.

public ConfigureHotp UseKey(ReadOnlyMemory<byte> key)

Parameters

key ReadOnlyMemory<byte>

A collection of bytes to use for the key.

Returns

ConfigureHotp

The current ConfigureHotp instance.

Remarks

The System.Memory<T> collection containing the key is used by the operation to program the YubiKey, but the source continues to be owned by the caller. This means that the caller is responsible for clearing the memory after use to avoid exposing sensitive information.

Setting an explicit key is not compatible with generating a key. Specifying both will result in an exception.

Exceptions

InvalidOperationException

This is thrown when GenerateKey(Memory<byte>) has been called before this.

ArgumentException

This is thrown when key is not the correct length.

UseNumericKeypad(bool)

Causes numeric characters to be sent as keystrokes from the numeric keypad rather than the normal numeric keys on an 84-key keyboard.

public ConfigureHotp UseNumericKeypad(bool setConfig = true)

Parameters

setConfig bool

Returns

ConfigureHotp

The current ConfigureHotp instance.