Class OtpSettings<T>
Helper class to manage the flags used by the YubiKey OTP configuration.
public class OtpSettings<T> where T : OperationBase<T>Type Parameters
TThe System.Type of the operation class.
- Inheritance
-
objectOtpSettings<T>
Properties
YubiKeyFlags
The YubiKey OTP flags collected in one data-structure.
public YubiKeyFlags YubiKeyFlags { get; }Property Value
Methods
AllowManualUpdate(bool)
Configures the slot to allow for user-triggered static password change.
public T AllowManualUpdate(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
YubiKey 2 and later supports user-initiated update of a static password. If configured, the user presses and holds the key for 8-15 seconds. When the button is released, the indicator light flashes. By pressing shortly, the change is confirmed and the new OTP is yielded. The static ticket flag must be set before calling this method or an exception will occur.
AllowUpdate(bool)
Allows certain non-security related settings to be modified after the configuration has been written.
public T AllowUpdate(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
The list below is of all settings that can be updated when this setting is set. However, some of the options are not compatible with all settings, so it's important to use care when choosing settings to apply later.
- AllowUpdate(bool)
Allows certain non-security related settings to be modified after the configuration has been written. - SetDormant(bool)
Allows a configuration to be stored without being accessible. - UseFastTrigger(bool)
Causes the trigger action of the YubiKey button to become faster. - SetInvertLed(bool)
Inverts the configured state of the LED. - SetSerialNumberApiVisible(bool)
Allows the serial number to be read by proprietary means, including being visible to the Yubico.YubiKey SDK. - SetSerialNumberButtonVisible(bool)
Allows the serial number to be retrieved by holding down the touch button while inserting the device into the USB port. - SetSerialNumberUsbVisible(bool)
Makes the serial number appear in the YubiKey's USB descriptor's iSerialNumber field. - UseNumericKeypad(bool)
Causes numeric characters to be sent as keystrokes from the numeric keypad rather than the normal numeric keys on an 84-key keyboard. - SendTabFirst(bool)
Sends a tab character before the fixed string. - AppendTabToFixed(bool)
Sends a tab character after the fixed string. - SetAppendTabToOtp(bool)
Sends a tab character after the OTP string. - AppendDelayToFixed(bool)
Adds a 500ms delay after sending the fixed string. - AppendDelayToOtp(bool)
Adds a 500ms delay after sending the OTP string. - AppendCarriageReturn(bool)
Sends a carriage return [Enter Key] after all characters have been sent. - Use10msPacing(bool)
Adds an inter-character pacing time of 10ms between each keystroke. - Use20msPacing(bool)
Adds an inter-character pacing time of 20ms between each keystroke.
AppendCarriageReturn(bool)
Sends a carriage return [Enter Key] after all characters have been sent.
public T AppendCarriageReturn(bool setting = true)Parameters
settingbool
Returns
- T
AppendDelayToFixed(bool)
Adds a 500ms delay after sending the fixed string.
public T AppendDelayToFixed(bool setting = true)Parameters
settingbool
Returns
- T
AppendDelayToOtp(bool)
Adds a 500ms delay after sending the OTP string.
public T AppendDelayToOtp(bool setting = true)Parameters
settingbool
Returns
- T
AppendTabToFixed(bool)
Sends a tab character after the fixed string.
public T AppendTabToFixed(bool setting = true)Parameters
settingbool
Returns
- T
HmacLessThan64Bytes(bool)
Set when the HMAC message is less than 64 bytes.
public T HmacLessThan64Bytes(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
The default HMAC challenge is exactly 64 bytes. This setting specifies that the challenge will always be less than 64 bytes.
This setting must be used with either UseYubicoOtpChallengeResponseMode(bool) or UseHmacSha1ChallengeResponseMode(bool).
OathFixedModhex1(bool)
Specifies that the first byte of the token identifier should be modhex.
public T OathFixedModhex1(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting must be used with SetOathHotp(bool).
ProtectLongPressSlot(bool)
Locks and/or protects the long press configuration slot of the YubiKey.
public T ProtectLongPressSlot(bool setting = true)Parameters
settingbool
Returns
- T
SendReferenceString(bool)
Sends a reference string of the ModHex characters for 0-15 before the fixed or OTP data.
public T SendReferenceString(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This can be used by the verifying application to verify the mapping of the modhex characters.
For all YubiKeys with a firmware version of 2.0 or later, if set in combination with UseAlphaNumericPassword(bool), this string will be replaced with a shifted character '1' (typically '!' on most keyboard layouts). This can be used to meet strong password requirements where at least one character is required to be a "special character".
SendTabFirst(bool)
Sends a tab character before the fixed string.
public T SendTabFirst(bool setting = true)Parameters
settingbool
Returns
- T
SetAppendTabToOtp(bool)
Sends a tab character after the OTP string.
public T SetAppendTabToOtp(bool setting = true)Parameters
settingbool
Returns
- T
SetDormant(bool)
Allows a configuration to be stored without being accessible.
public T SetDormant(bool setting = true)Parameters
settingbool
Returns
- T
SetInvertLed(bool)
Inverts the configured state of the LED.
public T SetInvertLed(bool setting = true)Parameters
settingbool
Returns
- T
SetOathHotp(bool)
Sets the configuration for OATH HOTP.
public T SetOathHotp(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
In order to use OATH HOTP in a slot, neither Yubico.YubiKey.Otp.OtpSettings<T>.Flag.YubicoOtpChallengeResponse nor Yubico.YubiKey.Otp.OtpSettings<T>.Flag.HmacSha1ChallengeResponse can be set.
SetSerialNumberApiVisible(bool)
Allows the serial number to be read by proprietary means, including being visible to the Yubico.YubiKey SDK.
public T SetSerialNumberApiVisible(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This is a device wide setting. If it is set in either configurable slot, it is considered enabled by the device.
SetSerialNumberButtonVisible(bool)
Allows the serial number to be retrieved by holding down the touch button while inserting the device into the USB port.
public T SetSerialNumberButtonVisible(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
Once the LED starts to flash, release the button and the serial number will then be sent as a string of digits.
This is a device wide setting. If it is set in either configurable slot, it is considered enabled by the device.
SetSerialNumberUsbVisible(bool)
Makes the serial number appear in the YubiKey's USB descriptor's iSerialNumber field.
public T SetSerialNumberUsbVisible(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This makes each device unique from the host computer's view.
This is a device wide setting. If it is set in either configurable slot, it is considered enabled by the device.
ShortTicket(bool)
Truncates the OTP string to 16 characters.
public T ShortTicket(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This function is only valid in static mode as a truncated dynamic OTP cannot be successfully decoded.
In order to enable short ticket mode, you must also use UseStaticTicketMode(bool).
ToString()
public override string ToString()Returns
- string
Use10msPacing(bool)
Adds an inter-character pacing time of 10ms between each keystroke.
public T Use10msPacing(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting is not compatible with UseYubicoOtpChallengeResponseMode(bool) nor UseHmacSha1ChallengeResponseMode(bool).
Use20msPacing(bool)
Adds an inter-character pacing time of 20ms between each keystroke.
public T Use20msPacing(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting is not compatible with UseYubicoOtpChallengeResponseMode(bool) nor UseHmacSha1ChallengeResponseMode(bool).
Use8DigitHotp(bool)
Configures the slot to use an eight-digit password for OATH-HOTP.
public T Use8DigitHotp(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting must be used with SetOathHotp(bool).
By default, OATH-HOTP uses six-digit passwords.
UseAlphaNumericPassword(bool)
Enables generation of mixed characters and digits.
public T UseAlphaNumericPassword(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
Satisfies some legacy systems' requirement for mixed characters and digits in passwords.
This setting is not compatible with Yubico.YubiKey.Otp.OtpSettings<T>.Flag.YubicoOtpChallengeResponse nor Yubico.YubiKey.Otp.OtpSettings<T>.Flag.HmacSha1ChallengeResponse.
UseButtonTrigger(bool)
Require user acceptance by touching the YubiKey button for challenge-response operations
public T UseButtonTrigger(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting must be used with either UseYubicoOtpChallengeResponseMode(bool) or UseHmacSha1ChallengeResponseMode(bool).
UseFastTrigger(bool)
Causes the trigger action of the YubiKey button to become faster.
public T UseFastTrigger(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This only applies when one configuration is written. If both configurations are active, this setting has no effect.
UseHmacSha1ChallengeResponseMode(bool)
HMAC-SHA1 Challenge-Response Mode
public T UseHmacSha1ChallengeResponseMode(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
When set, the configuration does not work in normal OTP mode.
This setting is mutually exclusive with UseYubicoOtpChallengeResponseMode(bool). Also, it is incompatible with SetOathHotp(bool).
UseMixedCasePassword(bool)
Enable use of mixed case characters for password generation.
public T UseMixedCasePassword(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This accommodates some legacy systems that require mixed-case characters in passwords.
This setting is incompatible with SetOathHotp(bool).
UseNumericKeypad(bool)
Causes numeric characters to be sent as keystrokes from the numeric keypad rather than the normal numeric keys on an 84-key keyboard.
public T UseNumericKeypad(bool setting = true)Parameters
settingbool
Returns
- T
UseOathFixedModhex(bool)
Specifies that all bytes of the token identifier should be modhex.
public T UseOathFixedModhex(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting must be used with SetOathHotp(bool).
UseOathFixedModhex2(bool)
Specifies that the first two bytes of the token identifier should be modhex.
public T UseOathFixedModhex2(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting must be used with SetOathHotp(bool).
UseStaticPasswordMode(bool)
Configures the slow to emit a static password.
public T UseStaticPasswordMode(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
This setting is not compatible with UseStaticTicketMode(bool), or ShortTicket(bool).
UseStaticTicketMode(bool)
Sets all dynamic fields to fixed values.
public T UseStaticTicketMode(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
Static mode uses the same "OTP" generation algorithm, but all dynamic fields are set to fixed values.
This setting is not compatible with Yubico.YubiKey.Otp.OtpSettings<T>.Flag.YubicoOtpChallengeResponse nor Yubico.YubiKey.Otp.OtpSettings<T>.Flag.HmacSha1ChallengeResponse.
UseYubicoOtpChallengeResponseMode(bool)
Enables Yubico OTP Challenge-Response Mode
public T UseYubicoOtpChallengeResponseMode(bool setting = true)Parameters
settingbool
Returns
- T
Remarks
When set, the configuration does not work in normal OTP mode.
This setting is mutually exclusive with UseHmacSha1ChallengeResponseMode(bool). Also, it is incompatible with SetOathHotp(bool).