stv0g
commented
3 months ago Btw, my use case is the calculation of AWS HMAC request signatures: https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/HMACAuth.html
Open stv0g opened 3 months ago
stv0g
commented
3 months ago Btw, my use case is the calculation of AWS HMAC request signatures: https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/HMACAuth.html
I would like to generate a SHA256 HMAC using the app and retrieve the full digest.
This seems to be currently not possible.
YKOATH supports this by enabling/disabling the dynamic truncation via P2 of the calculate instruction. However, The Trussed secrets apps unconditionally performs dynamic truncation.
This would also allow us to ditch the Yubico-specific HMAC instruction and just use TOTP credentials where we pass a custom challenge.
The Yubico-specific HMAC instruction currently only supports SHA1 which is a no-go for my use case :/