:toc: left :source-highlighter: pygments :doctype: book :idprefix: :docinfo:
This is a JavaCard applet that emulates the HMAC challenge-response functionality of the Yubikey NEO/4. It presents the same interface that a real Yubikey presents over CCID (i.e. this applet does not have any HID features).
The goal is to be able to write applications that use the HMAC-SHA1 Challenge-Response mode of the Yubikey, and have a JavaCard with this applet be a drop-in replacement.
What works:
CMD_SET_CONF_{1,2}
The pre-built .cap
files for each release can be found on the
https://github.com/arekinath/ykotpapplet/releases[project release page].
You can use the
https://github.com/martinpaljak/GlobalPlatformPro[Global Platform] command-line
tool (gp
) to upload the applet to your JavaCard:
The easiest way to program the applet with an HMAC secret is to use https://github.com/arekinath/yktool[yktool]:
$ yktool list Yubikeys available:
$ echo 'b6e3f555562c894b7af13b1db37f28deff3ea89b' | yktool program hmac 1 -x -X Programmed slot 1 ok
We use https://github.com/martinpaljak/ant-javacard[ant-javacard] for builds.
$ git clone https://github.com/arekinath/YkOtpApplet ...
$ cd YkOtpApplet $ git submodule init && git submodule update ...
The capfile will be output in the ./bin
directory, along with the .class
files (which can be used with jCardSim).