Lycee/smartlock
Archived
1
0
Fork 0
Code Activity

Advence of Core, add yubi on setup program, fix an error on lock, test on Yubikey

Browse source
This commit is contained in:
Ethanell 2019-05-15 10:03:24 +02:00
parent dea22875e6
commit e86e861ba5
4 changed files with 48 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
Core.py
View file

@ -1,9 +1,19 @@
import shelve import shelve, subprocess
from os.path import isfile from os.path import isfile
class Main: class Main:
def __init__(self): def __init__(self):
if not isfile("Settings.conf"): if not isfile("Settings.conf"):
setup() subprocess.check_call(["sudo", "yhsm-generate-keys", "-D", "/etc/yubico/yhsm/keys.json", "--key-handle", "1", "--start-public-id", "interncccccc", "-c", "10"])
out = str(subprocess.check_output(["sudo", "ykval-gen-clients", "--urandom", "10"]))
out = out[2:-1].split("\\n")
keys = dict()
for i in out:
id = i.find(",")
keys[i[:id]] = i[id:] #Risque d'y avoir un \n ?
with shelve.open("Settings.conf") as settings:
settings["keys"] = keys
settings["register"] = list()
else: else:
isconnection() pass

26
Setup.py
View file

@ -40,5 +40,31 @@ def web_setup():
return "Cant connect" return "Cant connect"
return "Done" return "Done"
@app.route("/addyubi")
def add_yubi():
out = subprocess.check_output(["sudo", "yhsm-decrypt-aead", "--aes-key", "000102030405060708090a0b0c0d0e0f", "--key-handle", "1", "--format", "yubikey-csv", "/var/cache/yubikey-ksm/aeads/"])
out = out[2:][:-1].split("\\n")
del out[-1]
dico = dict()
for i in out:
id = i.find(",")
publicid = i.find(",", id+1)
privateid = i.find(",", publicid+1)
secretkey = i.find(",", privateid+1)
dico[i[:id]] = {"publicid": i[id+1:publicid], "privateid": i[publicid+1:privateid], "secretkey": i[privateid+1:secretkey]}
with shelve.open("Settings.conf") as settings:
id = settings["register"][-1] + 1
if id > dico.keys()[-1]:
return "Error, too many yubikeys"
#Verifier si une yubikey est connecter !
subprocess.check_call(["ykpersonalize", "-1", f"-ofixed={dico[id]["publicid"]}", f"-ouid={dico[id]["privateid"]}", f"-a{dico[id]["secretkey"]}"])
return "Ok"
if __name__ == "__main__": if __name__ == "__main__":
app.run(debug=True, port=6000, host="0.0.0.0") app.run(debug=True, port=6000, host="0.0.0.0")

3
lock.py
View file

@ -4,6 +4,9 @@ import shelve
led = LED(17) led = LED(17)
def state(current : bool = None): def state(current : bool = None):
with shelve.open("Settings.conf") as settings:
if not "state" in settings:
settings["state"] = False
if current != None: if current != None:
with shelve.open("Settings.conf") as settings: with shelve.open("Settings.conf") as settings:
settings["state"] = current settings["state"] = current

8
yubikey.py
View file

@ -1,10 +1,14 @@
from yubico_client import Yubico from yubico_client import Yubico
import lock, shelve import lock, shelve
with shelve.open("Settings.conf") as settings: ids = {"interncccccc": 1, "interncccccd": 2}
client = Yubico(settings["id"], settings["secret"], api_urls=('http://localhost/wsapi/2.0/verify',))
while True: while True:
try: try:
id = ids[input(">")[:12]]
with shelve.open("Settings.conf") as settings:
#client = Yubico(id, settings["keys"][id], api_urls=('http://localhost/wsapi/2.0/verify',))
client = Yubico(1, "QMho+Y4mtsY+KbCYu1gRKtDtwAM=", api_urls=('http://localhost/wsapi/2.0/verify',))
client.verify(input()) client.verify(input())
except: except:
pass pass