OTP static key limited to 8 characters instead of 32 on pico #14

New Issue

2023-08-01T02:43:30+08:00

niansa commented

2023-08-01 02:43:30 +08:00

(Migrated from github.com)

$ ykman otp static 1 DrHfEHtICeCeNuEjkfHJdCGuvbhEhGvDenecgk
Slot 1 is already configured. Overwrite configuration? [y/N]: y

Stored password ends up being: DrHfEHtI

``` $ ykman otp static 1 DrHfEHtICeCeNuEjkfHJdCGuvbhEhGvDenecgk Slot 1 is already configured. Overwrite configuration? [y/N]: y ``` Stored password ends up being: `DrHfEHtI`

polhenarejos commented

2023-08-14 18:37:46 +08:00

(Migrated from github.com)

Did you try it with a legit Yubikey? It seems that YKMAN supports 16 bytes for static OTP (if you have 8 might be caused by SHORT_TICKET flag).

polhenarejos commented

2023-08-14 19:15:48 +08:00

(Migrated from github.com)

From Yubico documentation, static passwords are 16 bytes length:

https://docs.yubico.com/yesdk/users-manual/application-otp/commands-configure-slot.html

From specs, it cannot increased, as it would overflow the frame buffer.

From Yubico documentation, static passwords are 16 bytes length: https://docs.yubico.com/yesdk/users-manual/application-otp/commands-configure-slot.html From specs, it **cannot** increased, as it would overflow the frame buffer.

niansa commented

2024-01-22 13:07:31 +08:00

(Migrated from github.com)

But then why can it only be 8, not 16?

polhenarejos commented

2024-01-22 15:50:06 +08:00

(Migrated from github.com)

Not really. In version 5.8 we removed that limitation and Pico Fido is able to send up to 38 bytes.

👍 1 🚀 1

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dearsky/pico-fido#14