Simon Josefsson <[email protected]> writes: > I have started implementing a command line tool to interact with PSKC > data. It uses a new library, libpskc, to do the real work. The > features of the tool (and thus the library) that make sense initially > appears to be: > > * Parse data and validate it against PSKC XML schema. > > * Create PSKC data based on input parameters. > > * Parse PSKC data, printing certain fields requested by user. > > * Convert PSKC data to some simpler format. > > I think the above should be implemented before thinking about next > steps. I have created a branch in git for this, see: > > http://git.savannah.gnu.org/cgit/oath-toolkit.git/log/?h=features/pskc > > Expect more within the next few days...
A quick update on this. The code on that branch is now able to do some simple things. I have realized some issues and will being to refactor the code a bit, but if you want a working tool use 5fb9e4ad19d05b43bcda61b055467f05496531b6. Validation against the XML schema: jas@latte:~$ wget --quiet http://download.gooze.eu/otp/seeds/20120919-test001-4282.xml jas@latte:~$ ~/src/oath-toolkit/pskctool/pskctool -e 20120919-test001-4282.xml OK jas@latte:~$ Print information about PSKC blob extracted from RFC 6030: jas@latte:~$ cat pskc-basic.xml <?xml version="1.0" encoding="UTF-8"?> <KeyContainer Version="1.0" Id="exampleID1" xmlns="urn:ietf:params:xml:ns:keyprov:pskc"> <KeyPackage> <Key Id="12345678" Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp"> <Issuer>Issuer-A</Issuer> <Data> <Secret> <PlainValue>MTIzNA== </PlainValue> </Secret> </Data> </Key> </KeyPackage> </KeyContainer> jas@latte:~$ ~/src/oath-toolkit/pskctool/pskctool -c < pskc-basic.xml Portable Symmetric Key Container (PSKC): Version: 1.0 Id: exampleID1 KeyPackage 1: Key: Id: 12345678 Algorithm: urn:ietf:params:xml:ns:keyprov:pskc:hotp Issuer: Issuer-A Data: Secret: PlainValue: MTIzNA== jas@latte:~$ Another blob from RFC 6030: jas@latte:~$ cat pskc-supp.xml <?xml version="1.0" encoding="UTF-8"?> <KeyContainer Version="1.0" Id="exampleID1" xmlns="urn:ietf:params:xml:ns:keyprov:pskc"> <KeyPackage> <DeviceInfo> <Manufacturer>Manufacturer</Manufacturer> <SerialNo>987654321</SerialNo> <UserId>DC=example-bank,DC=net</UserId> </DeviceInfo> <CryptoModuleInfo> <Id>CM_ID_001</Id> </CryptoModuleInfo> <Key Id="12345678" Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp"> <Issuer>Issuer</Issuer> <AlgorithmParameters> <ResponseFormat Length="8" Encoding="DECIMAL"/> </AlgorithmParameters> <Data> <Secret> <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA= </PlainValue> </Secret> <Counter> <PlainValue>0</PlainValue> </Counter> </Data> <UserId>UID=jsmith,DC=example-bank,DC=net</UserId> </Key> </KeyPackage> </KeyContainer> jas@latte:~$ ~/src/oath-toolkit/pskctool/pskctool -c < pskc-supp.xml Portable Symmetric Key Container (PSKC): Version: 1.0 Id: exampleID1 KeyPackage 1: DeviceInfo: Manufacturer: Manufacturer SerialNo: 987654321 UserId: DC=example-bank,DC=net warning: unsupported KeyPackage member 'CryptoModuleInfo' Key: Id: 12345678 Algorithm: urn:ietf:params:xml:ns:keyprov:pskc:hotp Issuer: Issuer AlgorithmParameters: ResponseFormat: Length: 8 Encoding: DECIMAL Data: Secret: PlainValue: MTIzNDU2Nzg5MDEyMzQ1Njc4OTA= Counter: PlainValue: 0 UserId: UID=jsmith,DC=example-bank,DC=net jas@latte:~$ /Simon
