Comments (9)
Hello,
I've just added missing error checks to ykpersonalize.
What happens is that the url may only be 53 bytes long (subtracting the prefix if it's in the list of known prefixes).
/klas
(edited, typo in the original, the limit is 53 bytes)
from yubikey-personalization.
Ahh... That (unfortunately) makes sense. Why else would there be a scheme to save bytes? :(
During my testing, switching out anyconnect:// for https:// would have saved me 13 bytes.
Maybe I can petition cisco, (or maybe an anyconnect developer will stumble across this post!), to provide some short parameter aliases. prefill_secondary_password is 26 bytes :(
from yubikey-personalization.
What's really irritating is I think I'm only 1 byte over if I use the shortest uri possible...
anyconnect:connect?name=A&prefill_secondary_password=
Which together with the 5 bytes header is 58.
Is the 57 byte limit specific to the yubikey neo or part of the standard?
Thanks,
Alex
from yubikey-personalization.
I made a typo in my previous comment, the limit is 53 bytes: https://github.com/Yubico/yubikey-personalization/blob/master/ykcore/ykdef.h#L181 the first byte of the data field is used for shortening the url, or 0 if it's not shortened.
It's a neo limitation, existing so it can be programmed over the standard interface, where the ndef_st in ykdef.h must fit inside the payload of the frame_st.
/klas
from yubikey-personalization.
I'm almost certainly missing something, but...
I make ndef_st only 62 bytes (1+1+54+6=62). frame_st.payload is 64 bytes?
from yubikey-personalization.
No, you're not.
The reason for that discrepancy is probably that someone made an error in calculating that when creating the struct originally.. =(
from yubikey-personalization.
Why the sad face? Doesn't this mean I can change NDEF_DATA_SIZE to 56?
from yubikey-personalization.
No.. Firstly because the limit is in the hardware as well that the data is 54 bytes, and because of the struct alignment, with a 6 byte accesscode following directly after the data. So increasing it to 56 bytes at this point would be a major headache, requiring different structures for different hardware revisions.
from yubikey-personalization.
Shame. Whilst just a single extra byte would have helped me a lot, it hardly seems worth creating new firmware and supporting both versions for just 2 extra bytes.
10's of extra bytes would allow all the anyconnect uri options to be useable.
I guess I'll just have to host a webpage somewhere that redirects https requests to anyconnect uris. Not a great solution, but I guess it should work ok.
Thanks for your help,
Alex
from yubikey-personalization.
Related Issues (20)
- Fails to build with gcc 10 in Fedora 32 HOT 4
- multiple potential memory leaks
- infinite loop for particular command line arguments
- YubiKey index is not stable HOT 6
- fg
- Blink LED when waiting for touch HOT 3
- 1.20.0 + master: autoreconf and compile time warnings
- compatiblility with google-authenticator? HOT 4
- Key is not fully recognized on coldplug
- Warning about setting mode should be updated HOT 1
- yk_open_key causes the keyboard HID interface to reset
- Support for Apple Silicon - Cross Compile to ARM64 HOT 3
- ykchalresp returns the same response for 2 different challenges HOT 6
- Invalid fixed string
- Cannot remove OTP locking code
- Messed up conf: keypress gives me 32 chars instead of 44
- YubiKey C Bio - FIDO Edition is not recognized by YubiKey Personalization Tool. HOT 1
- Text is hard to read under dark theme in KDE HOT 1
- configure: error: libyubikey v1.5+ not found, see https://developers.yubico.com/yubico-c/ HOT 1
- Yubikey core error: no yubikey present
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from yubikey-personalization.