yubikit.core.smartcard.scp

Attributes

INS_INITIALIZE_UPDATE

INS_EXTERNAL_AUTHENTICATE

INS_INTERNAL_AUTHENTICATE

INS_PERFORM_SECURITY_OPERATION

SendApdu

Classes

SessionKeys

SCP Session Keys.

StaticKeys

SCP03 Static Keys.

ScpKid

Enum where members are also (and must be) ints

KeyRef

bytes(iterable_of_ints) -> bytes

ScpKeyParams

Helper class that provides a standard way to create an ABC using

Scp03KeyParams

Helper class that provides a standard way to create an ABC using

Scp11KeyParams

Helper class that provides a standard way to create an ABC using

ScpState

Module Contents

yubikit.core.smartcard.scp.INS_INITIALIZE_UPDATE = 80
yubikit.core.smartcard.scp.INS_EXTERNAL_AUTHENTICATE = 130
yubikit.core.smartcard.scp.INS_INTERNAL_AUTHENTICATE = 136
yubikit.core.smartcard.scp.INS_PERFORM_SECURITY_OPERATION = 42
class yubikit.core.smartcard.scp.SessionKeys[source]

Bases: NamedTuple

SCP Session Keys.

key_senc: bytes
key_smac: bytes
key_srmac: bytes
key_dek: bytes | None = None
class yubikit.core.smartcard.scp.StaticKeys[source]

Bases: NamedTuple

SCP03 Static Keys.

key_enc: bytes
key_mac: bytes
key_dek: bytes | None = None
classmethod default()[source]
Return type:

StaticKeys

derive(context)[source]
Parameters:

context (bytes)

Return type:

SessionKeys

class yubikit.core.smartcard.scp.ScpKid[source]

Bases: enum.IntEnum

Enum where members are also (and must be) ints

SCP03 = 1
SCP11a = 17
SCP11b = 19
SCP11c = 21
class yubikit.core.smartcard.scp.KeyRef(kid_or_data, kvn=None)[source]

Bases: bytes

bytes(iterable_of_ints) -> bytes bytes(string, encoding[, errors]) -> bytes bytes(bytes_or_buffer) -> immutable copy of bytes_or_buffer bytes(int) -> bytes object of size given by the parameter initialized with null bytes bytes() -> empty bytes object

Construct an immutable array of bytes from:

  • an iterable yielding integers in range(256)

  • a text string encoded using the specified encoding

  • any object implementing the buffer API.

  • an integer

Parameters:
property kid: int
Return type:

int

property kvn: int
Return type:

int

__repr__()[source]

Return repr(self).

__str__()[source]

Return str(self).

class yubikit.core.smartcard.scp.ScpKeyParams[source]

Bases: abc.ABC

Helper class that provides a standard way to create an ABC using inheritance.

ref: KeyRef
class yubikit.core.smartcard.scp.Scp03KeyParams[source]

Bases: ScpKeyParams

Helper class that provides a standard way to create an ABC using inheritance.

ref: KeyRef
keys: StaticKeys
class yubikit.core.smartcard.scp.Scp11KeyParams[source]

Bases: ScpKeyParams

Helper class that provides a standard way to create an ABC using inheritance.

pk_sd_ecka: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey
oce_ref: KeyRef | None = None
sk_oce_ecka: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey | None = None
certificates: Sequence[cryptography.x509.Certificate] = []
yubikit.core.smartcard.scp.SendApdu
class yubikit.core.smartcard.scp.ScpState(session_keys, mac_chain=b'\x00' * 16, enc_counter=1)[source]
Parameters:
encrypt(data)[source]
Parameters:

data (bytes)

Return type:

bytes

mac(data)[source]
Parameters:

data (bytes)

Return type:

bytes

unmac(data, sw)[source]
Parameters:
Return type:

bytes

decrypt(encrypted)[source]
Parameters:

encrypted (bytes)

Return type:

bytes

classmethod scp03_init(send_apdu, key_params, *, host_challenge=None)[source]
Parameters:
Return type:

tuple[ScpState, bytes]

classmethod scp11_init(send_apdu, key_params)[source]
Parameters:
Return type:

ScpState