yubikit.management

Classes

`CAPABILITY`	YubiKey Application identifiers.
`FORM_FACTOR`	YubiKey device form factors.
`DEVICE_FLAG`	Configuration flags.
`RELEASE_TYPE`	YubiKey release type.
`DeviceConfig`	Management settings for YubiKey which can be configured by the user.
`VersionQualifier`	Fully qualified YubiKey version
`DeviceInfo`	Information about a YubiKey readable using the ManagementSession.
`Mode`	YubiKey USB Mode configuration for use with YubiKey NEO and 4.
`ManagementSession`

Module Contents

class yubikit.management.CAPABILITY[source]

Bases: enum.IntFlag

YubiKey Application identifiers.

OTP = 1

U2F = 2

FIDO2 = 512

OATH = 32

PIV = 16

OPENPGP = 8

HSMAUTH = 256

__str__()[source]: Return str(self).

property display_name: str

Return type:: str

property usb_interfaces: yubikit.core.USB_INTERFACE

Return type:: yubikit.core.USB_INTERFACE

class yubikit.management.FORM_FACTOR[source]

Bases: enum.IntEnum

YubiKey device form factors.

UNKNOWN = 0

USB_A_KEYCHAIN = 1

USB_A_NANO = 2

USB_C_KEYCHAIN = 3

USB_C_NANO = 4

USB_C_LIGHTNING = 5

USB_A_BIO = 6

USB_C_BIO = 7

__str__()[source]: Return str(self).

classmethod from_code(code)[source]

Parameters:: code (int)
Return type:: FORM_FACTOR

class yubikit.management.DEVICE_FLAG[source]

Bases: enum.IntFlag

Configuration flags.

REMOTE_WAKEUP = 64

EJECT = 128

class yubikit.management.RELEASE_TYPE[source]

Bases: enum.IntEnum

YubiKey release type.

ALPHA = 0

BETA = 1

FINAL = 2

__str__()[source]: Return str(self).

yubikit.management.TAG_USB_SUPPORTED = 1

yubikit.management.TAG_SERIAL = 2

yubikit.management.TAG_USB_ENABLED = 3

yubikit.management.TAG_FORM_FACTOR = 4

yubikit.management.TAG_VERSION = 5

yubikit.management.TAG_AUTO_EJECT_TIMEOUT = 6

yubikit.management.TAG_CHALRESP_TIMEOUT = 7

yubikit.management.TAG_DEVICE_FLAGS = 8

yubikit.management.TAG_APP_VERSIONS = 9

yubikit.management.TAG_CONFIG_LOCK = 10

yubikit.management.TAG_UNLOCK = 11

yubikit.management.TAG_REBOOT = 12

yubikit.management.TAG_NFC_SUPPORTED = 13

yubikit.management.TAG_NFC_ENABLED = 14

yubikit.management.TAG_IAP_DETECTION = 15

yubikit.management.TAG_MORE_DATA = 16

yubikit.management.TAG_FREE_FORM = 17

yubikit.management.TAG_HID_INIT_DELAY = 18

yubikit.management.TAG_PART_NUMBER = 19

yubikit.management.TAG_FIPS_CAPABLE = 20

yubikit.management.TAG_FIPS_APPROVED = 21

yubikit.management.TAG_PIN_COMPLEXITY = 22

yubikit.management.TAG_NFC_RESTRICTED = 23

yubikit.management.TAG_RESET_BLOCKED = 24

yubikit.management.TAG_VERSION_QUALIFIER = 25

yubikit.management.TAG_FPS_VERSION = 32

yubikit.management.TAG_STM_VERSION = 33

class yubikit.management.DeviceConfig[source]

Management settings for YubiKey which can be configured by the user.

enabled_capabilities: dict[yubikit.core.TRANSPORT, CAPABILITY]

auto_eject_timeout: int | None = None

challenge_response_timeout: int | None = None

device_flags: DEVICE_FLAG | None = None

nfc_restricted: bool | None = None

get_bytes(reboot, cur_lock_code=None, new_lock_code=None)[source]

Parameters:

reboot (bool)
cur_lock_code (Optional[bytes])
new_lock_code (Optional[bytes])

Return type:

bytes

class yubikit.management.VersionQualifier[source]

Fully qualified YubiKey version

version: yubikit.core.Version

type: RELEASE_TYPE

iteration: int = 0

__str__()[source]

class yubikit.management.DeviceInfo[source]

Information about a YubiKey readable using the ManagementSession.

config: DeviceConfig

serial: int | None

version: yubikit.core.Version

form_factor: FORM_FACTOR

supported_capabilities: Mapping[yubikit.core.TRANSPORT, CAPABILITY]

is_locked: bool

is_fips: bool = False

is_sky: bool = False

part_number: str | None = None

fips_capable: CAPABILITY

fips_approved: CAPABILITY

pin_complexity: bool = False

reset_blocked: CAPABILITY

fps_version: yubikit.core.Version | None = None

stm_version: yubikit.core.Version | None = None

version_qualifier: VersionQualifier

has_transport(transport)[source]

Parameters:: transport (yubikit.core.TRANSPORT)
Return type:: bool

property version_name: str

The version of the YubiKey as a string.

Return type:: str

classmethod parse(encoded, default_version)[source]

Parameters:

encoded (bytes)
default_version (yubikit.core.Version)

Return type:

DeviceInfo

classmethod parse_tlvs(data, default_version)[source]

Parameters:

data (Mapping[int, bytes])
default_version (yubikit.core.Version)

Return type:

DeviceInfo

class yubikit.management.Mode(interfaces)[source]

YubiKey USB Mode configuration for use with YubiKey NEO and 4.

Parameters:: interfaces (yubikit.core.USB_INTERFACE)

code: int

interfaces: yubikit.core.USB_INTERFACE

__repr__()[source]

classmethod from_code(code)[source]

Parameters:: code (int)
Return type:: Mode

yubikit.management.SLOT_DEVICE_CONFIG = 17

yubikit.management.SLOT_YK4_CAPABILITIES = 19

yubikit.management.SLOT_YK4_SET_DEVICE_INFO = 21

yubikit.management.INS_SET_MODE = 22

yubikit.management.INS_READ_CONFIG = 29

yubikit.management.INS_WRITE_CONFIG = 28

yubikit.management.INS_DEVICE_RESET = 31

yubikit.management.P1_DEVICE_CONFIG = 17

yubikit.management.CTAP_VENDOR_FIRST = 64

yubikit.management.CTAP_YUBIKEY_DEVICE_CONFIG = 64

yubikit.management.CTAP_READ_CONFIG = 66

yubikit.management.CTAP_WRITE_CONFIG = 67

class yubikit.management.ManagementSession(connection, scp_key_params=None)[source]

Parameters:

connection (Union[yubikit.core.otp.OtpConnection, yubikit.core.smartcard.SmartCardConnection, yubikit.core.fido.FidoConnection])
scp_key_params (Optional[yubikit.core.smartcard.ScpKeyParams])

close()[source]

Close the underlying connection.

Deprecated:: call .close() on the underlying connection instead.
Return type:: None

property version: yubikit.core.Version

The firmware version of the YubiKey

Return type:: yubikit.core.Version

read_device_info()[source]

Get detailed information about the YubiKey.

Return type:: DeviceInfo

write_device_config(config=None, reboot=False, cur_lock_code=None, new_lock_code=None)[source]

Write configuration settings for YubiKey.

Parameters:

config (Optional[DeviceConfig]) – The device configuration.
reboot (bool) – If True the YubiKey will reboot.
cur_lock_code (Optional[bytes]) – Current lock code.
new_lock_code (Optional[bytes]) – New lock code.

Return type:

None

set_mode(mode, chalresp_timeout=0, auto_eject_timeout=None)[source]

Write connection modes (USB interfaces) for YubiKey.

Parameters:

mode (Mode) – The connection modes (USB interfaces).
chalresp_timeout (int) – The timeout when waiting for touch for challenge response.
auto_eject_timeout (Optional[int]) – When set, the smartcard will automatically eject after the given time.

Return type:

None

device_reset()[source]

Global factory reset.

This is only available for YubiKey Bio, which has a PIN that is shared between applications. This will factory reset the global PIN as well as the associated applications.

Return type:: None

`TAG_USB_SUPPORTED`
`TAG_SERIAL`
`TAG_USB_ENABLED`
`TAG_FORM_FACTOR`
`TAG_VERSION`
`TAG_AUTO_EJECT_TIMEOUT`
`TAG_CHALRESP_TIMEOUT`
`TAG_DEVICE_FLAGS`
`TAG_APP_VERSIONS`
`TAG_CONFIG_LOCK`
`TAG_UNLOCK`
`TAG_REBOOT`
`TAG_NFC_SUPPORTED`
`TAG_NFC_ENABLED`
`TAG_IAP_DETECTION`
`TAG_MORE_DATA`
`TAG_FREE_FORM`
`TAG_HID_INIT_DELAY`
`TAG_PART_NUMBER`
`TAG_FIPS_CAPABLE`
`TAG_FIPS_APPROVED`
`TAG_PIN_COMPLEXITY`
`TAG_NFC_RESTRICTED`
`TAG_RESET_BLOCKED`
`TAG_VERSION_QUALIFIER`
`TAG_FPS_VERSION`
`TAG_STM_VERSION`
`SLOT_DEVICE_CONFIG`
`SLOT_YK4_CAPABILITIES`
`SLOT_YK4_SET_DEVICE_INFO`
`INS_SET_MODE`
`INS_READ_CONFIG`
`INS_WRITE_CONFIG`
`INS_DEVICE_RESET`
`P1_DEVICE_CONFIG`
`CTAP_VENDOR_FIRST`
`CTAP_YUBIKEY_DEVICE_CONFIG`
`CTAP_READ_CONFIG`
`CTAP_WRITE_CONFIG`

yubikit.management

Attributes

Classes

Module Contents