diff options
| -rw-r--r-- | misc/yubikey-manager-qt/363.patch | 198 | ||||
| -rw-r--r-- | misc/yubikey-manager-qt/README | 18 | ||||
| -rw-r--r-- | misc/yubikey-manager-qt/doinst.sh | 3 | ||||
| -rw-r--r-- | misc/yubikey-manager-qt/slack-desc | 19 | ||||
| -rw-r--r-- | misc/yubikey-manager-qt/yubikey-manager-qt.SlackBuild | 115 | ||||
| -rw-r--r-- | misc/yubikey-manager-qt/yubikey-manager-qt.info | 10 |
6 files changed, 363 insertions, 0 deletions
diff --git a/misc/yubikey-manager-qt/363.patch b/misc/yubikey-manager-qt/363.patch new file mode 100644 index 0000000000..f87245118d --- /dev/null +++ b/misc/yubikey-manager-qt/363.patch @@ -0,0 +1,198 @@ +--- a/ykman-gui/py/yubikey.py 2024-04-04 12:19:40.000000000 +0300 ++++ b/ykman-gui/py/yubikey.py 2024-11-30 22:44:48.514171262 +0300 +@@ -50,12 +50,10 @@ + if int(ykman_v.split(".")[0] ) > 4: + from yubikit.support import get_name + from ykman.device import list_all_devices, scan_devices +- from ykman.otp import ( +- _PrepareUploadFailed as PrepareUploadFailed +- , _prepare_upload_key as prepare_upload_key, generate_static_pw) ++ from ykman.otp import generate_static_pw + else: + from ykman import connect_to_device, scan_devices, get_name +- from ykman.otp import PrepareUploadFailed, prepare_upload_key, generate_static_pw ++ from ykman.otp import generate_static_pw + + from fido2.ctap2 import Ctap2, ClientPin + +@@ -391,26 +389,12 @@ + def random_key(self, bytes): + return b2a_hex(os.urandom(int(bytes))).decode('ascii') + +- def program_otp(self, slot, public_id, private_id, key, upload=False, +- app_version='unknown'): ++ def program_otp(self, slot, public_id, private_id, key, app_version='unknown'): + key = a2b_hex(key) + public_id = modhex_decode(public_id) + private_id = a2b_hex(private_id) + +- upload_url = None +- + with self._open_device([OtpConnection]) as conn: +- if upload: +- try: +- upload_url = prepare_upload_key( +- key, public_id, private_id, +- serial=self._dev_info['serial'], +- user_agent='ykman-qt/' + app_version) +- except PrepareUploadFailed as e: +- logger.debug('YubiCloud upload failed', exc_info=e) +- return failure('upload_failed', +- {'upload_errors': [err.name +- for err in e.errors]}) + try: + session = YubiOtpSession(conn) + session.put_configuration( +@@ -422,10 +406,7 @@ + return failure("write error") + + logger.debug('YubiOTP successfully programmed.') +- if upload_url: +- logger.debug('Upload url: %s', upload_url) +- +- return success({'upload_url': upload_url}) ++ return success() + + def program_challenge_response(self, slot, key, touch): + key = a2b_hex(key) +--- a/ykman-gui/qml/ContentStack.qml 2024-04-04 12:19:40.000000000 +0300 ++++ b/ykman-gui/qml/ContentStack.qml 2024-11-30 22:45:45.688033945 +0300 +@@ -168,14 +168,6 @@ + callback) + } + +- function otpUrl(url) { +- copyableConfirmationPopup.show( +- qsTr("Upload"), qsTr( +- "Complete the upload of your credential by visiting the following URL: %1").arg( +- url), +- ) +- } +- + function otpWriteError() { + snackbarError.show( + qsTr("Failed to modify %1. Make sure the YubiKey does not have restricted access.").arg( +--- a/ykman-gui/qml/OtpYubiOtpView.qml 2024-04-04 12:19:40.000000000 +0300 ++++ b/ykman-gui/qml/OtpYubiOtpView.qml 2024-11-30 22:57:20.300342533 +0300 +@@ -5,9 +5,6 @@ + import QtQuick.Controls.Material 2.2 + + ColumnLayout { +- property bool upload +- property string url +- + function useSerial() { + if (useSerialCb.checked) { + yubiKey.serialModhex(function (res) { +@@ -39,39 +36,14 @@ + function programYubiOtp() { + yubiKey.programOtp(views.selectedSlot, publicIdInput.text, + privateIdInput.text, secretKeyInput.text, +- enableUpload.checked, function (resp) { ++ function (resp) { + if (resp.success) { +- if (resp.upload_url) { +- if (yubiKey.isWinAdmin) { +- upload = true +- url = resp.upload_url +- otpUrl(url, views.otp()) +- +- views.otp() +- } else { +- if (Qt.openUrlExternally(resp.upload_url)) { +- snackbarSuccess.show(qsTr("Configured Yubico OTP credential. Preparing upload in web browser.")) +- views.otp() +- } else { +- snackbarError.show(qsTr("Configured Yubico OTP credential. Failed to open upload in web browser!")) +- } +- } +- +- } else { + snackbarSuccess.show( + qsTr("Configured Yubico OTP credential")) + views.otp() +- } +- + } else { + if (resp.error_id === 'write error') { + views.otpWriteError() +- } else if (resp.error_id === 'upload_failed') { +- snackbarError.show( +- qsTr( +- "Upload failed: %1 Credential not configured.").arg( +- getUploadErrorMessage( +- resp.upload_errors[0]))) + } else { + views.otpFailedToConfigureErrorPopup( + resp.error_id) +@@ -80,22 +52,6 @@ + }) + } + +- function getUploadErrorMessage(uploadErrorId) { +- // Keys defined in ykman library +- switch (uploadErrorId) { +- case 'CONNECTION_FAILED': +- return qsTr('Failed to open HTTPS connection.') +- case 'NOT_FOUND': +- return qsTr('Upload request not recognized by server.') +- case 'PUBLIC_ID_NOT_VV': +- return qsTr('Public ID must begin with "vv".') +- case 'PUBLIC_ID_OCCUPIED': +- return qsTr('Public ID is already in use.') +- case 'SERVICE_UNAVAILABLE': +- return qsTr('Service temporarily unavailable, please try again later.') +- } +- } +- + CustomContentColumn { + + ViewHeader { +@@ -191,31 +147,13 @@ + flat: true + Layout.alignment: Qt.AlignLeft | Qt.AlignBottom + } +- Row { +- id: row +- spacing: 5 +- Layout.alignment: Qt.AlignRight | Qt.AlignBottom +- CheckBox { +- id: enableUpload +- text: qsTr("Upload") +- Layout.alignment: Qt.AlignRight | Qt.AlignBottom +- ToolTip.delay: 1000 +- font.pixelSize: constants.h3 +- ToolTip.visible: hovered +- ToolTip.text: qsTr("Upload credential to YubiCloud (opens a web browser)") +- Material.foreground: yubicoBlue +- } + + FinishButton { ++ Layout.fillWidth: false ++ Layout.alignment: Qt.AlignRight | Qt.AlignBottom + + onClicked: finish() + enabled: publicIdInput.acceptableInput +- && privateIdInput.acceptableInput +- && secretKeyInput.acceptableInput +- toolTipText: qsTr("Finish and write the configuration to the YubiKey") +- Layout.alignment: Qt.AlignRight | Qt.AlignBottom +- } +- + } + + } +--- a/ykman-gui/qml/YubiKey.qml 2024-04-04 12:19:40.000000000 +0300 ++++ b/ykman-gui/qml/YubiKey.qml 2024-11-30 22:57:49.899269622 +0300 +@@ -332,9 +332,9 @@ + doCall('yubikey.controller.generate_static_pw', [keyboardLayout], cb) + } + +- function programOtp(slot, publicId, privateId, key, upload, cb) { ++ function programOtp(slot, publicId, privateId, key, cb) { + doCall('yubikey.controller.program_otp', +- [slot, publicId, privateId, key, upload, appVersion], cb) ++ [slot, publicId, privateId, key, appVersion], cb) + } + + function programChallengeResponse(slot, key, touch, cb) { diff --git a/misc/yubikey-manager-qt/README b/misc/yubikey-manager-qt/README new file mode 100644 index 0000000000..28acc9dbf7 --- /dev/null +++ b/misc/yubikey-manager-qt/README @@ -0,0 +1,18 @@ +Cross-platform application for configuring any YubiKey over all USB +interfaces. + +This application provides an easy way to perform the most common +configuration tasks on a YubiKey. + +The current version can: + - Display the serial number and firmware version of a YubiKey + - Configure a FIDO2 PIN + - Reset the FIDO Applications + - Configure the OTP Application. A YubiKey have two slots (Short + Touch and Long Touch), which may both be configured for different + functionality. This tool can configure a Yubico OTP credential, + a static password, a challenge-response credential or an OATH HOTP + credential in both of these slots. + - Manage certificates and PINs for the PIV Application + - Swap the credentials between two configured slots + - Enable and disable USB and NFC interfaces diff --git a/misc/yubikey-manager-qt/doinst.sh b/misc/yubikey-manager-qt/doinst.sh new file mode 100644 index 0000000000..5fb28930db --- /dev/null +++ b/misc/yubikey-manager-qt/doinst.sh @@ -0,0 +1,3 @@ +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi diff --git a/misc/yubikey-manager-qt/slack-desc b/misc/yubikey-manager-qt/slack-desc new file mode 100644 index 0000000000..aa3d6f215c --- /dev/null +++ b/misc/yubikey-manager-qt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +yubikey-manager-qt: yubikey-manager-qt (Graphical application for configuring a YubiKey) +yubikey-manager-qt: +yubikey-manager-qt: Cross-platform application for configuring any YubiKey over all USB +yubikey-manager-qt: interfaces. It provides an easy way to perform the most common +yubikey-manager-qt: configuration tasks on a YubiKey. +yubikey-manager-qt: +yubikey-manager-qt: Website: https://developers.yubico.com/yubikey-manager-qt/ +yubikey-manager-qt: +yubikey-manager-qt: +yubikey-manager-qt: +yubikey-manager-qt: diff --git a/misc/yubikey-manager-qt/yubikey-manager-qt.SlackBuild b/misc/yubikey-manager-qt/yubikey-manager-qt.SlackBuild new file mode 100644 index 0000000000..db6b1c48dd --- /dev/null +++ b/misc/yubikey-manager-qt/yubikey-manager-qt.SlackBuild @@ -0,0 +1,115 @@ +#!/bin/bash + +# Slackware build script for yubikey-manager-qt + +# Copyright 2023-2025 Vladislav 'fsLeg' Borisov, Moscow, Russia +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PRGNAM=yubikey-manager-qt +VERSION=${VERSION:-1.2.6} +BUILD=${BUILD:-2} +TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "aarch64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$PRGNAM-$VERSION +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +# Apply a patch from PR#363 to make ykman-gui work again: +# https://github.com/Yubico/yubikey-manager-qt/pull/363 +patch -p1 < $CWD/363.patch + +qmake +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +make +make install INSTALL_ROOT=$PKG + +# Strip binaries and libraries +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Copy desktop-related files +mkdir -p $PKG/usr/share/pixmaps +cp -a resources/icons/ykman.png $PKG/usr/share/pixmaps +mkdir -p $PKG/usr/share/metainfo/ +cp -a resources/com.yubico.yubikey_manager.metainfo.xml $PKG/usr/share/metainfo/ +mkdir -p $PKG/usr/share/applications +cp -a resources/ykman-gui.desktop $PKG/usr/share/applications + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a \ + COPYING NEWS README \ + $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +# Copy the slack-desc into ./install +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +# Make the package +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/misc/yubikey-manager-qt/yubikey-manager-qt.info b/misc/yubikey-manager-qt/yubikey-manager-qt.info new file mode 100644 index 0000000000..62d38468a3 --- /dev/null +++ b/misc/yubikey-manager-qt/yubikey-manager-qt.info @@ -0,0 +1,10 @@ +PRGNAM="yubikey-manager-qt" +VERSION="1.2.6" +HOMEPAGE="https://developers.yubico.com/yubikey-manager-qt/" +DOWNLOAD="https://github.com/Yubico/yubikey-manager-qt/archive/yubikey-manager-qt-1.2.6/yubikey-manager-qt-yubikey-manager-qt-1.2.6.tar.gz" +MD5SUM="8028e757b0fc8fef0f0141a4bf94de78" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="yubikey-manager pyotherside" +MAINTAINER="Vladislav 'fsLeg' Borisov" +EMAIL="fsleg@t-rg.ws" |