Python version of the Molto-1 NFC Burner app - molto1_config.py
We have been getting many requests from the customers asking to make the Molto1 Burner tool available under macOS and Linux. The easiest way to achieve this was using cross-platform solutions, and we have chosen to implement this with Python. This allowed us to produce a cross-platform solution that will work on any platform, including Linux, macOS and Windows. The tool allows burning a seed as well as configure various options, such as hash type, system clock and time offset.
molto1_config.py is a solution developed by Token2 to program and configure Molto1-i, NFC-programmable multi-profile TOTP hardware tokens using nfcpy python library. It works under Linux, macOS and Windows.
Hardware requirements
We have used nfcpy library to implement the solution. Unfortunately, nfcpy only works with a limited number of NFC Reader/writer devices, therefore the existing NFC Writer device used for our Windows applications cannot be used. While our hardware R&D team is till working on creating a nfcpy-compatible driver for our NFC Writer device, we managed to source a batch of nfcpy compatible NFC writer devices based on PN533 chip from NXP/ST-Ericcson which you have to purchase to be able to use this script. PN533 is supported by nfcpy and works flawlessly under any platform.
python -m nfcThe output should be without errors and similar to below:
This is the latest version of nfcpy run in Python 2.7.12 on Linux-4.4.0-47-generic-x86_64-with-Ubuntu-16.04-xenial I'm now searching your system for contactless devices ** found StickID PN533v2.7 at usb:04cc:2533 I'm not trying serial devices because you haven't told me -- add the option '--search-tty' to have me looking -- but beware that this may break existing connectionsIf you get any errors, please refer to nfcpy installation guide or report an issue directly.
Obtaining the software
The python script will be available for download from your customer account interface if you have placed an order or orders including both of the products below:
1) At least one Molto1 device
2) The Stick ID NFC Writer device
Preparing the environment
The main prerequisite is to have Python installed on your system. Also, before the Token2_Config.py can be used, the python environment on your system has to be configured accordingly. In this article, we will use Ubuntu 20 as an example and configure a virtual Python environment. Configuration of macOS systems should not differ a lot from this, however with Windows, an additional driver installation may be required.
Follow the steps below to prepare the virtual environment:
1. Create an environment: python3 -m venv venv (or python -m venv venv depending on which executable name the python was configured with)
2. Activate environment: source venv/bin/activate (for Windows, use venv\Scripts\activate.bat)
3. Install requirements: pip install -r requirements.txt
Usage
Run python molto1_config.py -h to see the available options. The following example sets a new seed in base32 format and a configuration with the current system time (`--time 0`), a step of 30 seconds (`--step 1`), the HMAC algorithm SHA1 (`--algo 1`) and a display sleep timeout of 30 seconds (`--sleep 2`) under profile №1 with profile title 'Test'
python molto1_config.py --seedbase32 JBSWY3DPEHPK3PXPJBSWY3DPEHPK3PXP --time 0 --step 1 --algo 1 --sleep 2 --profile 1 --title TestNote the following:
- If a title is not provided, only the profile number will be displayed on the screen.
- All configuration parameters is recommended be provided when burning a seed
Full syntax is shown below (also available with -h and --help option):
usage: molto1_config.py [-h] [-l LOG] [-s SEED] [-b SEEDBASE32] [-t TIME] [-d OTPDIGITS] [-e {1,2}] [-a {1,2}]
[-p {1,2,3,4}] [-x {0,1,2,3,4,5,6,7,8,9}] [-rp] [-f] [-n TITLE] [-k KEY] [-ka KEYASCII]
[-sk SETKEY] [-ska SETKEYASCII] [-pn PIN]
This program can be used to set the seed and the configuration of Token2 Molto1-i tokens.
optional arguments:
-h, --help show this help message and exit
-l LOG, --log LOG Set logging level. Levels are DEBUG, INFO, WARNING, ERROR, CRITICAL.
seed:
-s SEED, --seed SEED Set the seed. Hexadecimal, max. 63 bytes.
-b SEEDBASE32, --seedbase32 SEEDBASE32
Set the seed in base32 format.
configuration:
-t TIME, --time TIME Set the time. UNIX timestamp. Use '0' to set the current device time
-d OTPDIGITS, --otpdigits OTPDIGITS
Number of digits generated by TOTP algorithm. Possible values 4, 6, 8 or 10. Default is 6.
-e {1,2}, --step {1,2}
Set the time step of the OTP. 1=30s, 2=60s
-a {1,2}, --algo {1,2}
Set the OTP algorithm. 1=SHA1, 2=SHA256
-p {1,2,3,4}, --sleep {1,2,3,4}
Set screen sleep timeout. 1=15s, 2=30s, 3=60s, 4=120s
-x {0,1,2,3,4,5,6,7,8,9}, --profile {0,1,2,3,4,5,6,7,8,9}
Set the profile number, from 0 to 9.
-rp, --removepin Removes PIN protection if set. This operation needs physical confirmation on the device (you
need to press 0 on the device after executing this command)
-f, --factoryreset Resets the device to factory settings, removes PIN, all profiles and configurations. This
operation needs physical confirmation on the device (you need to press 0 on the device after
executing reset)
-n TITLE, --title TITLE
Profile title. English letters and digits only, max 12 chars
-k KEY, --key KEY Customer key in hex format. Default will be used if not supplied.
-ka KEYASCII, --keyascii KEYASCII
Customer key in ascii format. Default will be used if not supplied.
-sk SETKEY, --setkey SETKEY
Set new customer key, key provided in hex format.
-ska SETKEYASCII, --setkeyascii SETKEYASCII
Set new customer key, key provided in ascii format.
-pn PIN, --pin PIN PIN Code to protect OTP display. 8 digits max.
Example: molto1_config.py --seed 48656C6C6F21DEADBEEF48656C6C6F21DEADBEEF --profile 1 --time 0 --step 1 --algo 1
--sleep 2
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!