Git Product home page Git Product logo

canokey-core's Introduction

Canokey Core

Tests Coverage Apache License 2.0 FOSSA Status

Introduction

Core implementations of an open-source secure key, with supports of:

  • U2F / FIDO2 with ed25519 and HMAC-secret
  • OpenPGP Card V3.4, Supported Algorithm List
  • PIV (NIST SP 800-73-4)
  • HOTP / TOTP
  • NDEF

The USB mode contains 3 different interfaces:

  • Interface 0: U2F / FIDO2, which is an HID interface
  • Interface 1: PIV/OpenPGP/OATH Card, which is a CCID interface
  • Interface 2: WebUSB, which is not a standard interface
  • Interface 3: Keyboard

The WebUSB interface is used to configure the key via a web-based interface.

Protocol

Please refer to the documentation.

Porting

Use Canokey-STM32 as an example.

  1. You need to implement these functions in device.h:

    • void device_delay(int ms);
    • uint32_t device_get_tick(void);
    • int device_spinlock_lock(volatile uint32_t *lock, uint32_t blocking);
    • void device_spinlock_unlock(volatile uint32_t *lock);
    • int device_atomic_compare_and_swap(volatile uint32_t *var, uint32_t expect, uint32_t update);
    • void led_on(void);
    • void led_off(void);
    • void device_set_timeout(void (*callback)(void), uint16_t timeout);
      • A hardware timer with IRQ is required

If you need NFC, you also need to implement the following functions:

  • void fm_nss_low(void);
  • void fm_nss_high(void);
  • void fm_transmit(uint8_t *buf, uint8_t len);
  • void fm_receive(uint8_t *buf, uint8_t len);

  1. You should also provide a random32 and a optional random_buffer function in rand.h.

  2. You need to configure the littlefs properly.

  3. You need to configure the mbed-tls according to its documentation or provide the algorithms on your own by overwriting the weak symbols.

    Or instead, you may implement the cryptography algorithms by yourself.

  4. You should call the device_loop or nfc_loop in the main loop, and the device_update_led in a periodic interrupt.

  5. You should call the set_touch_result to report touch sensing result, and set_nfc_state to report NFC state.

Fuzz testing

Install honggfuzz from source first, then enable fuzz tests:

cd build
cmake .. -DENABLE_FUZZING=ON -DENABLE_TESTS=ON -DCMAKE_C_COMPILER=hfuzz-clang -DCMAKE_BUILD_TYPE=Debug

Then, run fuzzing tests:

./fuzzer/run-fuzzer.sh honggfuzz ${id}

License

FOSSA Status

canokey-core's People

Contributors

capuanob avatar dangfan avatar dramforever avatar felixonmars avatar fossabot avatar hexchain avatar hko-s avatar jiegec avatar jyhi avatar sztsian avatar z4yx avatar zenithalhourlyrate avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.