solokeys/openpgp solokeys/openpgp

  • Stars
    star
    107
  • Rank 323,587 (Top 7 %)
  • Language
    C
  • Created over 5 years ago
  • Updated over 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
solokeys/openpgp
github

solokeys

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OpenPGP functionality for Solo

This repository contains a portable implementation for OpenPGP and will be able to run on PC for testing and development, and can run on Solo.

Requirements

This should run fine on Linux, OS X, or Ubuntu on Windows.

Set up

Clone Gnuk to get their testing suite. Note, there are symlinks in the repo, so make sure you clone using a *nix environment!

git clone --recurse-submodules https://github.com/solokeys/openpgp.git

Install Python test tools to run Gnuk tests.

sudo apt install python3-pytest python3-usb python3-cffi libmbedtls-dev linux-tools-common linux-tools-generic linux-cloud-tools-generic
python -m pip install pycryptodome

Build our CCID/OpenPGP application

make

Running

In one terminal, run our CCID/OpenPGP application.

./main

In another terminal:

connect it via USBIP

sudo usbip attach -r 127.0.0.1 -b 1-1
kill pcscd (somehow)

run python test suite.

cd pytest 
sudo py.test-3 -s -x

Work with USBIP

Setup

sudo mkdir /usr/share/hwdata
sudo cp /var/lib/usbutils/usb.ids /usr/share/hwdata/usb.ids

init commands

sudo modprobe vhci-hcd  (once after reboot!!!)
sudo usbip attach -r 127.0.0.1 -b 1-1
sudo lsusb -d 072f:90cc -v

Check if all is in working state

pcsc_scan
gpg2 --card-edit (command line: admin, list, name, lang, generate)
gpg2 --card-edit --expert (admin, key-attr)

list devices:

usbip list -r 127.0.0.1
or
usbip list -l

gpg export keys

To get a simple file of your public key, you can just use 
gpg2 --armor --export keyID > pubkey.asc
gpg2 --output pubkey.pgp --armor --export keyID
gpg2 --armor --export-secret-key keyID > privatekey.asc
gpg2 --output backupkeys.pgp --armor --export --export-options export-backup user@email

gpg import keys from card

gpg2 --import pubkey.asc
gpg --card-status
gpg --list-secret

Google test

Test some critical parts of code

install

sudo apt-get install libgtest-dev

check

cd gtest

make test

Ed25519 to Curve25519 conversion

https://moderncrypto.org/mail-archive/curves/2014/000205.html

https://moderncrypto.org/mail-archive/curves/2014/000293.html

https://crypto.stackexchange.com/questions/13077/can-curve25519-keys-be-used-with-ed25519-keys

https://docs.rs/exonum/0.9.3/exonum/crypto/x25519/fn.into_x25519_keypair.html

TODO

  1. RSA generation waiting for USB stack (now - timeout)
  2. brainpool ecdsa curves
  3. Ed25519 to Curve25519 conversion and vice versa (as in yubikey)
  4. Add tests for:
  • access rights to commands and DO
  • refactor some tests and change some "magic" values in them
  1. Add tests and functionality for:
  • ECDSA
  • ED25519 (EdDSA), CURVE25519(ECDH)
  • Secure messaging????
  1. fix:
  • transfer kdf functionality to cryptography lib
  • remove "magic" printf in flash write function)

More Repositories

1

solo1

Solo 1 firmware in C
C
2,300
star
2

solo2

Solo 2 firmware in Rust
Rust
573
star
3

solo1-cli

Solo 1 library and CLI in Python
Python
185
star
4

solo-hw

Hardware sources for Solo 1
182
star
5

solo2-cli

Solo 2 library and CLI in Rust
Rust
172
star
6

solo2-hw

Hardware schematic and layout for Solo 2
140
star
7

solo-desktop

Desktop app for customizing and updating your Solo.
JavaScript
71
star
8

fido2-tests

Test suite for FIDO2, U2F, and other security key functions
Python
43
star
9

solo-webupdate

Website to easily update Solo firmware on keys.
JavaScript
32
star
10

fido-authenticator

FIDO authenticator Trussed app for Solo 2
Rust
31
star
11

kickstarter2021

https://www.kickstarter.com/projects/conorpatrick/solo-v2-safety-net-against-phishing
24
star
12

solo-bsc

Rust board support crate for the Solo security key
Rust
12
star
13

piv-authenticator

PIV authenticator Trussed app.
Rust
5
star
14

seedweed

Reference implementation and test vectors for DiceKeys' "Seeding WebAuthN" specification
Python
5
star
15

solo2-gui

Very provisional. Tech demo using Tauri + Svelte (+pnpm).
Svelte
4
star
16

docs

https://docs.solokeys.dev
4
star
17

solo2-hw-ci

Small python program and scripts designed to run tests on real Solo 2 hardware.
Python
4
star
18

contributors

SoloKeys Contributors
Makefile
3
star
19

solo-station

REPLACED BY `solo-webupdate` REPOSITORY
JavaScript
3
star
20

apdu-dispatch

Rust
2
star
21

ctaphid-dispatch

Rust
1
star
22

admin-app

Rust
1
star
23

ctap-types

Rust
1
star