Skip to content

Commit 3813e9c

Browse files
committed
Extend docs
1 parent 27aca26 commit 3813e9c

15 files changed

+148
-32
lines changed

docs/3-dev-setup.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# JavaCard Development Setup
22

3-
If you want to compile applets from source, you need to install a few requirements. These instructions are for Linux, but it should work on Windows as well (using Docker, see below).
3+
If you want to compile applets from source, you need to install a few requirements. These instructions are for Linux, but it should work on Windows as well (using Docker or maybe WSL, see below).
44

55
## Local Development
66

@@ -74,7 +74,7 @@ opensc-tool -r 'Virtual PCD 00 00' -s '80 b8 00 00 KK PP QQ QQ QQ ... 00 [RR S
7474

7575
Replace `KK` with the amount of bytes after `KK`. Replace `PP` with the amount of `QQ` bytes. Replace `QQ QQ QQ ...` with the AID of the applet. If you want to pass initialization parameters, replace `RR` with the amount of `SS` bytes, and `SS SS SS ...` with the initialization data. Do not actually write the `[ ]` brackets, these just mean that the initialization section is optional. Example: `80 b8 00 00 0A 07 a0 00 00 05 27 20 01 00 FF`.
7676

77-
make sure the command was successful by watching for `Received (SW1=0x90, SW2=0x00)`.
77+
Make sure the command was successful by watching for `Received (SW1=0x90, SW2=0x00)`.
7878

7979
### Using the Emulated Applet
8080

docs/applets/1-pgp.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ For more options, see the SmartPGP README file.
3333

3434
## Installing the Applet
3535

36-
To install the applet to your card, you have to first construct a valid AID (refer to section 4.2.1 of the OpenPGP card specification, linked below). Every AID starts with `D2 76 00 01 24 01`, which is the unique identifier of the FSFE joined with the application identifier `01`. Next comes the OpenPGP version, which is `03 04` (3.4) for this applet. The next two bytes are a manufacturer id, which should be registered with the FSF Europe e.V. , however you can just put whatever you like - I use `C0 FE`. The next four bytes specify the card serial number (e.g. `00 00 00 01`), and the last two bytes are reserved for future use and alway zero.
36+
To install the applet to your card, you have to first construct a valid AID (refer to section 4.2.1 of the OpenPGP card specification, linked below). Every AID starts with `D2 76 00 01 24 01`, which is the unique identifier of the FSFE, joined with the application identifier `01`. Next comes the OpenPGP version, which is `03 04` (3.4) for this applet. The next two bytes are a manufacturer id, which should be registered with the FSF Europe e.V. , however you can just put whatever you like - I use `C0 FE`. The next four bytes specify the card serial number (e.g. `00 00 00 01`), and the last two bytes are reserved for future use and are always zero.
3737

3838
The complete AID should look like this: `D2 76 00 01 24 01 03 04 C0 FE 00 00 00 01 00 00`.
3939

docs/applets/3-hmac-sha1.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
HMAC-SHA1 challenge-response provides a mechanism for two systems to ensure bilateral knowledge of a secret, without disclosing or transmitting the secret.
44

5-
This applets is compatible to the Yubikey-style protocol, used in e.g. KeepassXC.
5+
This applet is compatible to the Yubikey-style protocol, supported by e.g. KeePassXC.
66

77
## Applet Information
88

@@ -42,7 +42,7 @@ PKG: A00000052720 (LOADED)
4242

4343
This applet behaves the same way as the challenge-response functionality on a Yubikey. However, it cannot be initialized using the Yubikey Personalization GUI tools, because these require a USB connection. Instead, various other tools can be used.
4444

45-
First of all, make sure no YubiKey is connected to your PC, or it might be overwritten if you are not careful.
45+
First of all, make sure no YubiKeys are connected to your PC, or it might be overwritten if you are not careful.
4646

4747
Second, make sure to keep a backup of your secret key somewhere.
4848

@@ -80,7 +80,7 @@ If everything is encoded correctly, the commands should give the same response.
8080

8181
### Usage with KeePassXC
8282

83-
Thanks to a patch by me (https://github.com/keepassxreboot/keepassxc/pull/6895, https://github.com/keepassxreboot/keepassxc/pull/6766) KeePassXC is able to interface with this applet and Yubikeys via NFC using any compatible reader. This work on Windows, Linux and Mac.
83+
Thanks to a PR by me (https://github.com/keepassxreboot/keepassxc/pull/6895, https://github.com/keepassxreboot/keepassxc/pull/6766) KeePassXC is able to interface with this applet and Yubikeys via NFC using any compatible reader. This work on Windows, Linux and Mac.
8484

8585
To add a Yubikey as protection to your Database, refer to the KeePassXC documentation (or just look at the UI).
8686

docs/applets/4-ndef.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@ Use git to clone the sources, and change into the directory. To compile, run `an
1717

1818
The build definition produces various versions of the applet, the most interesting ones are `full`, which is a read-write enabled version, and `tiny`, which is a read-only version with static data.
1919

20-
2120
## Installing the Applet
2221

2322
To install the applet to your card, you have to pass along some configuration data.
@@ -30,7 +29,7 @@ To install the `full` variant with 2KB re-writeable storage:
3029
gp -install openjavacard-ndef-full.cap -create D2760000850101 -params 8102000082020800
3130
```
3231

33-
The TLV configuration format is not trivial, for the specification see the openjavacard-ndef documentation at https://github.com/OpenJavaCard/openjavacard-ndef/blob/master/doc/install.md .
32+
The TLV configuration format has a few options, for the specification see the openjavacard-ndef documentation at https://github.com/OpenJavaCard/openjavacard-ndef/blob/master/doc/install.md .
3433

3534
To install the `tiny` variant with the static URL "https://chrz.de":
3635

docs/applets/5-fido.md

Lines changed: 104 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,25 @@
11
# Universal Two-Factor Authentication using FIDO
22

3-
FIDO U2F is a standard for two-factor authentication. It is extended and superseded by FIDO2, but still widely used.
3+
**FIDO** (Fast IDentity Online) **U2F** (Universal 2nd Factor) is a standard for two-factor authentication. It is extended and superseded by FIDO2, but still widely used.
44

5-
FIDO2 CTAP2 is an extension and improvement over FIDO U2F, and remains backwards-compatible to U2F.
5+
The applet requires an attestation certificate. This certificate can be a default one, or generated by you, or an official one signed by a company like Vivokey or Yubico. You don't want to generate a unique certificate for each token, because that would make the tokens uniquely identifiable, leading to privacy concerns.
66

7-
The FIDO2 applet is still in development, and not completely finished. You can test the beta code, but keep in mind that some features do not work yet, e.g. Windows Hello. In addition, only the FIDO U2F applet has been certified to be standards compliant as of now.
7+
The attestation certificate is used to sign certificates for transport when you register with a service. The token manufacturer (e.g. Vivokey) can also use this certificate (which they sign using their certificate authority) to validate the authenticity and model of the token and applet.
8+
9+
**FIDO2 CTAP2** (Client to Authenticator Protocol) is an extension and improvement over FIDO U2F, and remains backwards-compatible to U2F.
10+
11+
The FIDO2 applet is still in development, and not completely finished. For example, Windows Hello is not supported yet. The attestation certificate loading procedure is not yet properly documented, and neither is the generation of such a certificate. Stay tuned.
812

913
## Applet Information
1014

11-
### FIDO U2F
15+
### FIDO U2F (recommended)
1216

1317
- Repository: https://github.com/darconeous/u2f-javacard
1418
- Binary name: `U2FApplet.cap`
1519
- Download: https://github.com/StarGate01/flexsecure-applets/releases
1620
- AID: `A0:00:00:06:47:2F:00:01`, Package: `a0:00:00:06:17:00:4f:97:a2:e9:50:01`
1721

18-
### FIDO2 CTAP2
22+
### FIDO2 CTAP2 (in development)
1923

2024
- Repository: https://github.com/VivoKey/vk-u2f (forked from u2f-javacard)
2125
- Binary name: `CTAP2.cap`
@@ -32,15 +36,99 @@ Use git to clone the sources recursively, and change into the directory. To comp
3236

3337
You can not use the U2F applet at the same time as the FIDO2 one because they use the same AID.
3438

35-
Use GlobalPlatformPro (GPP) from https://github.com/martinpaljak/GlobalPlatformPro/releases to install the applet:
39+
Loading the attestation certificate requires manual steps as of now, but Vivokey and I are planning to release tools for U2F and FIDO2 attestation certificate loading sometime in the future.
40+
41+
### Default Attestation Certificate
42+
43+
You can use the default example U2F attestation certificate, which I have extracted from https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#examples and converted to the OpenSSL x509 / ECC PEM format. Note that it is no longer valid according to its date, but it still works. Then again, it was never signed by any company, so it was never seen as valid in the first place.
44+
45+
`attestation.pem`:
46+
```
47+
-----BEGIN CERTIFICATE-----
48+
MIIBPDCB5KADAgECAgpHkBKAABFVlXNSMAoGCCqGSM49BAMCMBcxFTATBgNVBAMT
49+
DEdudWJieSBQaWxvdDAeFw0xMjA4MTQxODI5MzJaFw0xMzA4MTQxODI5MzJaMDEx
50+
LzAtBgNVBAMTJlBpbG90R251YmJ5LTAuNC4xLTQ3OTAxMjgwMDAxMTU1OTU3MzUy
51+
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEjWF+ZclQjmS8xWc6yCpnmdo8FEZo
52+
LCWMRj//31jf0vo+bDeLU9eVxKTf+0GZ7deGLyOrrwIDtLiRG6BWmZThATAKBggq
53+
hkjOPQQDAgNHADBEAiBgzbYGHpwiJi0arB2W2McIKbI2ZTHdomiDLLg2vNMN+gIg
54+
YxsUWfCeYzAFVyLI2Jt/SIg7kIm4jWDR2XlZArMEEN8=
55+
-----END CERTIFICATE-----
56+
```
57+
58+
`attestation_key.pem`:
59+
```
60+
-----BEGIN PRIVATE KEY-----
61+
MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDz/MwNANgDGVT5CGTU
62+
PCR/S/XwZlxrUMwXdJon0c92ZA==
63+
-----END PRIVATE KEY-----
64+
```
65+
66+
This is the one used in the installation instructions below.
67+
68+
### Generate Attestation Certificate
69+
70+
You can also generate your own attestation certificate. Install `openssl` and `xxd` (or any binary hex viewer).
71+
72+
Create a file `attestation.config`, you can add more information if you want to:
73+
74+
```
75+
[req]
76+
distinguished_name = req_dn
77+
attributes = req_att
78+
x509_extensions = req_ext
79+
req_extensions = req_ext
80+
prompt = no
81+
82+
[req_dn]
83+
CN=FlexSecure U2F Token
84+
85+
[req_att]
86+
87+
[req_ext]
88+
basicConstraints = critical,CA:FALSE
89+
1.3.6.1.4.1.45724.2.1.1 = ASN1:FORMAT:BITLIST,BITSTRING:3
90+
```
91+
92+
The x509 `1.3.6.1.4.1.45724.2.1.1` extension limits this token to the NFC transport type (`3`).
3693

37-
Using the default example FIDO attestation certificate:
94+
Next, generate the private key (`attestation_key.pem`) and certificate signing request (`attestation.csr`):
95+
96+
```
97+
openssl ecparam -genkey -noout -name prime256v1 -out attestation_key.pem
98+
99+
openssl req -config attestation.config -new -sha256 -key attestation_key.pem -out attestation.csr
100+
```
101+
102+
Then, self-sign it (e.g. for 10 years) to generate the final certificate (`attestation.pem`):
103+
104+
```
105+
openssl req -x509 -config attestation.config -extensions req_ext -sha256 -key attestation_key.pem -in attestation.csr -out attestation.pem -days 3650
106+
```
107+
108+
Creating and signing using a proper certificate authority is out of scope for this document.
109+
110+
Next, extract the private key (32 bytes), look for `priv`:
111+
112+
```
113+
openssl ec -in attestation_key.pem -text -noout
114+
```
115+
116+
The bytes for the certificate are just the verbatim DER encoding:
117+
118+
```
119+
openssl x509 -outform der -in attestation.pem -out attestation.der
120+
121+
xxd -c 128 -p attestation.der
122+
wc -c < attestation.der
123+
```
124+
125+
Use GlobalPlatformPro (GPP) from https://github.com/martinpaljak/GlobalPlatformPro/releases to install the applet:
38126

39127
```
40128
gp -install U2FApplet.cap --create A0000006472F0001 --params 000140f3fccc0d00d8031954f90864d43c247f4bf5f0665c6b50cc17749a27d1cf7664
41129
```
42130

43-
You have to pass a few parameters for the installer, e.g. the private key of the attestation certificate. See https://github.com/darconeous/u2f-javacard/blob/master/README.md and for more details.
131+
The parameter data is `00`, the length of the public attestation certificate (hex `0140`), and the private key (32 bytes). See https://github.com/darconeous/u2f-javacard/blob/master/README.md for more info.
44132

45133
Listing the applets using `gp --list` should print something like this:
46134

@@ -55,25 +143,21 @@ PKG: A000000617004F97A2E95001 (LOADED)
55143
Applet: A000000617004F97A2E94901
56144
```
57145

58-
Next, you have to load the attestation certificate by sending a few APDUs:
146+
Next, you have to load the public attestation certificate by sending a few chained APDUs. The DER encoded public certificate has to be chopped into `128` byte chunks, which are sent attached to a small header. The header is `80 01 HHLL KK`, with `HHLL` being a 16 bit integer offset of that chunk, and `KK` being the chunk length (hex `80`, usually smaller for the last chunk). Before sending the certificate, a small preamble command is required.
59147

60148
```
61-
gp -d -v \
62-
-a "00 A4 04 00 08 A0 00 00 06 47 2F 00 01" \
63-
-a "80 01 00 00 80 30 82 01 3c 30 81 e4 a0 03 02 01 02 02 0a 47 90 12 80 00 11 55 95 73 52 30 0a 06 08 2a 86 48 ce 3d 04 03 02 30 17 31 15 30 13 06 03 55 04 03 13 0c 47 6e 75 62 62 79 20 50 69 6c 6f 74 30 1e 17 0d 31 32 30 38 31 34 31 38 32 39 33 32 5a 17 0d 31 33 30 38 31 34 31 38 32 39 33 32 5a 30 31 31 2f 30 2d 06 03 55 04 03 13 26 50 69 6c 6f 74 47 6e 75 62 62 79 2d 30 2e 34 2e 31 2d 34 37 39 30" \
64-
-a "80 01 00 80 80 31 32 38 30 30 30 31 31 35 35 39 35 37 33 35 32 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00 04 8d 61 7e 65 c9 50 8e 64 bc c5 67 3a c8 2a 67 99 da 3c 14 46 68 2c 25 8c 46 3f ff df 58 df d2 fa 3e 6c 37 8b 53 d7 95 c4 a4 df fb 41 99 ed d7 86 2f 23 ab af 02 03 b4 b8 91 1b a0 56 99 94 e1 01 30 0a 06 08 2a 86 48 ce 3d 04 03 02 03 47 00 30 44 02 20 60 cd" \
65-
-a "80 01 01 00 40 b6 06 1e 9c 22 26 2d 1a ac 1d 96 d8 c7 08 29 b2 36 65 31 dd a2 68 83 2c b8 36 bc d3 0d fa 02 20 63 1b 14 59 f0 9e 63 30 05 57 22 c8 d8 9b 7f 48 88 3b 90 89 b8 8d 60 d1 d9 79 59 02 b3 04 10 df"
149+
gp -d -v -a "00 A4 04 00 08 A0 00 00 06 47 2F 00 01" -a "80 01 0000 80 3082013c3081e4a003020102020a47901280001155957352300a06082a8648ce3d0403023017311530130603550403130c476e756262792050696c6f74301e170d3132303831343138323933325a170d3133303831343138323933325a3031312f302d0603550403132650696c6f74476e756262792d302e342e312d34373930" -a "80 01 0080 80 313238303030313135353935373335323059301306072a8648ce3d020106082a8648ce3d030107034200048d617e65c9508e64bcc5673ac82a6799da3c1446682c258c463fffdf58dfd2fa3e6c378b53d795c4a4dffb4199edd7862f23abaf0203b4b8911ba0569994e101300a06082a8648ce3d0403020347003044022060cd" -a "80 01 0100 40 b6061e9c22262d1aac1d96d8c70829b2366531dda268832cb836bcd30dfa0220631b1459f09e6330055722c8d89b7f48883b9089b88d60d1d9795902b30410df"
66150
```
67151

68-
In the future, Vivokey or I will provide a nice tool to generate and load attestation certificates.
152+
See also https://gist.github.com/darconeous/adb1b2c4b15d3d8fbc72a5097270cdaf for more info on these APDUs.
69153

70154
## Using the Applet
71155

72-
Using the applet requires a modern browser with support for FIDO. NFC tokens don't work on Linux (yet, see https://twitter.com/FIDOAlliance/status/1278331283874156544).
156+
Using the applet in the web requires a modern browser with support for FIDO. NFC tokens don't work on Linux (yet, see https://twitter.com/FIDOAlliance/status/1278331283874156544).
73157

74158
You can use the *Yubikey WebAuthn test page* at https://demo.yubico.com/webauthn-technical/registration to test your token.
75159

76-
On Android, you can use the *FIDO / Webauthn Example* App at https://play.google.com/store/apps/details?id=de.cotech.hw.fido.example for testing.
160+
On Android, you can use the *FIDO / Webauthn Example* App at https://play.google.com/store/apps/details?id=de.cotech.hw.fido.example for testing (Use the U2F tab).
77161

78162
## Sources and Further Reading
79163

@@ -88,5 +172,8 @@ On Android, you can use the *FIDO / Webauthn Example* App at https://play.google
88172
- https://research.kudelskisecurity.com/2020/02/12/fido2-deep-dive-attestations-trust-model-and-security/
89173
- https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-client-to-authenticator-protocol-v2.0-rd-20180702.html
90174
- https://play.google.com/store/apps/details?id=de.cotech.hw.fido.example
175+
- https://research.kudelskisecurity.com/2020/02/12/fido2-deep-dive-attestations-trust-model-and-security/
176+
- https://developers.yubico.com/U2F/Attestation_and_Metadata/
177+
- https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-authenticator-transports-extension-v1.2-ps-20170411.html#fido-u2f-certificate-extensions
91178

92179
Improve this document: https://github.com/StarGate01/flexsecure-applets/tree/master/docs

scripts/clean-all.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
#!/bin/bash
1+
#!/usr/bin/env bash
22

33
cd "${0%/*}"
44

scripts/compile-all.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
#!/bin/bash
1+
#!/usr/bin/env bash
22

33
cd "${0%/*}"
44

scripts/test-all.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
#!/bin/bash
1+
#!/usr/bin/env bash
22

33
cd "${0%/*}"
44

scripts/test/res/SmartPGP.generate.ECC.expect

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
#!/usr/bin/expect -f
1+
#!/usr/bin/env expect -f
22

33
set curve [lindex $argv 0];
44

scripts/test/res/SmartPGP.generate.RSA.expect

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
#!/usr/bin/expect -f
1+
#!/usr/bin/env expect -f
22

33
set size [lindex $argv 0];
44

0 commit comments

Comments
 (0)