Skip to content

vicksters/ykneo-openpgp

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

67 Commits
applet/src/openpgpcard
applet/src/openpgpcard
 
 
test
test
 
 
util
util
 
 
.gitignore
.gitignore
 
 
BLURB
BLURB
 
 
LICENSE
LICENSE
 
 
NEWS
NEWS
 
 
README
README
 
 
build.xml
build.xml
 
 
do-release.sh
do-release.sh
 
 
gpinstall.txt
gpinstall.txt
 
 

Repository files navigation

YubiKey NEO App: OpenPGP
========================

This project implement the OpenPGP card functionality used on the
YubiKey NEO device that is sold by Yubico.  This project is relatively
unmodified from the upstream project on which this project is based:

  http://sourceforge.net/p/javacardopenpgp/
  Author: Joeri de Ruiter

The initial modifications we have made compared to the upstream
project are minor, but we reserve the right to make other
changes/improvements that are specific to the YubiKey NEO hardware.

License
-------

The upstream project was released under the GPLv2+ and our fork uses
the same license.  All of our changes are released under the same
license.  See the file LICENSE for more information.

Building
--------

There are several ways to build the project:

1) With ant, using JCKit.

2) With Eclipse and eclipse-jcde, using JCKit.

3) Using proprietary NXP Java Card tools.

We usually suggest using Ant.

Installing JCKit
----------------

Install the Java Card Development Kit version 2.2.2, download it from:

  http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-javame-419430.html#java_card_kit-2.2.2-oth-JPR

Unpack it into a new directory called for example "jckit" folder:

  $ mkdir jckit
  $ cd jckit
  $ unzip /path/to/java_card_kit-2_2_2-linux.zip
  $ cd java_card_kit-2_2_2/
  $ unzip java_card_kit-2_2_2-rr-bin-linux-do.zip

Ant
---

The project can now be built by invoking ant, supplying the path to
JCKit.  For example:

  ant -DJAVACARD_HOME=/path/to/jckit/java_card_kit-2_2_2/

The cap file for loading on card will be at:

 ./applet/bin/openpgpcard/javacard/openpgpcard.cap

Eclipe and eclipse-jcde
-----------------------

First install Eclipse following instructions on:

  http://www.eclipse.org/

On Debian/Ubuntu systems Eclipse is packaged and can be installed from
the command line:

  apt-get install eclipse

Start Eclipse once to make sure it creates a $HOME/.eclipse/
directory.  Then quit Eclipse.

Download the eclipse-jcde-0.2.zip file from

  http://eclipse-jcde.sourceforge.net/

and unpack it like this:

  $ cd ~/.eclipse/*/
  $ unzip /path/to/eclipse-jcde-0.2.zip

The path to unpack the file into depends on your Eclipse installation,
on my Debien Wheezy system the directory was called
~/.eclipse/org.eclipse.platform_3.8_155965261/

Start Eclipse again and confirm that you have a new top-level menu
called "Java Card".  Then in Eclipse select the "Preferences" menu
under "Java Card" and point the "Java Card Home" directory to
/path/to/jckit/java_card_kit-2_2_2 replacing /path/to as appropriate.

After that the project can be imported into the workspace.
Right-click in the "Project Explorer" window and select "Import".
Under "General" select "Existing Projects into Workspace".  As the
root directory point the directory holding this file.  You need to
select "Copy projects into workspace".

To build the .cap file, expand and right click on the "openpgpcard"
sub-directory and select "Java Card Tools" and then "Convert".  The
CAP file will be available in your Eclipse workspace as:

  ./applet/bin/openpgpcard/javacard/openpgpcard.cap

Enable CCID mode on the NEO
---------------------------

First make sure the YubiKey NEO is in the HID/CCID or CCID mode, using
ykpers from the YubiKey Personalization tool:

  http://code.google.com/p/yubikey-personalization/
  https://github.com/Yubico/yubikey-personalization

For example:

  sudo ykpersonalize -m82

Eject and re-insert the NEO to restart it in the new USB mode.  You
should then have a USB device like 1050:0111 or 1050:0112.  The
1050:0110 device is HID only.

Installing CAP file to NEO
--------------------------

Then install the gpshell tool from Global Platform:

  http://sourceforge.net/projects/globalplatform/

The projects that are needed is the GlobalPlatform Library 6.0.0,
GPShell 1.4.4, and gppcscconnectionplugin 1.1.0.

You need to whitelist the device in /etc/libccid_Info.plist.

WARNING!  When you load a new CAP file, everything on the device for
that app is erased.  Keep a backup of your OpenPGP keys!

When the CAP file has been built and is available in the path shown
above, you may use the gpshell tool to load it:

  $ gpshell gpinstall.txt

That's it!

About

openpgp app for the YubiKey NEO

opensource.yubico.com/ykneo-openpgp/

Resources

Readme

License

GPL-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

6 tags

Packages

No packages published