Ledger Nano PIV Application

This is a Ledger Hackathon project targeted on building a PIV compatible Ledger Nano X/S+ application.

The focus of this application is to be compatible with AGE Yubikey plugin.

During the Hackathon we made some choices:

The application is stateless. Retired slots value are derived from the seed.
No PIN or PUK as the Ledger Nano operating system already prompt a PIN.

Building

If you have never used Rust on your machine, you might start by installing rustup.

This application requires Rust Nightly and some C headers,

rustup default nightly
rustup component add rust-src

# On Ubuntu
sudo apt install clang gcc-arm-none-eabi gcc-multilib

# On Fedora
sudo dnf install clang arm-none-eabi-gcc arm-none-eabi-newlib

# On ArchLinux
sudo pacman -S clang arm-none-eabi-gcc arm-none-eabi-newlib

Then you should be able to build this application using cargo-ledger,

cargo install --git https://github.com/LedgerHQ/cargo-ledger
cd /path/to/ledger-nano-piv/
cargo ledger

Loading

cargo-ledger is able to generate a hex file and a manifest for ledgerctl. To directly load the application on the connected device, you may run:

cargo ledger load

Usage

Please look at USAGE.md for instructions on how to use Ledger Nano PIV with multiple applications on different operating systems.

Testing

One can for example use speculos.

In a first console:

cargo run

In a second one:

pytest test/ -v -s

References

JavaCard PIV Applet under Mozilla Public License 2.0: https://github.com/arekinath/PivApplet
https://csrc.nist.gov/publications/detail/sp/800-73/4/final
https://developers.yubico.com/PIV/Introduction/Yubico_extensions.html
https://developers.yubico.com/PIV/Guides/SSH_with_PIV_and_PKCS11.html

Yet another gem miner

Rusty Pickaxe Multithreaded CPU miner for Provably Rare Gems, written in Rust. There is also closed-source GPU version, waiting to be released. Config

7 Aug 11, 2022

Bijou is a tiny yet fast encrypted file system.

Bijou ✨💎✨ Bijou (['bi:ʒu], French for "jewel") is a tiny yet fast encrypted filesystem, built upon RocksDB. Bijou provides a FUSE interface, as well

5 Sep 27, 2023

A Rust port of the password primitives used in Django Project.

Rust DjangoHashers A Rust port of the password primitives used in Django Project. Django's django.contrib.auth.models.User class has a few methods to

52 Nov 17, 2022

Temporary edit external crates that your project depends on

rhack You want to quickly put a sneaky macro kind of like dbg! into external crates to find out how some internal data structure works? If so rhack is

119 Nov 3, 2022

Source project for the Internet Computer software

The Internet Computer is the world’s first blockchain that runs at web speed and can increase its capacity without bound. Like the Internet (which is composed of many machines adhering to TCP/IP protocol) and blockchain protocols (such as Bitcoin and Ethereum).

1.2k Jan 1, 2023

Comments

USB-CCID is not recognized by pkcs11-tool

This may be a bug in the SDK. We need to do more USB traffic analysis to understand what is going on. There are also some kernel warnings during USB enumeration.

opened by aiooss-ledger 1
Application crash on Ledger Nano S+

Application is working inside speculos, but when running on a real device it freezes to a black screen.

Bisecting commits shows that this regression was introduced in https://github.com/aiooss-ledger/ledger-nano-piv/commit/91b21cc3e3d825ca7c6df0572f8805ff616667bf. I suspect a out of memory due to the lack of compiler optimization.

opened by aiooss-ledger 1