trustcrypto / onlykey-firmware Goto Github PK

Some 2FA solutions prefer a character between the username and password. It would be nice if we could customize this so that instead of tab or return, we were also presented with the option to send a string before 2FA.

With the new firmware, Teensy (OS X) is saying the file is too large. I downloaded on both Safari and Chrome, got same SHA 256 sum (5b311d84354152d22c114c9b405a23be4bc95cf7d5ea9445ba5ae5b9265d0e2d). Sum does not match guide but most likely because creators did not update guide with new sums after uploading new firmware. See attached picture. Note: I renamed the firmware file so that you could see the "(too large)" part.

Anyone else having this problem?

can't write over flash that has already been written to. Need to copy data to RAM, wipe flash sector, then write data.

After setting a slot and opening notepad to confirm correct output. Press the slot button, LED turns off for a few seconds and nothing outputs. Confirmed with multiple slots, same result. Attached serial monitor output and chrome app output

nooutputchromelog.docx
nooutputserialmonitor.txt

1. Set Label on slot 1a &1b

2. Set label on slot 6a

3. Notice that the label on slot 1b is now empty

overwritinglabelserialmonitor.txt

overwritinglabelappconsole.log.zip

Add check so Lock Pin and SD Pin can't be the same. Also PD pin would need this check as well.

Use
if (!uECC_sign_deterministic((uint8_t *)attestation_key, sha256_hash, 32, &ctx.uECC, signature, curve))
instead of
uECC_sign

https://github.com/kmackay/micro-ecc/blob/master/test/test_ecdsa_deterministic.c.example

Need a SHA2 library that supports this or modify Brad Conte's Library https://github.com/B-Con/crypto-algorithms

Setting Slot, only set password field to "pass", output includes additional number "pass6508"

Serial Monitor

Chrome App Log

We can support https://www.myetherwallet.com/ just like Ledger does this in the web browser just needs to be implemented.

@jaroszke I think you said this was an issue

If I setup an OnlyKey slot to:

[x] Label: something
[x] Password: 12345 / 12345
( ) Tab ( ) Return

I expect that only the password ("12345") will be sent by the OnlyKey. Instead, Return is appended to it. That makes it difficult to use two-factor passwords where one part of the password is a fixed password I type and the other part is a random-looking string stored in OnlyKey - this scenario is only feasible if I setup the two parts in order of known-owned, and only if I can always use the same terminating character on all systems (which is not always the case). It should definitely be possible to select "None" as a terminating character.

@jaroszke

Seems this is planned, but I thought I'd create an issue for discussions and people to express support.

Questions:

• AFAIK the defacto (official?) standard for OpenPGP Smartcard support is g10 Code GmbH's OpenPGP Card Specification (which GnuPG supports). Is the plan for OnlyKey to support implement that standard?
• The OnlyKey-Features wiki page mentions that you're looking for a good PGP C/C++ library. Was the actual GnuPG source and the GPGME library ruled out because it's too big?

Some Relevant References:

• GnuPG's Wiki on Smartcards
• g10 Code GmbH's OpenPGP Card Specification
• Yubikey's PGP Docs (see "Configure the PGP features of a YubiKey")
• OpenPGP Card Wikipedia Entry

When the Chrome app sends OKWIPESLOT, slot data still seems to be set. Pressing a "wiped" slot button continues to output usernames and passwords.

Serial Monitor shows:
Received packetFFFFFFFFE710000000000000000000000000000000000000000000000000000000000OKWIPESLOT MESSAGE RECEIVED:67
Wiping Slot #1
Value #0
000000000000000000000000000000000000000000000000000000000Overwriting slot with 0s

If I submit 9 or 10 characters for a label in the app, the firmware consistently sets only 8 chars.

To reproduce on a legacy (single color LED OnlyKey):

1. Initialize 1st OK with PIN (seven 1's), Self-destruct PIN (seven 2's) and PD PIN (seven 3's)
2. Save your sample PGP key (passcode 'test') as 1024-pin, slot 3, and check all options
3. Set slot 1a data (label = myslot#1, url = myurl1.com, username = myusername#1, etc)
4. Set slot 4b data (label = myslot#4b, url = myurl4b.com, username = myusername#4b)
5. Save backup file per instructions on tab
6. Initialize 2nd OK with PIN (seven 1's)
7. Save your sample PGP key (passcode 'test') as 1024-pin, slot 3, and check all options
8. Remove and reinsert 2nd OK and unlock with PIN
9. Press and hold button 6 for five seconds, then unlock with PIN to enter config mode
10. Perform restore, per instructions

RESULT: slot 1a data is correct. slot 4b label is correct, but none of the other fields are output when pressing the button.

After calling OKGETLABELS, slot 1a is consistently returned without the required pipe separator (|). This causes issues when displaying labels in the Chrome app. If slot 1a's label is not set, all other labels are "shifted" up by 1 slot.

Unlock Pin & PD not unlocking OK, only SD work.txt

Configured slot 5a with Username and Pass, when pressed doesn't output, serial monitor output below

Slot Number 6

Displaying Full Keybuffer

esttest1

A nice feature to have would be to be able to turn off features like:

Backup - By disabling backup the device is more secure as there is no way to get data off of a device with backup disabled. Tradeoff is that there is also no way to backup a device.

OnlyKey Web Access - While being able to decrypt / encrypt using a web browser is a highly desired feature for some users, others may rather disable this to only use OnlyKey offline.

U2F - Same as above, U2F communicates via browser.

Yubikey OTPs seem to work fine, except that a public identity is always output. That is not required with the real Yubikey, where the public identity is only optional. OnlyKey doesn't request it when setting up the OTP, but it will still output some public identity when asked to generate an OTP. IMHO, if the Public Identity field is left empty, OnlyKey should take it as a signal that it should ouput only the OTPs without any public identity.

As far as I can tell, OnlyKey only supports one Yubikey OTP. Is that so? Since I have multiple Yubikeys, I hoped to replce them all with a single OnlyKey.

Technically, OnlyKey shouldn't have any trouble with multiple Yubikey OTPs, the only real limitation I can see is that the UI for setting up OnlyKeys just doesn't handle the situation. Or is there a technical reason why only a single Yubikey OTP is supported?

We can support https://web.telegram.org, this needs to be implemented in a fork of -
https://github.com/zhukov/webogram

Versions:
Arduino: 1.6.12
TeensyDuino: 1.31

Error in file: usb_keyboard.c with
usb_keyboard.c: In function 'deadkey_to_keycode':
usb_keyboard.c:279: warning: control reaches end of non-void function
}
^
expected identifier or '(' before numeric constant

The fix for above error is to move
return 0;
from line 277 to after the } on 278

Additional errors with
keylayouts.h:43:0: warning: "LAYOUT_US_ENGLISH" redefined [enabled by default]

What is the correct procedure for compiling or is there a compile procedure that does not require the Arduino IDE?

email addresses including @example.com increase the username length

Made a change hopefully that will fix intermittent issue with yubikey otp counter need to test that counter works greater than 255

onlykey-backup-1487211569934.txt

Load the backup above:
After restore

1. Unlock OK 7 x 1 is the pin
2. Open notepad and press slot 1a, note the output.
3. In the app under Add YubiKey Security Info, select wipe from OnlyKey.
4. Press 1a, notice OK output and locks up.

Happens on both OK and OK Color

U2F relies on a counter that is supposed to help prevent token cloning. It doesnt really do this and the counter is pretty useless as other devices such as Trezor just increment the counter to the current epoch time (4 byte value) during a restore. This way counter is always ahead and Backup and restore of U2F works. Implementing similar feature would allow backup and restore of U2F on OnlyKey.

Sometimes the ciphertext for a given plaintext is the same. Need to adjust IV input. Will fix post beta. Minor issue considering if an attacker has defeated flash security to access ciphertext stored they would also have access to pinhash which would be a bigger problem.

password output compounded with old username,
I set a username in each slot, then reset username with a password. The output of the new username works but the password compounds the old username to it.

https://lh6.googleusercontent.com/rb-EQzrUidrkI3PcUc1V0zpCHq1HGhfhAAzTh0-Hclie5yPyx7w0sWJkK1o1GcVRzrpAKgFKth1c7VD5OSbNwFSz2kvfTZHrBUUKBpfpBNMddLg855Njb1YxO905O6Yi63Y

Accept user value for timeout to Lock OK.

A nice option would be to have a separate PIN for config mode. By requiring separate PIN for config mode a user can choose to only enter their config mode PIN in secret thereby decreasing the chance someone will see them enter their PIN.

Steps to reproduce:

1. Set PINs
2. Configure a slot for example with a username= 'test' and set a delay of '2', then set a Google Auth = '6eehbbzafppudotowgnfagakovdecdmu'
3. Click Submit
4. Open text editor, press button of configured slot and notice output of google auth code does not match correct code. Use '6eehbbzafppudotowgnfagakovdecdmu' in http://blog.tinisles.com/2011/10/google-authenticator-one-time-password-algorithm-in-javascript/

After wiping a slot, serial monitor output shows:

Wiping Slot #5
Value #0
000000000000000000000000000000000000000000000000000000000Overwriting slot with 0s
Wiping Label Value...
Wiping Username Value...
Wiping Additional Character1 Value...
Writing Delay1 to EEPROM...
Wiping Password Value...
Wiping Additional Character2 Value...
Wiping Delay2 Value...
Wiping 2FA Type Value...
Writing TOTP Key to EEPROM...Data to write = 0
Writing to Sector 0x20324, value 0x0 Data to write = 0
Writing to Sector 0x20324, value 0x0 Data to write = 0
Writing to Sector 0x20324, value 0x0 Data to write = 0
Writing to Sector 0x20324, value 0x0 Data to write = 0
Writing to Sector 0x20324, value 0x0 
Wiping onlykey AES Key, Priviate ID, and Public ID...

Then, after pressing the wiped slot's key, the OnlyKey LED shuts off and it stops responding to key presses (or any programming) until being removed and reinserted. The last serial monitor entry shows:

Displaying Full Keybuffer
�a��r!����-hHcG�*������xD8������a=�0l"F%�R���z:�a���ABY=�6L���

UPDATE:
After a factory reset, I set slot 1a's label and username. The OnlyKey output correctly when tapping button 1a. Then, I wiped slot 1a. The OKWIPESLOT output looked fine (like pasted above). After pressing the key 1a, the same device freeze happened as above, but the serial monitor output showed the following:

Slot Number 1
Reading Username from EEPROM...
Username Length = 32
Encrypted
00000000000000000000000000000000
 0x20004
 0x41 0x67 0x76 0x59 0x20004
 0x47 0xC2 0x5A 0xC1 0x20004
 0x39 0x59 0xE5 0x76Unencrypted
C2F66B1C343ECCBB4E10FC4339C7DC1E0D11184E33D5F2E44E41A738E4B999F
Reading Password from EEPROM...
Password Length = 32
Encrypted
00000000000000000000000000000000
 0x20004
 0x41 0x67 0x76 0x59 0x20004
 0x47 0xC2 0x5A 0xC1 0x20004
 0x39 0x59 0xE5 0x76Unencrypted
C2F66B1C343ECCBB4E10FC4339C7DC1E0D11184E33D5F2E44E41A738E4B999F
Displaying Full Keybuffer
��k�4>̻N��C��}������=_.D��s�K����k�4>̻N��C��}������=_.D��s�K��

Backup file attached, after restore try to set a slot with google auth using gmail.
Secret key
qpnr ya6x lit7 f2dd ybkj k6qs osb7 5sbw

onlykey-backup-1487211569934.txt

I've had to lower my OnlyKey typing speed (it's 8 now), but it is still occasionally skipping keys.

With textpad open on my El Capitan Macbook Pro, I reliably get skips at typing speed 10, but with speed 9 they are much less pronounced.

With speed 10, the errors seem to approach 90% in a sample of 10, while with speed 9, I had to run it nearly 20 times before I got an error. Since I can type almost as quickly on my keyboard and not receive skipped keys, OS latency seems unlikely to be the culprit. I have a second OnlyKey that I will test with and update this issue.

Test Username:
12345678901234567890123456
Test Password:
abcdefghijklmnopqrstuvwxyz

Typing Speed 10
---------------
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
123456780123567890123456
abcdefhijklmnopqrstuvwxyz
123567801234567890123456
abcdefghijkmnoprstuvwxyz
123456789013456890123456
acdefghijklmnopqrstuwxyz
1345678901234567890123456
abcdefghijklmnopqrstuvwxyz
1345678901234567890123456
abcdefghiklmnpqrsuvwxz1345678901234567890123456
abcdfghijklmnopqrstuvwxyz
12346789123567890123456
abdefgijklnopqrstuvxyz
123567890123456780123456abcdefghijkmnopqrstuwxyz
12345678901234567890123456
acdefhijklmnopqrstuvwxyz

Typing Speed 9
--------------
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
1234567890123567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz
12345678901234567890123456
abcdefghijklmnopqrstuvwxyz

serialmonitortest1validerror.txt

Hi Team,

My Yubikey has been setup twice, however I have the same problem.
I can see the new public key, registered and checked with the original Yubikey, it validates successfully.

I have programmed the OnlyKey, the public part of the key is correct, however, when I generate code, it unsuccessfully validates.

Can you please provide any advice?

Thank you

After setting a slot and opening notepad to confirm correct output. Press the slot button, LED turns off for a few seconds and nothing outputs. Confirmed with multiple slots, same result. Attached serial monitor output and chrome app output

nooutputserialmonitor.txt
nooutputchromelog.docx

Steps to reproduce:
US version

1. Set all Pins
2. Set label on slot 6b
3. Set username
4. Submit
5. Use slot 6b in text editor
   notice no output displayed in text editor

slot6bnotholdingvalues-serial.txt

We have experimental support for these here -

https://github.com/trustcrypto/Android-U2F
https://github.com/trustcrypto/Android-Google-Auth

randomslotlabelgetswiped-app.txt

After setting all slots, one label will get wiped and then resetting that label causes another label to get wiped.

anotherlabelgets wiped.txt

In your installation instructions you have ambiguities:

To load the US version you will use the OnlyKey_Alpha_US.cpp.hex firmware included in the zip file (OnlyKey-Firmware-master/OnlyKey_Beta_US/OnlyKey_Beta_US.cpp.hex).

There is no Alpha version but as expected there is a Beta version.

You then ask users to ensure they check the SHA256 hash of the firmware against two entries that are listed as:

OnlyKey_Alpha_US.cpp.hex - f1390f31fe426efc8979d5b8c59391957582de94d81ff5abfaab89bdc3710103
OnlyKey_Alpha_IN.cpp.hex - 54746d8c26a3e87e16139aed2889905f3f4b7269d866e2fefd79c2bb02ee12e5

I can only assume this has not been updated as they are obviously Alpha versions not Beta versions, and indeed the hash entries do not appear to match.

after self destruct the message initialized displays, requires power off on to setup.

OKSETTIME MESSAGE RECEIVED
UNINITIALIZEDINITIALIZED
INITIALIZED
INITIALIZED
INITIALIZED

Test this to see if this it is an app or firmware issue

https://demo.yubico.com/u2f?tab=login
https://noext-dot-u2fdemo.appspot.com/