LedgerHQ / ledger-javacard

Ledger Unplugged - Java Card implementation of Ledger Bitcoin Hardware Wallet
https://ledger.co
GNU Affero General Public License v3.0
148 stars 61 forks source link
infraprj-4968

Ledger Unplugged - Open Source Java Card applet

Overview

This applet is an implementation of the Ledger Wallet Hardware Wallet specification emulating an NFC Forum Type 4 tag to display the second factor, with specific extensions

It is compatible with the core API with a few limitations if not using a proprietary API to recover public keys - the public key cache needs to be provisioned from the client side.

A demonstration of this application and workaround if no proprietary API is present is provided in the Python API and also in Mycelium

Several other integration examples are provided on Ledger Unplugged product page

Developers can also check if a Java Card platform is supported and its performance with the Eligibility applet

All applet code is provided under the GNU Affero General Public License v3 - for any question or commercial licensing, reach us at hello@ledger.fr

Differences with Ledger Unplugged commercial versions

Ledger Unplugged sold by Ledger on the Fidesmo platform or downloaded on a Fidesmo enabled device includes an NXP implementation of the ProprietaryAPI interface which is only available under NDA, providing better performance regarding the speed of cryptographic operations.

Users are free to switch between the commercial version and their own version compiled from those sources, after deleting it.

The commercial version is also provisioned with an attestation key pair signed by a shared Ledger public key (see below) allowing a third party to check for genuine applications.

Building

Due to heavy optimizations using a C preprocessor, building is currently recommended on a Unix platform or with MinGW on Windows. Pre built files are provided for reference only.

If you don't need to rebuild the preprocessed files, you can use an automated build with Ant. Otherwise, keep reading.

First download a recent Java Card SDK (at least 3.0.1) from Oracle and install it

Then choose a building script - if building for an NFC only platform, build-no-ndef.sh is recommended. If you wish to test the NDEF second factor (typically on a platform supporting both NFC and a different interface), you can use build.sh instead

Then modify the build script to point JCENV to the installation directory, and possibly the applet and ELF AIDs if necessary. For example Fidesmo mandates a specific AID according to your account configuration.

Finally run the build script to generate a loadable .cap file in the build/ directory

Installing

Installing on a generic Java Card platform

Installation can be done using global platform tools such as GlobalPlatformPro or GPShell

Specific optional installation parameters are described in the Java Card application specification

Installing on a Fidesmo device

First you'll need to register a Fidesmo account

Then you can use Fidesmo API to upload the generated CAP file, and create a recipe to install and delete the application

You can use the following samples

For the App Description

{
        "name": "Ledger Unplugged Development",
        "description": {
        "en": "Test Ledger Unplugged application"
        }
}

For a service recipe to install the application (without installation parameters), replacing with your AIDs, provided by Fidesmo

{
    "description": {
    "title": "Install Ledger Unplugged",
    "description": [{
        "lang": "en",
      "value": "Test Ledger Unplugged install"
      }
    ],
  },
    "actions": [
    {
        "endpoint": "/ccm/install",
        "content": {
            "executableLoadFile" : "a0000006170054bf6aa95001",
            "executableModule" : "a0000006170054bf6aa94901",
            "application" : "a0000006170054bf6aa94901"
        }
    }
  ],
  "successMessage": "Application was installed",
  "failureMessage": "Application couldn't be installed"   
}

For a service recipe to delete the application

{
    "description": {
        "title": "Delete Ledger Unplugged",
        "description": [{
            "lang": "en",
            "value": "Delete Test Ledger Unplugged"
        }
    ]
    },
    "actions": [
        {
            "endpoint": "/ccm/delete",
            "content": {
                "application" : "a0000006170054bf6aa95001",
                "withRelated" : true
            }
        }
    ],
    "successMessage": "Application was deleted",
    "failureMessage": "Application couldn't be deleted"
}

Personalizing

Manual personalization

To perform a manual personalization, you'll need at least to :

Personalization through Ledger Wallet Android application

You'll need to rebuild a version of Ledger Wallet application with your specific AID

Using the application

Mycelium

Mycelium supports natively custom built versions of the application - just specify your instance AID in the Settings menu on the Ledger options group.

Ledger public key

Each unique attestation public key is signed by the following Ledger public key on SECp256k1 for official applications

045f68bcd470ba883aa646d90fd8cfee7ac3208e3a1e926bd6895eba5ae22bcd96ddeba7dfe25c7cec546f0f425b9d737de47302bf604f33fa5097a9992b4baf06