search

Yubico / ykneo-openpgp

OpenPGP applet for the YubiKey NEO
https://developers.yubico.com/ykneo-openpgp/
GNU General Public License v2.0
215 stars 67 forks source link

User-presence support #23

Open jas4711 opened 9 years ago

jas4711 commented 9 years ago

It would be nice if it was possible to configure the NEO to demand a user presence check before performing a private key operation. You would probably configure this using some ad-hoc way, specifying the key slot to demand user presence for.

mitchell-es commented 9 years ago

I second this. I have mine in mode CCID-only and I find the interactivity with the touch sensor promising. What would be ideal to me would be that the key would flash when there was a signing request and would not perform the request until the key had been tapped. I use the key to perform SSH authentications and this would help mitigate the risk of somebody connecting to a remote ssh-agent connection and logging in places without my knowledge. I've looked through the source code in this repository but I haven't been able to locate the code which interacts with the led and sensor on the yubikey. Is that code part of this module or is it elsewhere?

promovicz commented 9 years ago

I believe that the code for this must be elsewhere since I can not imagine there being a way to access the button or LED from JavaCard by any standard means.

My guess would be that the code for this is native code on the security processor, which will probably be restricted by NDA.

It might be possible for Yubico to provide a JavaCard API that allows implementing this, however.

stv0g commented 9 years ago

I wish there is a way to accomplish this. :+1: This would be a reason to replace my existing YK neo.

But as far as I know, all the other open source JavaCard applets do not interact with the LED and touch button? But, maybe it's possible to access routines for accessing the hardware from the proprietary YKneo applet?

I found the following details on the Yubico forums:

  1. If availability of and applet equals the USB HID capability, do you have unadvertised access to the button from JavaCard environment (or you use the javacard chip from the overall device controller? Basically, how it works.)

In mode 1 and 2 (not 81 and 82) an applet can access the state of the touch button, but it requires JCOP tools from NXP. The state of the button can be found with an operation like: IOControlX.getIO(IOControlX.IOID_P3) It's a two-chip design with another chip driving the USB interface and the touch button.

Source: http://forum.yubico.com/viewtopic.php?f=26&t=1299&sid=b35c719d3ad83ab5707583097766586f#p4873