Experimental NFC support

[Frederick888]

Experimental NFC support using libnfc.

A sub module was introduced to pull the source of a simple ykchalresp-nfc I wrote. It accepts several parameters:

-1      Use slot 1
-2      Use slot 2
-n      Check presence of YubiKey only
-v      Verbose output
-V      Show version

The challenge can be either passed as an argument or fed via stdin. For example,

$ ykchalresp-nfc -2v 'hello world'
DEBUG: ./ykchalresp-nfc uses libnfc 1.7.1
DEBUG: NFC reader ITEAD PN532 opened
=> 00 a4 04 00 07 a0 00 00 05 27 20 01
<= xx xx xx xx xx xx 90 00
=> 00 01 38 00 0b 68 65 6c 6c 6f 20 77 6f 72 6c 64
<= xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx 90 00
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Currently NFC is only used as a fallback when no YubiKeys are connected via USB and I haven't updated the ykfde CLI tools yet (so configuration can only be done using USB).

Tested locally with a PN532 NFC/RFID controller, finger crossed it also works with other hardware lol.

[Vincent43]

Thanks for your contribution. It may take me some time to review it. Unfortunately I have no way to test if it works so I would have to trust you on this 😄 .

[Frederick888]

@Vincent43 Yea, I understand this is not gonna be a function that's used by a lot of people. And tbh even someone tells me ykchalresp-nfc is not working with his NFC module, I won't be able to provide much help as obviously I can't go buy a bunch of controllers to debug it.

But on the upside, most of those questions should go directly to libnfc as ykchalresp-nfc is just a simple wrapper around it lol... So I guess the bottom line here is that we make sure the changes do not interfere with USB functions and let's see what people come back with :)

FYI: list of compatible devices with libnfc http://www.nfc-tools.org/index.php/Devices_compatibility_matrix

[Frederick888]

I reckoned as it was such a niche and simple program, it wasn't worth the hassle of distributing it as a standalone package. But since you didn't let it slide (lol), I guess I can go make an AUR package for it.

In terms of backwards compatibility, I think I can easily put some if guards in place so that it wouldn't add redundant modules/files to initramfs.

Give me some time I'd fix these issues asap. Thanks for reviewing it :)

[Vincent43]

You don't have to make it as standalone package if you think it's not worth it atm. The only requirement is to not break our AUR package. Making the build optional will be ok. After that I'll update PKGBUILD with libnfc dependency and try to sync those changes in AUR.

[Vincent43]

I also wonder if your work could be upstreamable in https://github.com/Yubico/yubikey-personalization

[Frederick888]

I've just made the code style changes and now unless YKFDE_NFC is set to non-empty, it won't install any NFC-related stuff.

Additionally I've made ykchalresp-nfc an AUR package, which I guess could be added as an optional dependency to this project. And if this binary is not available during mkinitcpio when YKFDE_NFC is enabled, it will fail the build process.

[Vincent43]

Everything looks good now. Thank you. I'll update PKGBUILD and documentation later.

[Vincent43]

Docs and AUR updated.