search

google / OpenSK

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
Apache License 2.0
2.98k stars 289 forks source link

GnuPG/OpenSSH and KeePassXC #133

Closed hexchills closed 3 years ago

hexchills commented 4 years ago

Sorry for the stupid question!

Is it planned in the future to support offline services?

Such as:

  1. HMAC-SHA1 (challenge-response pair) - for using in KeePassXC
  2. ed25519-sk - in OpenSSH (because ecdsa-sk has support)
  3. Support for LUKS on Linux (something like "yubikey-luks and yubikey-personalization" )

Arm CryptoCell CC310 - support: SHA-1, SHA-2 up to 256 bits (Keyed-hash message authentication code (HMAC) / Ed25519, Curve25519 / secp160k1, secp192k1, secp224k1, secp256k1 / secp160r1, secp192r1, secp224r1, secp256r1, secp384r1, secp521r1 / NIST FIPS 186-4 - P-192, P-224, P-256, P-384, P-521 / RSA Up to 2048-bit key size / ChaCha20/Poly1305: 128 and 256 bits / AES-128bit

P.S. Excuse me for bad English :)

kaczmarczyck commented 4 years ago

We currently do not intend to implement or maintain additional protocols. You are of course invited to fork or contribute!

wolfyzhang-github commented 1 year ago

Tsinghua University has implemented a physical encryption key based on the same chip: canokey-nrf52, which supports the GPG protocol(it passed my test), however, it is still very imperfect and many other features don't work properly, so maybe you can try this if you only need GPG.