Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feat] Add Key Management Enclaves with YubiKey and NanoPC-T6 Support #223

Open
wants to merge 1 commit into
base: 0.1.4-dogebox-pre
Choose a base branch
from

Conversation

edtubbs
Copy link
Collaborator

@edtubbs edtubbs commented Sep 18, 2024

Adds key management enclaves for both OpenEnclave and OP-TEE (see docs/enclaves.md). It also introduces YubiKey support (see docs/yubikey.md), enabling secure storage of encrypted seeds, mnemonics, and master keys. The CI has been updated with x86 targets for OpenEnclave and aarch64 for OP-TEE.

Additionally, NanoPC-T6 support has been implemented for OP-TEE, with related patches and firmware currently in the upstreaming process. Documentation updates provide detailed configuration and usage instructions, and new tests cover SHA1, HMAC, and encrypted blob functionality.

@edtubbs edtubbs force-pushed the 0.1.3-dev-openenclave-cli branch 4 times, most recently from 0a035b4 to c46880e Compare September 19, 2024 18:25
@edtubbs edtubbs changed the base branch from 0.1.4-dev to 0.1.4-dogebox-pre September 19, 2024 21:23
@edtubbs edtubbs force-pushed the 0.1.3-dev-openenclave-cli branch 4 times, most recently from 94d62d7 to 75e3735 Compare September 22, 2024 02:10
xanimo

This comment was marked as outdated.

openenclave, optee: added key manager enclaves
openenclave, optee: added command line interfaces
ci: updated x86 target for openenclave
ci: added aarch64 target for op-tee
ci: added x86 target for nixos
doc: added enclave.md
depends: added libyubikey, libusb and libykpiv
sha: added sha1 and hmac for authentication with yubikey
tests: added sha1 and hmac
address: added wrapper for address from account pub key
example: added wrapper
test: added wrapper to bip44_test

[feat] added yubikey for storage

config, cmake, seal, tests: added yubikey support
seal: added encrypted blobs to software encryption
such, spvnode, wallet: updated software encryption
tests: added encrypted blobs
doc: added yubikey.md

[feat] added NanoPC-T6 enclave

ci: added NanoPC-T6 support for op-tee
doc: updated enclave.md
optee: added rk3588-nanopi6-common.dtsi.patch
optee: added nanopi6.h.patch
Copy link
Member

@xanimo xanimo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK

@michilumin michilumin self-requested a review September 28, 2024 04:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants