This repository contains a portable implementation for OpenPGP and will be able to run on PC for testing and development, and can run on Solo.
This should run fine on Linux, OS X, or Ubuntu on Windows.
Clone Gnuk to get their testing suite. Note, there are symlinks in the repo, so make sure you clone using a *nix environment!
git clone --recurse-submodules https://github.com/solokeys/openpgp.git
Install Python test tools to run Gnuk tests.
sudo apt install python3-pytest python3-usb python3-cffi libmbedtls-dev linux-tools-common linux-tools-generic linux-cloud-tools-generic
python -m pip install pycryptodome
Build our CCID/OpenPGP
application
make
In one terminal, run our CCID/OpenPGP
application.
./main
In another terminal:
connect it via USBIP
sudo usbip attach -r 127.0.0.1 -b 1-1
kill pcscd (somehow)
run python test suite.
cd pytest
sudo py.test-3 -s -x
Setup
sudo mkdir /usr/share/hwdata
sudo cp /var/lib/usbutils/usb.ids /usr/share/hwdata/usb.ids
init commands
sudo modprobe vhci-hcd (once after reboot!!!)
sudo usbip attach -r 127.0.0.1 -b 1-1
sudo lsusb -d 072f:90cc -v
Check if all is in working state
pcsc_scan
gpg2 --card-edit (command line: admin, list, name, lang, generate)
gpg2 --card-edit --expert (admin, key-attr)
list devices:
usbip list -r 127.0.0.1
or
usbip list -l
gpg export keys
To get a simple file of your public key, you can just use
gpg2 --armor --export keyID > pubkey.asc
gpg2 --output pubkey.pgp --armor --export keyID
gpg2 --armor --export-secret-key keyID > privatekey.asc
gpg2 --output backupkeys.pgp --armor --export --export-options export-backup user@email
gpg import keys from card
gpg2 --import pubkey.asc
gpg --card-status
gpg --list-secret
Test some critical parts of code
sudo apt-get install libgtest-dev
cd gtest
make test
https://moderncrypto.org/mail-archive/curves/2014/000205.html
https://moderncrypto.org/mail-archive/curves/2014/000293.html
https://crypto.stackexchange.com/questions/13077/can-curve25519-keys-be-used-with-ed25519-keys
https://docs.rs/exonum/0.9.3/exonum/crypto/x25519/fn.into_x25519_keypair.html
- RSA generation waiting for USB stack (now - timeout)
- brainpool ecdsa curves
- Ed25519 to Curve25519 conversion and vice versa (as in yubikey)
- Add tests for:
- access rights to commands and DO
- refactor some tests and change some "magic" values in them
- Add tests and functionality for:
ECDSAED25519 (EdDSA), CURVE25519(ECDH)- Secure messaging????
- fix:
- transfer kdf functionality to cryptography lib
- remove "magic" printf in flash write function)