forked from Yubico/ykneo-oath
-
Notifications
You must be signed in to change notification settings - Fork 0
OATH App for the YubiKey NEO
License
Spunkie/ykneo-oath
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
YubiKey NEO App: OATH ===================== This project implement the HMAC-SHA* card functionality used on the YubiKey NEO device that is sold by Yubico. Its primary use is to use the YubiKey NEO to generate OATH HOTP/TOTP one-time-passwords. License ------- Copyright (c) 2013 Yubico AB. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. Building -------- There are several ways to build the project: 1) With ant, using JCKit. 2) With Eclipse and eclipse-jcde, using JCKit. 3) Using proprietary NXP Java Card tools. We usually suggest using Ant. Installing JCKit ---------------- Install the Java Card Development Kit version 2.2.2, download it from: http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-javame-419430.html#java_card_kit-2.2.2-oth-JPR Unpack it into a new directory called for example "jckit" folder: $ mkdir jckit $ cd jckit $ unzip /path/to/java_card_kit-2_2_2-linux.zip $ cd java_card_kit-2_2_2/ $ unzip java_card_kit-2_2_2-rr-bin-linux-do.zip Ant --- The project can now be built by invoking ant, supplying the path to JCKit. For example: ant -DJAVACARD_HOME=/path/to/jckit/java_card_kit-2_2_2/ The cap file for loading on card will be at: applet/bin/pkgYkneoOath/javacard/pkgYkneoOath.cap Eclipe and eclipse-jcde ----------------------- First install Eclipse following instructions on: http://www.eclipse.org/ On Debian/Ubuntu systems Eclipse is packaged and can be installed from the command line: apt-get install eclipse Start Eclipse once to make sure it creates a $HOME/.eclipse/ directory. Then quit Eclipse. Download the eclipse-jcde-0.2.zip file from http://eclipse-jcde.sourceforge.net/ and unpack it like this: $ cd ~/.eclipse/*/ $ unzip /path/to/eclipse-jcde-0.2.zip The path to unpack the file into depends on your Eclipse installation, on my Debien Wheezy system the directory was called ~/.eclipse/org.eclipse.platform_3.8_155965261/ Start Eclipse again and confirm that you have a new top-level menu called "Java Card". Then in Eclipse select the "Preferences" menu under "Java Card" and point the "Java Card Home" directory to /path/to/jckit/java_card_kit-2_2_2 replacing /path/to as appropriate. After that the project can be imported into the workspace. Right-click in the "Project Explorer" window and select "Import". Under "General" select "Existing Projects into Workspace". As the root directory point the directory holding this file. You need to select "Copy projects into workspace". To build the .cap file, expand and right click on the "pkgYkneoOath" sub-directory and select "Java Card Tools" and then "Convert". The CAP file will be available in your Eclipse workspace as: applet/bin/pkgYkneoOath/javacard/pkgYkneoOath.cap Enable CCID mode on the NEO --------------------------- First make sure the YubiKey NEO is in the HID/CCID or CCID mode, using ykpers from the YubiKey Personalization tool: http://code.google.com/p/yubikey-personalization/ https://github.com/Yubico/yubikey-personalization For example: sudo ykpersonalize -m82 Eject and re-insert the NEO to restart it in the new USB mode. You should then have a USB device like 1050:0111 or 1050:0112. The 1050:0110 device is HID only. Installing CAP file to NEO -------------------------- Then install the gpshell tool from Global Platform: http://sourceforge.net/projects/globalplatform/ The projects that are needed is the GlobalPlatform Library 6.0.0, GPShell 1.4.4, and gppcscconnectionplugin 1.1.0. You need to whitelist the device in /etc/libccid_Info.plist. WARNING! When you load a new CAP file, everything on the device for that app is erased. Keep a backup of your OATH credentials! When the CAP file has been built and is available in the path shown above, you may use the gpshell tool to load it: $ gpshell gpinstall.txt That's it!
About
OATH App for the YubiKey NEO
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published