A Universal 2nd Factor (U2F) USB token using STM32 MCUs
Switch branches/tags
Nothing to show
Clone or download
Ron Garret and avivgr bug: make sure private key is always 32 bytes
Since mbed tls treats keys as numbers (and not blob),
mbedtls_mpi_size returns the number of bytes *required* to represent the
argument as a *number*.  But because of the way you’re constructing the key
handle you need it to be 32 bytes always, so the easiest way to do that
is to pad with leading zeros, because that doesn’t change the value when
re-interpreted as a number.
Latest commit df6f406 Dec 12, 2016
Permalink
Failed to load latest commit information.
BSP STM32 BSP files Jun 5, 2016
mbedtls-2.2.1 Add mbedtls files Jun 5, 2016
.gitignore Add gitignore file Jun 5, 2016
LICENSE Initial commit Jun 4, 2016
Makefile Add VisualGDB project files Jun 5, 2016
README.md Create README.md Jun 5, 2016
debug.mak Add VisualGDB project files Jun 5, 2016
endian.h Initial commit Jun 5, 2016
gcc_Debug.h Initial commit Jun 5, 2016
gcc_Release.h Initial commit Jun 5, 2016
keys.h Initial commit Jun 5, 2016
list.h Initial commit Jun 5, 2016
main.c Initial commit Jun 5, 2016
release.mak Add VisualGDB project files Jun 5, 2016
stm32-u2f-Debug.vgdbsettings Add VisualGDB project files Jun 5, 2016
stm32-u2f-Release.vgdbsettings Add VisualGDB project files Jun 5, 2016
stm32-u2f.sln Add VisualGDB project files Jun 5, 2016
stm32-u2f.vcxproj Add VisualGDB project files Jun 5, 2016
stm32.mak Add VisualGDB project files Jun 5, 2016
stm32.xml Add VisualGDB project files Jun 5, 2016
stm32_entropy.c Initial commit Jun 5, 2016
stm32f4xx_hal_conf.h Initial commit Jun 5, 2016
stm32f4xx_hal_msp.c Initial commit Jun 5, 2016
stm32f4xx_it.c Initial commit Jun 5, 2016
stm32f4xx_it.h Initial commit Jun 5, 2016
system_stm32f4xx.c Initial commit Jun 5, 2016
u2f.h Initial commit Jun 5, 2016
u2f_hid.h Initial commit Jun 5, 2016
u2f_messages.c bug: make sure private key is always 32 bytes Dec 12, 2016
u2f_messages.h Initial commit Jun 5, 2016
uart_printf.c Initial commit Jun 5, 2016
uart_printf.h Initial commit Jun 5, 2016
usb_device.c Initial commit Jun 5, 2016
usb_device.h Initial commit Jun 5, 2016
usbd_conf.c Initial commit Jun 5, 2016
usbd_conf.h Initial commit Jun 5, 2016
usbd_desc.c Initial commit Jun 5, 2016
usbd_desc.h Initial commit Jun 5, 2016
usbd_u2f_hid_if.c Initial commit Jun 5, 2016
usbd_u2f_hid_if.h Initial commit Jun 5, 2016
usbd_u2fhid.c Initial commit Jun 5, 2016
usbd_u2fhid.h Initial commit Jun 5, 2016

README.md

stm32-u2f

A Universal 2nd Factor (U2F) USB token using STM32 MCUs.

Overview

The FIDO U2F protocol enables a strong cryptographic 2nd factor option for end user security. End users carry a single U2F device which works with any relying party supporting the protocol.

U2F security keys can currently be used with Google accounts as a method for two-step verification and is supported by Google Chrome since version 38. U2F security keys can also be used as an additional method for two-step verification for Dropbox and as of October 1, 2015, for GitHub.

Learn more about U2F on https://fidoalliance.org/

How to build the code

The project was developed using the fabulus visualgdb under Windows. VisualGDB is a paid product, and it uses Visual Studio (i.e only supports Windows). However, VisualGDB uses the opensource GNU toolchain internally, and also generates a Makefile - so it should be fairly easy to compile the code on any UNIX environment, after installing GCC ARM Embedded toolchain.

Open the sulution using VisualGDB and build the project. Or drop to the command line and run make.

Supported Hardware

Currently the project runs on the stm32f4discovery board. This board is available for purchase directly from ST micro for less than 20$.

Based on the STM32F407VGT6 MCU, the board includes an ST-LINK/V2 or ST-LINK/V2-A embedded debug tool, two ST MEMS digital accelerometers, a digital microphone, one audio DAC with integrated class D speaker driver, LEDs and push buttons and an USB OTG micro-AB connector.

Key Features:

  • STM32F407VGT6 microcontroller featuring 32-bit ARM Cortex® -M4 with FPU core, 1-Mbyte Flash memory, 192-Kbyte RAM in an LQFP100 package. This model also has a true random number generator (RNG).
  • On-board ST-LINK/V2 debugging port
  • Board power supply: through USB bus or from an external 5 V supply voltage
  • Eight LEDs
  • Two push buttons (user and reset)
  • USB OTG FS with micro-AB connector

This boards is very good for development because it has an onboard debugger. Besides memory and processing limits, and the availability of the RNG - nothing prevents from porting the code to other STM32 MCUs. The intention is to support inexpensive STM32 boards like the red pill and the blue pill which could be purchased for 3$ on eBay.

Debugging

  • Single stepping under the debugger - VisualGDB makes it very easy inside visual studio - just select Debug on the menu. VisualGDB will compile the code, flash the board, and allow single stepping and breakpoints. VisualGDB uses the openocd (Open On-Chip Debugger) internally - so users interested in other environments can setup and use openocd directly on any supported host platform.
  • UART printing -
    • You will need a separate USB to TTL UART adapter, those are plenty available from eBay under 5$, e.g CP2102.
    • Connect the UART adapter pins to the discovery as follows:
      • PIN PC10 (TX) --> UART RX
      • PIN PC11 (RX) --> UART TX
      • GND --> UART GND
      • !! Do not connect the 3v or 5v pin from the UART to the discovery board !!
    • Open your favorite serial terminal app (e.g putty on Windows) and open the UART COM port, and select 38400 baud rate.
    • You will see UART debug prints displayed on the console.

Keys

At the moment, all private keys (AES key, attestation private key and public cert) are all hard coded in keys.h file. This is obviously insecure and incomplete. The intention is to implement a vendor private API (and tools) to help initialize a token - generate the AES private key inside the token, and also allow an "OEM" to set an existing attestation key pair onto the device.

Entropy

Luckily the STM32F4 has a true random number generator - which is used to seed any also requiring random numbers. For MCUs having no RNG, the ADC can be used as a source for entropy.

Crypto

  • The MBED tls opensource library is used for all crypto operations.
  • A private AES key is used inside the token to export encrypted key handles.

Issues

See open issues list.

Status

The token currently successfully registers and authenticates against https://fidodemo.strongauth.com/fidorestapp/action And also was successfully used for Google Account using chrome.

Patches are welcome!