Password Manager application for Ledger Blue and Nano S
This application demonstrates a Password Manager implemented with no support from the host - the passwords are typed from the Nano S interacting as a keyboard to the connected computer / phone.
The user can create metadatas on device, and generate a deterministic password from them.
To compile it, use at least the Nano S SDK 1.2.1 on firmware 1.2
This release is an early alpha - among the missing parts :
-
Ledger Blue support
-
Validation of the HID typing logic on other OS X and Windows - should work on Linux
-
Support of different password policies mechanisms
-
Metadatas backup
-
Offline recovery program
-
Metadatas are SHA-256 hashed
-
The SHA-256 components are turned into 8 big endian uint32 | 0x80000000
-
A private key and chain code are derived for secp256k1 over 0x80505744 / the path computed before
-
The private key and chain code are SHA-256 hashed, the result is used as the entropy to seed an AES DRBG
-
A password is generated by randomly shuffling letters, numbers and special characters using the previously seeded DRBG
This application uses
-
the binary keyboard designed by Parker Hoyes (https://github.com/parkerhoyes/bolos-user-interface),
-
MBED TLS AES DRBG implementation (https://tls.mbed.org/ctr-drbg-source-code)