Porting to NuttX / composite mode / U2F
NIIBE Yutaka
gniibe at fsij.org
Mon Mar 25 02:08:15 CET 2019
"Matias N." <matias at imap.cc> wrote:
> I was wondering whether you think it should be possible (and not too
> much work) to port the application logic to the NuttX RTOS, instead of
> using chopstx.
I think it should be possible (if an RTOS supports something like POSIX
threads). I don't know how much work is needed. You can examine
GNU/Linux port.
But... please note that the exact reason why I use Chopstx is less
functionality. I don't have a plan to support other RTOS for Gnuk.
> I ask because it would be interesting to add more functionality to the
> device by taking advantage of NuttX features, such as USB composite
> mode.
In my opinion, USB composite device is not good for security device.
Apparently, users have a problem with old implementation (Yubikey NEO),
when they want to use multiple features simultaneously (like OTP and
OpenPGPcard), see my comment at:
https://dev.gnupg.org/T4225#119535
While Yubikey NEO supports "mode", it seems Yubikey 4 (and later)
supports "applications". I only have experience with Yubikey NEO. I'll
try Yubikey 4. Perhaps, things are now improved.
> I understand that U2F functionality is not planned for gnuk itself, right?
I don't have any plan for U2F. My opinion is it is good to have
seperate device for U2F. If it is in a single device, it's better to
use applications interchangeably (not simultaneously), or you would need
a driver which is dedicated to the device to serve multiple features
securely.
--
More information about the Gnuk-users
mailing list