Google Dandali na OpenSK, wanda ke ba ku damar ƙirƙirar firmware don alamun cryptographic waɗanda ke da cikakkiyar yarda da ƙa'idodi и . Alamu da aka shirya ta amfani da OpenSK za a iya amfani da su azaman masu tabbatarwa don tabbatarwa na farko da na abubuwa biyu, da kuma tabbatar da kasancewar mai amfani ta zahiri. An rubuta aikin a cikin Rust da lasisi a ƙarƙashin Apache 2.0.
OpenSK yana ba da damar ƙirƙirar alamar ku don tabbatar da abubuwa biyu akan shafuka, waɗanda, sabanin shirye-shiryen da masana'antun ke samarwa kamar Yubico, Feitian, Thetis da Kensington, an gina su akan famuwia buɗe gaba ɗaya, akwai don haɓakawa da dubawa. OpenSK an sanya shi azaman dandalin bincike wanda masu kera alama da masu sha'awar za su iya amfani da su don haɓaka sabbin abubuwa da haɓaka alamu ga jama'a. An ƙaddamar da lambar OpenSK azaman aikace-aikace don kuma an gwada akan Nordic nRF52840-DK da Nordic nRF52840-dongle allunan.
Baya ga aikin software shimfidu don bugu akan firintar 3D gidan maɓalli na kebul na USB dangane da sanannen guntu , gami da microcontroller na ARM Cortex-M4 da mai haɓaka crypto
ARM TrustZone Cryptocell 310. Nordic nRF52840 shine dandalin tunani na farko don OpenSK. OpenSK yana ba da tallafi ga ARM CryptoCell crypto accelerator da kowane nau'in sufuri da guntu ke bayarwa, gami da USB, NFC da Bluetooth Low Energy. Baya ga yin amfani da mai haɓaka crypto, OpenSK kuma ya shirya aiwatar da daban-daban na ECDSA, ECC secp256r1, HMAC-SHA256 da AES256 algorithms da aka rubuta cikin Rust.
Ya kamata a lura cewa OpenSK ba shine farkon buɗe aikace-aikacen firmware don alamu tare da tallafi ga FIDO2 da U2F; ana haɓaka firmware irin wannan ta ayyukan buɗewa. и . Idan aka kwatanta da ayyukan da aka ambata, OpenSK ba a rubuta shi a cikin C ba, amma a cikin Rust, wanda ke guje wa yawancin lahani da ke tasowa daga ƙananan ƙwaƙwalwar ajiyar ƙwaƙwalwar ajiya, kamar samun damar ƙwaƙwalwar ajiya bayan kyauta, rashin kuskuren nuna alama, da buffer overruns.
Firmware da aka tsara don shigarwa ya dogara ne akan ,
tsarin aiki don microcontrollers dangane da Cortex-M da RISC-V, samar da keɓewar akwatin sandbox na kwaya, direbobi da aikace-aikace. An tsara OpenSK azaman applet don TockOS. Baya ga OpenSK, Google kuma ya shirya don TockOS wanda aka inganta don faifan faifai (NVMC) kuma saita . Kwaya da direbobi a cikin TockOS, kamar OpenSK, an rubuta su a cikin Rust.
source: budenet.ru