Google Isiteji se-OpenSK, esikuvumela ukuthi udale i-firmware yamathokheni e-cryptographic ahambisana ngokugcwele namazinga ΠΈ . Amathokheni alungiselelwe kusetshenziswa i-OpenSK angasetshenziswa njengeziqinisekiso zokuqinisekisa okuyinhloko kanye nezinto ezimbili, kanye nokuqinisekisa ubukhona boqobo bomsebenzisi. Iphrojekthi ibhalwe ngoRust kanye ilayisensi ngaphansi kwe-Apache 2.0.
I-OpenSK yenza kube nokwenzeka ukudala ithokheni yakho yokuqinisekiswa kwezinto ezimbili kumasayithi, okuyinto, ngokungafani nezixazululo ezenziwe ngomumo ezikhiqizwa abakhiqizi abafana ne-Yubico, i-Feitian, i-Thetis ne-Kensington, yakhelwe ku-firmware evulekile ngokuphelele, etholakalayo ukuze ikhulise futhi ihlolwe. I-OpenSK ibekwe njengenkundla yocwaningo abakhiqizi bethokheni nabashisekayo abangayisebenzisa ukuze bathuthukise izici ezintsha futhi bakhuthaze amathokheni kubantu abaningi. Ikhodi ye-OpenSK yasungulwa njengohlelo lokusebenza lwe futhi ihlolwe kumabhodi e-Nordic nRF52840-DK kanye ne-Nordic nRF52840-dongle.
Ngaphezu kwephrojekthi yesoftware izakhiwo zokuphrinta kuphrinta ye-3D ukhiye we-USB fob wezindlu ngokusekelwe ku-chip edumile , okuhlanganisa i-ARM Cortex-M4 microcontroller kanye ne-crypto accelerator
I-ARM TrustZone Cryptocell 310. I-Nordic nRF52840 iyinkundla yokuqala eyinkomba ye-OpenSK. I-OpenSK ihlinzeka ngosekelo lwe-ARM CryptoCell crypto accelerator kanye nazo zonke izinhlobo zokuthutha ezihlinzekwa yi-chip, okuhlanganisa i-USB, i-NFC ne-Bluetooth Low Energy. Ngaphezu kokusebenzisa i-crypto accelerator, i-OpenSK iphinde yalungiselela ukuqaliswa okuhlukene kwe-ECDSA, ECC secp256r1, HMAC-SHA256 kanye ne-AES256 algorithms ebhalwe ku-Rust.
Kumele kuqashelwe ukuthi i-OpenSK akuyona ukuqaliswa kokuqala okuvulekile kwe-firmware yamathokheni ngokusekelwa kwe-FIDO2 ne-U2F; i-firmware efanayo ithuthukiswa ngamaphrojekthi avulekile. ΠΈ . Uma kuqhathaniswa namaphrojekthi okukhulunywe ngawo, i-OpenSK ayibhalwanga ngo-C, kodwa ku-Rust, egwema ubungozi obuningi obuvela ekuphathweni kwememori yezinga eliphansi, njengokufinyelela inkumbulo yangemuva kwamahhala, ukunqanyulwa kwesikhombi esingenalutho, kanye nokweqa kwebhafa.
I-firmware ehlongozwayo ukufakwa isekelwe ,
isistimu yokusebenza yama-microcontrollers asekelwe ku-Cortex-M ne-RISC-V, ehlinzeka ngokuhlukaniswa kwe-sandbox ye-kernel, abashayeli kanye nezinhlelo zokusebenza. I-OpenSK yakhelwe njenge-applet ye-TockOS. Ngaphezu kwe-OpenSK, i-Google iphinde yalungiselela i-TockOS elungiselelwe ama-Flash drives (NVMC) futhi usethe . I-kernel nabashayeli abaku-TockOS, njenge-OpenSK, babhalwe ku-Rust.
Source: opennet.ru