-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NFC support #20
Comments
Hey kuro68k! This sounds really awesome! Did you have a look how Yubikey is working over NFC? Authorizer (or better to say PasswdSafe) is already using this for a different use-case: opening the password database. What I would like to do over NFC is not only a transfer of keystrokes from Authorizer to the host but also U2F and things like OpenPGP smart card communication. So if you are working on a hardware project, it would be perfect if it is supprting different kinds of protocols like these I mentioned. At general, as Authorizer has no NFC implementation in regard to password output yet, it is very flexible and only limited to Android. So I guess you could use any hardware which is compatible with Android. One additional comment: I already working on a Authorizer prototype for TizenOS (Samsung Galaxy Watch). So I guess it would make sense to check the hardware compatibility also for these devices. Maybe we should open a discord or slack for discussing such things? I could imagine that also other people would be interessted in this. Let me know what you think and I will take care about opening one. Tjado |
Hi Tjado. I'm open to using Discord but keep in mind that there could be some time-zone issues. Haven't used Slask but I'll give it a go. I've ordered some bits so I can experiment with NFC and get a feel for what is possible. The basic keyboard emulation/password transmission seems fairly straightforward. There are plenty of NFC tag emulation code examples and test apps for Android. For U2F the device has to emulate a smart card I think. That's how the Yubikey and similar devices work, they present a USB standard smartcard (CCID) interface that Windows or your web browser can talk to. I can't see any reason why it couldn't be supported for NFC, with suitable firmware. The CCID interface spec doesn't seem too bad, and the U2F spec for NFC is very short. Part of me keeps wondering why there is no off-the-shelf solution for this. Lenovo has been offering NFC readers in laptops for years, but no U2F support... In any case simple keyboard emulation seems like the first goal, it's simpler and useful. I'm looking to have a prototype working early next year. |
https://github.com/tejado/Authorizer/blob/master/README.md#contributions--community :) feel free to join! |
@kuro68k |
Sorry tejado, things went a bit sideways because of brexit. I'll try to look into this again at some point. |
I've been working on a similar project that uses NFC and would like to share what I have found, so that we can work together on a solution. My main areas are embedded and hardware, rather than Android.
NFC uses APDU to exchange data, which requires the Android device to emulate a basic smart card. APDU can transfer arbitrary data, and allows an application to be selected by the reader. More info here:
https://developer.android.com/guide/topics/connectivity/nfc/hce
My intention is to build a very small USB keyboard emulator with NFC that can read passwords from an Android phone and type them on the host. It's a shame no off-the-shelf hardware can do this.
There are two options for the reader, an RC522 or a PN532 chip. I'm evaluating both. To control them my plan is to use a XMEGA microcontroller, since I have a fully open source USB stack for it, which includes HID and DFU for bootloading. Also all the development tools are free (GCC) and well supported.
Other options include an ARM CPU. The advantages are that they are physically smaller and slightly cheaper, but the down side is that development support is worse. Actually one other big advantage is that they often come with a USB bootloader factory installed, where as with XMEGA you need a programmer (and probably a programming header).
It would be great to get some feedback on these ideas and also ensure that the hardware can be used with Authorizer.
The text was updated successfully, but these errors were encountered: