Merge branch 'ledger'

.gitmodules

@@ -22,3 +22,9 @@
 [submodule "applets/javacard-memory"]
 	path = applets/javacard-memory
 	url = https://github.com/DangerousThings/javacard-memory.git
+[submodule "applets/apex-ledger-unplugged"]
+	path = applets/apex-ledger-unplugged
+	url = https://github.com/VivoKey/apex-ledger-unplugged.git
+[submodule "applets/ledger-javacard-eligibility"]
+	path = applets/ledger-javacard-eligibility
+	url = https://github.com/LedgerHQ/ledger-javacard-eligibility.git

docs/applets/5-fido.md

@@ -46,11 +46,9 @@ Use git to clone the sources recursively, and change into the directory. To comp
 
 You can not use the U2F applet at the same time as the FIDO2 one because they use the same AID.
 
-Loading the attestation certificate requires manual steps as of now, but Vivokey and I are planning to release tools for U2F and FIDO2 attestation certificate loading sometime in the future.
-
 ### Generate Attestation Certificate
 
-You can also generate your own attestation certificate. This makes your token unique, which is maybe not something you want - but then again, I recon the number of tokens using the default key can be counted on maybe two hands maximum.
+You can generate your own attestation certificate. This makes your token unique, which is maybe not something you want.
 
 In the future, Vivokey plans offer signed certificates using their own certificate authority in some way. It is unclear if or how these would be coming to the FlexSecure, as they require the more protected environment of the Apex Flex in order to not leak.
 

docs/applets/6-ledger.md

@@ -0,0 +1,128 @@
+# Cryptocurrency Wallet using Ledger Unplugged
+
+**Ledger Unplugged** is an open-source cryptocurrency wallet implementation by Ledger, Inc. and supported by various mobile apps.
+
+The applet optionally accepts an attestation certificate. This certificate can be generated by you, or an official one signed by a company like Vivokey or Ledger.
+
+The attestation certificate can be used to establish an encrypted channel during setup. The token manufacturer (e.g. Vivokey) can also use this certificate (which they sign using their certificate authority) to validate the authenticity and model of the token and applet.
+
+The **Eligibility Applet** can be used to check whether your token supports als the needed cryptographic algorithms.
+
+## Applet Information
+
+### Ledger Unplugged
+
+- Repository: https://github.com/VivoKey/apex-ledger-unplugged
+- Binary name: `Ledger-wallet.cap`
+- Download: https://github.com/DangerousThings/flexsecure-applets/releases
+- AID: `a0:00:00:06:17:00:54:bf:6a:a9:49:01`, Package: `a0:00:00:06:17:00:54:bf:6a:a9:49`
+- Storage requirements:
+  - Persistent: `TBA` bytes
+  - Transient reset: `TBA` bytes
+  - Transient deselect: `TBA` bytes
+
+### Ledger Unplugged Eligibility
+
+- Repository: https://github.com/LedgerHQ/ledger-javacard-eligibility
+- Binary name: `Ledger-eligibility.cap`
+- Download: https://github.com/DangerousThings/flexsecure-applets/releases
+- AID: `FF:4C:45:47:52:2E:45:4C:49:47:30:31:2E:49:30:31`, Package: `FF:4C:45:47:52:2E:45:4C:49:47:30:31`
+- Storage requirements:
+  - Persistent: `TBA` bytes
+  - Transient reset: `TBA` bytes
+  - Transient deselect: `TBA` bytes
+
+## Compiling the Applet Yourself
+
+Setup your environment as described in *JavaCard Development Setup* .
+
+Use git to clone the sources recursively, and change into the directory. To compile, run `JC_HOME=<sdks>/jc304_kit ant`, replacing `<sdks>` with the path to your JavaCard SDKs.
+
+## Installing the Applet
+
+### Generate Attestation Certificate
+
+You can generate your own attestation certificate.
+
+Refer to the *FIDO applet documentation* to install the tool from https://github.com/DangerousThings/fido-attestation-loader and to generate a certificate authority.
+
+Next, generate an attestation certificate and sign it using the CA. You have to create another passphrase to protect the private key of the attestation certificate.
+
+```
+./attestation.py cert create -m ledger
+```
+
+Then, you can derive the applet installation parameter by running:
+
+```
+./attestation.py cert show -m ledger
+```
+
+For more options see the *FIDO applet documentation* or read the tool README file.
+
+Use GlobalPlatformPro (GPP) from https://github.com/martinpaljak/GlobalPlatformPro/releases to install the applet:
+
+```
+gp -install Ledger-wallet.cap --params INSTALLPARAM
+```
+
+The parameter data (`INSTALLPARAM`) contains the attestation certificate private key and signature. You can copy it from the last line of the output of `./attestation.py cert show -m ledger`.
+
+Listing the applets using `gp --list` should print something like this:
+
+```
+APP: A0000006170054BF6AA94901 (SELECTABLE)
+     Parent:  A000000151000000
+     From:    A0000006170054BF6AA949
+     Privs:   
+
+PKG: A0000006170054BF6AA949 (LOADED)
+     Parent:  A000000151000000
+     Version: 1.0
+     Applet:  A0000006170054BF6AA94901
+```
+
+Next, you have to load the public attestation certificate by sending a few APDUs. Before sending the certificate, selecting the applet is required.
+
+This task is covered by the attestation script as well:
+
+```
+./attestation.py cert upload -m ledger
+```
+
+You might have to specify your PCSC reader index using `-r`, use `-l` to list all readers.
+
+### Generate and Install Seeds
+
+The applet requires two seeds, a keycard seed and a mnemonic seed. I have written a small tool to simplify the process. Install Python3, and the `cryptography`, `asn1`, `pyscard`, and `bip-utils` modules (e.g. using Pip). Then, clone or download https://github.com/DangerousThings/ledger-unplugged-setup .
+
+To initialize your Ledger token:
+
+```
+./ledger.py setup
+```
+
+You can also specify the keycard seed and PIN using command line flags or files, see the tool README for more options.
+
+You can also recover the token if you have a backup of your keycard and mnemonic seeds, e.g.:
+
+```
+./ledger.py setup -m "demand soup present horn child flat meat quality smoke flavor toe method govern winter spot west lock tell sunny spoil cage topic shoe card" -p 1234 -s 1234567890abcdef1234567890abcdef
+```
+
+You might have to specify your PCSC reader index using `-r`, use `-l` to list all readers.
+
+## Using the Applet
+
+Once the applet is setup correctly, you can use the Mycelium App (https://play.google.com/store/apps/details?id=com.mycelium.wallet) on Android to interface it.
+
+## Sources and Further Reading
+
+- https://raw.githubusercontent.com/LedgerHQ/btchip-doc/master/bitcoin-technical.asc
+- https://ledgerhq.github.io/btchip-doc/bitcoin-javacard.html
+- https://github.com/DangerousThings/ledger-unplugged-setup
+- https://github.com/DangerousThings/fido-attestation-loader
+- https://play.google.com/store/apps/details?id=com.mycelium.wallet
+- https://shop.ledger.com/
+
+Improve this document: https://github.com/DangerousThings/flexsecure-applets/tree/master/docs

scripts/clean/apex-ledger-unplugged.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+cd /app/src/applets/apex-ledger-unplugged
+rm -rf target

scripts/clean/ledger-javacard-eligibility.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+cd /app/src/applets/ledger-javacard-eligibility/applet
+rm -rf target
+cd /app/src/applets/ledger-javacard-eligibility/reporting
+rm -rf target

scripts/compile/apex-ledger-unplugged.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+cd /app/src/applets/apex-ledger-unplugged/src-preprocessed
+for fname in com/ledger/wallet/*.javap; do
+    cpp -P $fname "../src/${fname%.javap}.java"
+done
+rm -f /app/src/applets/apex-ledger-unplugged/src/com/ledger/wallet/LWNFCForumApplet.java
+cd /app/src/applets/apex-ledger-unplugged
+cp /app/src/scripts/compile/res/apex-ledger-unplugged.build.xml .
+JC_HOME=/app/sdks/jc304_kit ant -buildfile apex-ledger-unplugged.build.xml
+cp /app/src/applets/apex-ledger-unplugged/target/*.cap /app/src/bin/

scripts/compile/ledger-javacard-eligibility.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+mkdir -p /app/src/bin /app/src/applets/ledger-javacard-eligibility/applet/target
+cd /app/src/applets/ledger-javacard-eligibility/applet
+for fname in src/com/ledger/eligibility/*.javap; do
+    cpp -P $fname "${fname%.javap}.java"
+done
+cp /app/src/scripts/compile/res/ledger-javacard-eligibility.build.xml .
+JC_HOME=/app/sdks/jc304_kit ant -buildfile ledger-javacard-eligibility.build.xml
+cp /app/src/applets/ledger-javacard-eligibility/applet/target/*.cap /app/src/bin/
+cd /app/src/applets/ledger-javacard-eligibility/reporting
+mvn package
+cp /app/src/applets/ledger-javacard-eligibility/reporting/target/*.jar /app/src/bin/

scripts/compile/res/apex-ledger-unplugged.build.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project basedir="." default="applet" name="ledger-javacard">
+  <target name="applet">
+    <get src="https://github.com/martinpaljak/ant-javacard/releases/download/v1.5/ant-javacard.jar" skipexisting="true" dest="."/>
+    <taskdef name="javacard" classname="pro.javacard.ant.JavaCard" classpath="ant-javacard.jar"/>
+    <javacard>
+      <cap output="target/Ledger-wallet.cap" sources="src" classes="target" aid="a0000006170054bf6aa949" verify="true" version="1.0">
+        <applet class="com.ledger.wallet.LedgerWalletApplet" aid="a0000006170054bf6aa94901"/>
+      </cap>
+    </javacard>
+  </target>
+</project>

scripts/compile/res/ledger-javacard-eligibility.build.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project basedir="." default="applet" name="ledger-javacard-eligibility">
+  <target name="applet">
+    <get src="https://github.com/martinpaljak/ant-javacard/releases/download/v1.4/ant-javacard.jar" skipexisting="true" dest="."/>
+    <taskdef name="javacard" classname="pro.javacard.ant.JavaCard" classpath="ant-javacard.jar"/>
+    <javacard>
+      <cap output="target/Ledger-eligibility.cap" classes="target" sources="src" aid="FF:4C:45:47:52:2E:45:4C:49:47:30:31" version="1.0">
+        <applet class="com.ledger.eligibility.LedgerEligibility" aid="FF:4C:45:47:52:2E:45:4C:49:47:30:31:2E:49:30:31"/>
+      </cap>
+    </javacard>
+  </target>
+</project>