Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 8:52 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Mon May 05, 2014 2:19 am 
Offline

Joined: Sat Mar 15, 2014 2:47 pm
Posts: 11
Tom,

I am starting to work with your libykneomgr so I can embed the capability for Windows 3rd party software to communicate and use the Neo.

The Yubikey Neo is a great end use product but the developer "products" has a lot to be desired. No documented build processes, no SDK, limited internet postings to solve problems, max of 1 developer response per day, etc.

Any plans to make an actual developer SDK? Expecting developers to all spend countless hours studying your open source code, wasting time with MinGW/cross compiling, figuring out your build process, etc. Its painful, very painful.

I would prefer a prebuilt installer that gives us static/dynamic libraries (.a, .lib, .dll, .so) and the header files/API to communicate with your Neo.

That said, I have spend all day building a MinGW+MSYS environment on Windows 7. I have the libzip compiling, I am up to the final linking steps for libykneomgr.a and ykneomgr.exe. I am getting a lot of custom linking message spews, in particular about your undocumented usage of libzip. Hopefully you can help me get this final link working.

************************************
make[3]: Entering directory `/home/erik/projects/yubikey/libykneomgr/lib'
CC global.lo
CC version.lo
CC error.lo
CC devs.lo
CC backend_pcsc.lo
CCLD libykneomgr.la

*** Warning: This system can not link to static lib archive /usr/local/lib/libzip.la.
*** I have the capability to make that library automatically link in when
*** you link to this library. But I can only do this if you have a
*** shared version of the library, which you do not appear to have.

*** Warning: linker path does not have real file for library -lz.
*** I have the capability to make that library automatically link in when
*** you link to this library. But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libz and none of the candidates passed a file format test
*** using a file magic. Last file checked: d:/mingw_latest/i686-w64-mingw32/lib/libz.a
*** The inter-library dependencies that have been dropped here will be
*** automatically added whenever a program is linked with this library
*** or is declared to -dlopen it.

*** Since this library must not contain undefined symbols,
*** because either the platform does not support them or
*** it was explicitly requested with -no-undefined,
*** libtool will only create a static version of it.
make[3]: Leaving directory `/home/erik/projects/yubikey/libykneomgr/lib'
make[2]: Leaving directory `/home/erik/projects/yubikey/libykneomgr/lib'
Making all in src
make[2]: Entering directory `/home/erik/projects/yubikey/libykneomgr/src'
make all-am
make[3]: Entering directory `/home/erik/projects/yubikey/libykneomgr/src'
CC ykneomgr.o
CC cmdline.o
CCLD ykneomgr.exe
../lib/.libs/libykneomgr.a(backend_pcsc.o): In function `backend_applet_install':
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:389: undefined reference to `_imp__zip_open'
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:399: undefined reference to `_imp__zip_stat'
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:477: undefined reference to `_imp__zip_fclose'
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:458: undefined reference to `_imp__zip_fopen'
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:459: undefined reference to `_imp__zip_fread'
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:580: undefined reference to `_imp__zip_close'
D:\mingw_latest\msys\1.0\home\erik\projects\yubikey\libykneomgr\lib/backend_pcsc.c:470: undefined reference to `_imp__zip_fclose'
collect2.exe: error: ld returned 1 exit status
make[3]: *** [ykneomgr.exe] Error 1
***********************************

What are the exact Windows commandline arguments and steps to build/install the libzip so its compatible with your ykneomgr? Also, what are the ./configure arguments you use?

When I have all of your key software packages working I will zip up my MinGW directory and post on a file share for someone to dup a working build environment for others to use.

Also, what would be helpful is to document all the steps to create a clean/new OS/VMware and build a working compiling environment for your yubico C/C++ code.

Thx,

Erik

P.S. Your forums wont allow upload of the build or config text files.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri May 09, 2014 10:29 pm 
Offline
Site Admin
Site Admin

Joined: Thu Apr 19, 2012 1:45 pm
Posts: 148
Hello,

For windows we typically cross-compile for linux, but it should work fine to build on windows as well.

Take a look at the windows.mk file for the details, typically you'd invoke it by first running make dist, then:

$ make -f windows.mk 64bit VERSION=0.1.3

/klas


Top
 Profile  
Reply with quote  
PostPosted: Mon May 12, 2014 2:10 am 
Offline

Joined: Sat Mar 15, 2014 2:47 pm
Posts: 11
Klas wrote:
Hello,
$ make -f windows.mk 64bit VERSION=0.1.3
/klas


Thanks Klas. That script/makefile was exactly what I was looking for. That windows.mk didnt obviously didnt work "out of the box" when running on Windows but it showed the steps and and arguments of the build process.

I rewrote the script to completely fetch libz, libzip, and libykneomgr, unpack it, autoreconf, autoconf, configure, and make the dependencies, .a, .dll, and test executable on Windows 7.

You only need the script, not the source. It downloads and builds everything.

I had to customized the i686-w64-mingw32 package to include gengetopt.exe + MSYS. I also removed the gtk document generation code.

The whole mingw compiler environment runs fine on Windows. I have communications with the Neo via my Omnikey NFC reader on Windows.

You want me to donate the script back or clone my directory tree so people can duplicate the compiler environment for your yubikey C code?

I have debugged your code flow, I understand the smartcard apdu commands, and it will be easier than I thought to build a Microsoft Visual Studio .dll to use the Windows SCard API's.

Only problem I will face is the documentation for your apdu payloads. Do you have documentation for the apdu payloads? Are all of the Neo Applet payloads completely different?

In particular I need apdu payload documentation for the Bitcoin, OTP, and OpenPGP applets.

I have no problem open sourcing my work since easy to use hardware security is, well, non existent. So many companies are trying to build custom security hardware when the Neo is so generic, customizable, and powerful. They are reinventing Yubico's hard work. Security is the #1 reason Cryptocurrencies have a bad name.

Erik


Top
 Profile  
Reply with quote  
PostPosted: Mon May 12, 2014 8:22 am 
Offline
Site Admin
Site Admin

Joined: Thu Apr 19, 2012 1:45 pm
Posts: 148
Hello,

Good that it helped =)
We're happy to include build instructions/scripts, please make a pull request on github.

For the APDU's:
the openpgp cardedge is documented in http://www.g10code.com/docs/openpgp-card-2.0.pdf with sourcecode for our applet available at https://github.com/Yubico/ykneo-openpgp
the Yubico OTP applet is not documented anywhere as such, but I've written a little bit about it at viewtopic.php?t=1299#p4873 and if you have specific things you want to do it we can help you figure it out
for bitcoin applet I'm not sure what you're interested in, we have an internal applet implementing bip32 but have held on to it since it's not useable in any practical sense of the word (since the Neo chip doesn't implement sha512)

/klas


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group