Welcome to Feitian OpenSK USB Dongle¶
OpenSK was announced by Google at January 30, 2020. It is a fully open-source FIDO security key implementation, include hardware and software.
In that announcement, Google said
By opening up OpenSK as a research platform, our hope is that it will be used by researchers, security key manufacturers, and enthusiasts to help develop innovative features and accelerate security key adoption.
To help and accelerate FIDO security key adoption, FEITIAN improves the housing and makes new design of OpenSK USB Dongle, remove unused PCB components, public the design. Users can build firmware from source code of Google OpenSK github repository without changing anything, provision it to this OpenSK hardware, to experence and try FIDO authentications.
Before you try to program firmware to OpenSK, please read original OpenSK guide at first. The following documents are most like additional remarks.
We have two model of OpenSK USB Dongle, V1 and V2. They are designed according to nRF52840 USB dongle, which is used by Google OpenSK firmware. The difference between V1 and V2 is the method to enter bootloader mode.
To OpenSK V1, user should insert a paper clip or a SIM-eject tool to the RESET button hole to enter bootloader mode. This is similar as user push the RESET button on nRF52840 USB dongle.
To OpenSK V2, after user connects the device to computer, he should push and hold on the user button for more 8 seconds, then OpenSK will be in bootloader mode.
For detailed informations, please refer to hardware description page.
- The OpenSK USB Dongle V1 or V2.
Before you program the firmware to OpenSK USB Dongle, you should switch it to bootloader mode. Please refer to Harware Page to learn how to switch OpenSK to bootloader mode.
- Read Original OpenSK guide.
Before you perform following opertaions, please read OpenSK and its installation guide to learn how to customize your security key, for example, to change the signature counter mechnisam and Attestation Certificate.
- Install nrfutil tool.
This tool allows you to directly flash firmware to OpenSK over USB without additional hardware.
Develop Environment and configuration¶
- Prepare develop environment.
You should prepare developing environment by yourself according to this section.
$ git clone --recursive https://github.com/google/OpenSK.git
If you just cloned this repository, you need to run the following script:
- Configure the OpenSK security parameter.
Please follow the description to change Attestation Certificate as you want. If you are not familar with OpenSK and FIDO, we recommend you do not change anything.
Flashing the firmware¶
Although you can download the firmware to our OpenSK V1 and V2 by using J-LINK as described in OpenSK installation guide, we recommend you program the firmware through USB interface, it is more convenient.
- Switch OpenSK to bootloader mode.
Please refer to OpenSK Model or hardware page to learn how to switch OpenSK to bootloader mode.
The LEDs show different behaviour in differet mode. Please refer to hardware page to see LED status of OpenSK V1 and V2 .
Program the OpenSK USB dongle.
$ ./deploy.py --board=nrf52840_dongle_dfu --opensk --programmer=nordicdfu
Just press Enter, the firmware will be flahsed to your OpenSK USB Dongle.
Press [ENTER] when ready.
When progress bar reaches 100%, OpenSK USB Dongle will be in working mode automatically. You can now test FIDO function.
Test FIDO functions¶
Please refer to Test Page.