Page MenuHomePureOS Tracker

Port patch to support Librem Key in NitroKey app
Open, NormalPublic

Description

NitroKey app bug report: https://github.com/Nitrokey/libnitrokey/issues/162
NitroKey repo related merge request: https://github.com/Nitrokey/libnitrokey/pull/163

Test packages with the patch applied: https://source.puri.sm/joao.azevedo/libnitrokey/-/jobs/264281/artifacts/download

Plan:

  1. Contact NitroKey app developers and ask what is needed to accept the patch
  2. Contact Debian to backport the patch, point the to Joรฃo's test build as proof the patch is working and can be ported

Event Timeline

mladen triaged this task as High priority.Apr 28 2020, 03:33
mladen created this task.
mladen created this object with edit policy "Restricted Project (Project)".

By

Contact NitroKey app developers and ask what is needed to accept the patch

We mean accept this patch: https://github.com/Nitrokey/libnitrokey/pull/163

mladen raised the priority of this task from High to Unbreak Now!.Wed, May 20, 04:38
jeremiah.foster lowered the priority of this task from Unbreak Now! to High.Wed, May 20, 07:57

I'm happy to work on this TODAY but this is not "Unbreak Now!" because it is not breaking anything for our users and, we have a perfectly viable alternative that is a tiny bit better, namely the Librem Key.

This does not break an install, that is correct.

But it prevents Librem Key users of using the Nitrokey app to use more features of the Librem Key

So, if I understand correctly, this repo holds the patched libnitrokey: https://source.puri.sm/joao.azevedo/libnitrokey/

Browsing the code shows there is already a debian directory (used for building packages) and a branch for both pureos/amber and pureos/byzantium.

No, that repo is a poc.

These are the proper fixes proposed:

NitroKey app bug report: https://github.com/Nitrokey/libnitrokey/issues/162
NitroKey repo related merge request: https://github.com/Nitrokey/libnitrokey/pull/163

BUt they are aiming version 3.6, while amber is in 3.4.1 and sid in 3.5

Has the PoC been tested with the app?

Yes, it has. The PoC is basically replacing the nitrokey pro device and vendor ID with the Librem Key device and vendor ID

Looks like this is the diff;

CMakeLists.txt | 2 +-
NK_C_API.cc | 8 ++++++++
NK_C_API.h | 11 +++++++++--
NitrokeyManager.cc | 27 ++++++++++++++++++++++++---
device.cc | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------
libnitrokey/device.h | 19 +++++++++++++++++--

Mostly a note to myself.

jeremiah.foster added a comment.EditedWed, May 27, 18:52

I've pulled down the Debian packaging from Salsa and reused that. I've added in the patches from upstream and built package for PureOS Amber and Byzantium.

Sent a merge request to Debian maintainer: https://salsa.debian.org/kitterman/libnitrokey/-/merge_requests/3

jeremiah.foster lowered the priority of this task from High to Normal.Wed, May 27, 18:52

Debian maintainer states "I'm concerned that the addition of vendor_id might cause an ABI break. There are multiple packages that use libnitrokey in Debian (not just nitrokey-app) and so we can't silently change the ABI."

ok, so we should contact the Litrokey app devs? To see if they merge that request?

If you follow the upstream discussion you can see that they're already on it! :-)

they're already on it!

๐ŸŽ‰๐ŸŽ‰๐ŸŽ‰๐ŸŽ‰

If you follow the upstream discussion

I'll dig up my old github account and subscribe to it.

(Github is the facebook of software development websites :p )