Robert Quattlebaum darconeous

## encrypt.txt.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                darconeous
                / encrypt.txt.md
            
            
              Last active
              September 26, 2017 22:22
            
              
                Hardware encrypted USB drive concept #Security #Ideas #Hardware
              
          
    Hardware encrypted USB ideas

There are hardware encrypted USB sticks on the market, but a few things make me uncomfortable about them:

They all involve running an executable on the computer you want to access the data from.
There is no standardized mechanism for how the app takes your password and communicates that to the microcontroller on the encrypted drive.

Instead of using a vendor-provided executable, I propose a mechamism which allows the encrypted USB drive to be securely mounted on any machine that has a web browser.

  
## ident.pgp.asc
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFReyUEBEADEahczwRsXCUXn7rT2obtAL2Novbo26Gdr8t3Fk2x0h6/OiLR0
p408uckZkovb6OoJTXA/SuOXRpkPv8JOucNkabk9o8FZF2ugo9spCF7ez3IZap7Q
VDqGodCHbjSp17Nu7lyYquPY/pT8xqKrYtykkDxKt6S0uX9n/qUx2yVX4Id+WrsY
rRUaAgYGqS3Q2umf8xDJqOkHJOrw8C10pNn5pl39ccvBV8HrakvQwBVYm2214Mx8
Ull2oFhdGmt4fZFdtAbw2hou0oa9e6l+tun0R874BB4exLii8x9Bgq5HROKvPhJV
NdfZmj0h3jT5GGihE5xmzpwWeyiHDZwINWpuQ/WmL8wtVfu+VJRjUR5KKCUt6kfN
9dCmwP73puQfFPnZj2azzyGdxiVmHdoNeMu9OHga81yk+RPO2CLgmhwL5BJX8N2z
z4z7Qd4dceqlSRSd6D3mGRIfekgs4YHfn0xFnNBlTy6010GkHBgb2rSlXqz5nQNW

## id_rsa.pub
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Hardware-backed Personal Keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4Y/rpKbKEQcBm0dCCHt90s6G945AtEtgG++EQ6v1+fgoQJkVTI2ajg8WDeXVFKxtuOO9QbW0LBHKOX650+9kjgRshF1Z/ystO0h2FSP8ic4PaP79W14qrszIS102vP168IxSLBsTA/X5yivwuLGbxzMEWA4IrAm1s2GRE0ZGWUmIhp7wps9cOhbVsfGXIMLcHAU6mXutfsVtzOjC6tS8NpitcmaMBAsJ2Hy8cyVDApm5vuNLUsPXtTwVNfxRX3d/O0xJ4YRFngTGKVUKb1acX7t0PyXUH0EA/xKy5yfTUoDXvGttz9UTEXsy07qKpVwOT566iDxpl3ie4J+hUaCtB openpgp:3640FDF505046F79

# Hardware-backed Work Keys
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJemMyZM7uY7rkJ65xWOW+z7mgU5E5MAtz+4MppZf7folk1UqI0Koe9V3bY+GxBgMjg1K9IFVfQSuG3qyFahwJU= rquattle+neo2451357-pubkey@google.com
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL/SP/JuW8oZqNRvY1tQYYvDbGy35lJkLu+dt8sRx36zQ7yLZOFfVmh7qIQTxeF0oMZmYTCHtO2z58DmQ6CSWio= rquattle+neo3416702-pubkey@google.com

## robert-quattlebaum.crt
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgIDC93CMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
MSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcNMTQxMTExMTEyMDUx
WhcNMTUxMTEyMTkwNjA0WjBbMRkwFwYDVQQNExBtbWRLMzdNMlJIOUJscWdiMRsw
GQYDVQQDDBJkYXJjb0BkZWVwZGFyYy5jb20xITAfBgkqhkiG9w0BCQEWEmRhcmNv
QGRlZXBkYXJjLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN5J
iGNW4GbtsCJYzBqDgmiCkeP15Idpe/dcDzca0BWhbn/pdZOFfbrMJi3sFe1EFQNB
AWi2/x3Er9WBvYXD6LnoRwZw5+jaySRdkddf7T97BfQcHA9mmqzOhMNcxBuAFbC1

## openid.txt.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                darconeous
                / openid.txt.md
            
            
              Last active
              August 29, 2015 14:10
            
              
                Robert's OpenID URLs #Security
              
          
    -----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
The following are valid OpenID URLs for Robert Quattlebaum.

https://plus.google.com/+RobertQuattlebaum
https://darco.startssl.com
https://darco.pip.verisignlabs.com


## secdebug.sh
# trace debug-log macro
sudo dtrace -qn 'security_debug*:::log { printf("[%s] %s\n", copyinstr(arg0), copyinstr(arg1)); }'

# restart securityd
sudo launchctl unload /System/Library/LaunchDaemons/com.apple.securityd.plist &&
sudo launchctl load /System/Library/LaunchDaemons/com.apple.securityd.plist

## yubikey-apdu.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              2 stars
            
          
                darconeous
                / yubikey-apdu.md
            
            
              Last active
              January 7, 2021 13:03
            
              
                Yubikey Applet #Security
              
          
    The AID of the yubikey applet on the Yubikey Neo is A000000527200101.
You can select it with the APDU 00 a4 04 00 08 A0 00 00 05 27 20 01 01.
For the YubiKey applet there are 4 commands:

ins 0x01 is a YubiKey API request (as used by the yubico personalization tools) with command in p1
ins 0x02 is a request for an OTP with slot in p1 (zero indexed)
ins 0x03 is a YubiKey status request


## lcg.csv

          
              mod
                   a
                      c

            
                2^6
                    37
                       13

            
                2^8
                   109
                       47

            
               2^32
               1664525
               1013904223

## oid.voria.net.txt
# voria.net, OID 1.3.6.1.4.1.45337
# BER Encoding: 2B 06 01 04 01 82 e2 99
# http://www.iana.org/assignments/enterprise-numbers/enterprise-numbers

1 3 6 1                 : IANA
IANA 4 1 45337          : id-voria

# -------------------

id-voria 1              : id-voria-people

## sofia.txt
[root@LocalHost /var]$ ls
Sofia     lockfile
[root@LocalHost /var]$ ./Sofia
LibCrypto : FILE -> crypto.c, LINE -> 1339: CryptoCreate Open Crypto Failed!
atmagic[0]=d2,atmagic[1]=d4, ret[0], cptat24c_fd[4]
CryptoDecryptFlashData,254
CryptoDecryptFlashData,279
CryptoDecryptFlashData,281
LibCrypto : g_cryptotype = 1
SERIES_TYPE = 3
	-----BEGIN PGP PUBLIC KEY BLOCK-----

	mQINBFReyUEBEADEahczwRsXCUXn7rT2obtAL2Novbo26Gdr8t3Fk2x0h6/OiLR0
	p408uckZkovb6OoJTXA/SuOXRpkPv8JOucNkabk9o8FZF2ugo9spCF7ez3IZap7Q
	VDqGodCHbjSp17Nu7lyYquPY/pT8xqKrYtykkDxKt6S0uX9n/qUx2yVX4Id+WrsY
	rRUaAgYGqS3Q2umf8xDJqOkHJOrw8C10pNn5pl39ccvBV8HrakvQwBVYm2214Mx8
	Ull2oFhdGmt4fZFdtAbw2hou0oa9e6l+tun0R874BB4exLii8x9Bgq5HROKvPhJV
	NdfZmj0h3jT5GGihE5xmzpwWeyiHDZwINWpuQ/WmL8wtVfu+VJRjUR5KKCUt6kfN
	9dCmwP73puQfFPnZj2azzyGdxiVmHdoNeMu9OHga81yk+RPO2CLgmhwL5BJX8N2z
	z4z7Qd4dceqlSRSd6D3mGRIfekgs4YHfn0xFnNBlTy6010GkHBgb2rSlXqz5nQNW
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA256

	# Hardware-backed Personal Keys
	ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4Y/rpKbKEQcBm0dCCHt90s6G945AtEtgG++EQ6v1+fgoQJkVTI2ajg8WDeXVFKxtuOO9QbW0LBHKOX650+9kjgRshF1Z/ystO0h2FSP8ic4PaP79W14qrszIS102vP168IxSLBsTA/X5yivwuLGbxzMEWA4IrAm1s2GRE0ZGWUmIhp7wps9cOhbVsfGXIMLcHAU6mXutfsVtzOjC6tS8NpitcmaMBAsJ2Hy8cyVDApm5vuNLUsPXtTwVNfxRX3d/O0xJ4YRFngTGKVUKb1acX7t0PyXUH0EA/xKy5yfTUoDXvGttz9UTEXsy07qKpVwOT566iDxpl3ie4J+hUaCtB openpgp:3640FDF505046F79

	# Hardware-backed Work Keys
	ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJemMyZM7uY7rkJ65xWOW+z7mgU5E5MAtz+4MppZf7folk1UqI0Koe9V3bY+GxBgMjg1K9IFVfQSuG3qyFahwJU= rquattle+neo2451357-pubkey@google.com
	ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL/SP/JuW8oZqNRvY1tQYYvDbGy35lJkLu+dt8sRx36zQ7yLZOFfVmh7qIQTxeF0oMZmYTCHtO2z58DmQ6CSWio= rquattle+neo3416702-pubkey@google.com
	-----BEGIN CERTIFICATE-----
	MIIGPzCCBSegAwIBAgIDC93CMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
	TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
	YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
	MSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcNMTQxMTExMTEyMDUx
	WhcNMTUxMTEyMTkwNjA0WjBbMRkwFwYDVQQNExBtbWRLMzdNMlJIOUJscWdiMRsw
	GQYDVQQDDBJkYXJjb0BkZWVwZGFyYy5jb20xITAfBgkqhkiG9w0BCQEWEmRhcmNv
	QGRlZXBkYXJjLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN5J
	iGNW4GbtsCJYzBqDgmiCkeP15Idpe/dcDzca0BWhbn/pdZOFfbrMJi3sFe1EFQNB
	AWi2/x3Er9WBvYXD6LnoRwZw5+jaySRdkddf7T97BfQcHA9mmqzOhMNcxBuAFbC1
	# trace debug-log macro
	sudo dtrace -qn 'security_debug*:::log { printf("[%s] %s\n", copyinstr(arg0), copyinstr(arg1)); }'

	# restart securityd
	sudo launchctl unload /System/Library/LaunchDaemons/com.apple.securityd.plist &&
	sudo launchctl load /System/Library/LaunchDaemons/com.apple.securityd.plist
	# voria.net, OID 1.3.6.1.4.1.45337
	# BER Encoding: 2B 06 01 04 01 82 e2 99
	# http://www.iana.org/assignments/enterprise-numbers/enterprise-numbers

	1 3 6 1 : IANA
	IANA 4 1 45337 : id-voria

	# -------------------

	id-voria 1 : id-voria-people
	[root@LocalHost /var]$ ls
	Sofia lockfile
	[root@LocalHost /var]$ ./Sofia
	LibCrypto : FILE -> crypto.c, LINE -> 1339: CryptoCreate Open Crypto Failed!
	atmagic[0]=d2,atmagic[1]=d4, ret[0], cptat24c_fd[4]
	CryptoDecryptFlashData,254
	CryptoDecryptFlashData,279
	CryptoDecryptFlashData,281
	LibCrypto : g_cryptotype = 1
	SERIES_TYPE = 3