YubiKey NEO App: OpenPGP
========================

This project implement the OpenPGP card functionality used on the
YubiKey NEO device that is sold by Yubico.  This project is relatively
unmodified from the upstream project on which this project is based:

  http://sourceforge.net/p/javacardopenpgp/
  Author: Joeri de Ruiter

The initial modifications we have made compared to the upstream
project are minor, but we reserve the right to make other
changes/improvements that are specific to the YubiKey NEO hardware.

License
-------

The upstream project was released under the GPLv2+ and our fork uses
the same license.  All of our changes are released under the same
license.  See the file LICENSE for more information.

Building
--------

It is possible to build the project using proprietary NXP Java Card
tools.

Another way to build the project is with Eclipse and eclipse-jcde.

First install Eclipse following instructions on:

  http://www.eclipse.org/

On Debian/Ubuntu systems Eclipse is packaged and can be installed from
the command line:

  apt-get install eclipse

Start Eclipse once to make sure it creates a $HOME/.eclipse/
directory.  Then quit Eclipse.

Download the eclipse-jcde-0.2.zip file from

  http://eclipse-jcde.sourceforge.net/

and unpack it like this:

  $ cd ~/.eclipse/*/
  $ unzip /path/to/eclipse-jcde-0.2.zip

The path to unpack the file into depends on your Eclipse installation,
on my Debien Wheezy system the directory was called
~/.eclipse/org.eclipse.platform_3.8_155965261/

Start Eclipse again and confirm that you have a new top-level menu
called "Java Card".

You then need to install the Java Card Development Kit version 2.2.2,
download it from:

  http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-javame-419430.html#java_card_kit-2.2.2-oth-JPR

Unpack it into a new directory called for example "jckit" like this:

  $ mkdir jckit
  $ cd jckit
  $ unzip /path/to/java_card_kit-2_2_2-linux.zip
  $ cd java_card_kit-2_2_2/
  $ unzip java_card_kit-2_2_2-rr-bin-linux-do.zip

Then in Eclipse select the "Preferences" menu under "Java Card" and
point the "Java Card Home" directory to
/path/to/jckit/java_card_kit-2_2_2 replacing /path/to as appropriate.

After that the project can be imported into the workspace.
Right-click in the "Project Explorer" window and select "Import".
Under "General" select "Existing Projects into Workspace".  As the
root directory point the directory holding this file.  You need to
select "Copy projects into workspace".

To build the .cap file, expand and right click on the "openpgpcard"
sub-directory and select "Java Card Tools" and then "Convert".  The
CAP file will be available in your Eclipse workspace as:

  javacardopenpgp/bin/openpgpcard/javacard/openpgpcard.cap

For loading the applet onto the card first make sure the YubiKey NEO
is in the HID/CCID or CCID mode, using ykpers from the YubiKey
Personalization tool:

  http://code.google.com/p/yubikey-personalization/
  https://github.com/Yubico/yubikey-personalization

For example:

  sudo ykpersonalize -m82

Then install the gpshell tool from Global Platform:

  http://sourceforge.net/projects/globalplatform/

The projects that are needed is the GlobalPlatform Library 6.0.0,
GPShell 1.4.4, and gppcscconnectionplugin which doesn't seem to be
available in any released tarball so you have to get it from
Subversion.

You need to whitelist the device in /etc/libccid_Info.plist.

When the CAP file has been built and is available in the path shown
above, you may use the gpshell tool to load it:

  $ gpshell gpinstall.txt