A working FIDO2 USB hardware external authenticator (also called “security key”) 🔑 implemented on STM32F4.
Running on the STM3240G-EVAL board with the STM32F407IGH6 MCU.
Written in C. Uses STM32CubeF4.
See the full 👉 Project Description.
Note: This project was created a semestral project in the CTU FEE (ČVUT FEL) B4M38KRP (Computer Interfaces) course.
Use JetBrains CLion (free for non-commercial use for students) for development. The project is already imported and fully configured, use File > Open... to just open it.
But before opening, you'll probably need to install a few things in your system:
- Arm GNU Toolchain
- Download AArch32 bare-metal target (arm-none-eabi) from the Arm website here.
- On macOS,
brew install --cask gcc-arm-embeddedcan be used.
- OpenOCD
- Download prebuilt binary from xPack OpenOCD Releases.
- Note, that the packages in apt repository in Ubuntu are outdated.
- On macOS,
brew install open-ocdcan be used.
If you have all the tools installed, you should be able to open, build and run the project from CLion.
You can read more in this CLion's Embedded development with STM32CubeMX projects guide.
Also, it is possible to build, flash and start the whole project from the command line.
Building is done via cmake since this project is a standard CMake project (see CMakeLists.txt).
Flashing can be done for example using openocd like this (run from the project root):
openocd -s /usr/local/share/openocd/scripts -f stm3240g_eval_stlink.cfg -c "tcl_port disabled" -c "gdb_port disabled" -c "tcl_port disabled" -c "program \"cmake-build-debug/fel-krp-project.elf\"" -c reset -c shutdownCLion and other IDEs support SVD files for describing the layout of registers for debugging.
Note: We downloaded the SVD file to svd/STM32F407.svd, so you don't need to download it yourselves.
For more information, see the README in the svd dir.
We use the STM32CubeF4 package via the STM32CubeMX generator.
Relevant resources:
- see STM32CubeF4 GitHub repo
- see product page with docs on st.com
- see UM1725 Description of STM32F4 HAL and low-layer drivers
- see UM1734 STM32Cube USB device library
- In this project, we use the USB device library and its Custom HID class. Unfortunately, its customizability is limited, so we had to change some of the hardcoded template values. See more info below.
Note: This section is here only for future reference. You don't need to download STM32CubeMX and don't need to follow steps in this section.
This project was created by STM32CubeMX. Here is the procedure we used:
- New Project > Board Selector > STM3240G-EVAL > Start Project > Initialize all peripherals with their default Mode? Yes
- Then in the Project Manager tab:
- Fill in the Project Name.
- Change the Application structure to Basic. Keep the Do not generate the main() unchecked.
- Change the Toolchain / IDE to STM32CubeIDE (so that the project is compatible with CLion). Check Generate Under Root option.
- The other fields should be okay with the default values.
We tried to maintain compatibility with the STM32CubeMX as much as we could (so that the project could be modified in STM32CubeMX while the custom code remained in place). This was somehow possible until we implemented USB support. The generated USB middleware is very hard to customize, and some required changes must be made in the automatically generated code. So for now, one must carefully diff the changes using git after using STM32CubeMX to avoid losing some of our custom changes.