TKey: The Next Generation
Not speaking for my employer, just as an interested developer in an interesting open source project.
As you might have noticed, the platform repo of the Tillitis TKey has some alpha tags for the next generation, Castor:
https://github.com/tillitis/tillitis-key1/tags
An alpha tag means that all planned features for the platform are in place, but there's not yet a complete audit and a lot of testing is still to be done. There might be changes to the implementation on all levels before a real release.
The changes for the new generation, among other things, include:
- The small bootloader turned into a very small operating system (now taking up all of 8 kByte) with syscalls for accessing a very simple filesystem. The syscalls are done with hardware support for raising and lowering privilege.
- Support for software reset and the ability to chain apps. This means, for instance, that it's possible to combine the TKey's usual measured boot with an optional verified boot stage. A second stage might keep it's key pairs persistent even though the app has been updated, if the keys are generated from something the first (measured) stage presents to it.
- Support for resident device apps.
- The firmware for the USB controller now supports several new USB device classes including FIDO HID and CCID.
If you want to test this you can do it with the TKey Unlocked and the TKey Programmer Board. Note that you need to update the USB controller firmware, too. To do that you'll need Blinkinlabs CH55x Reset Controller.
The Castor version of the Device Handbook is very much a work in progress, but it is already published. Remember that the handbook, like the rest of the project, is also a repo you can contribute to:
https://github.com/tillitis/dev-tillitis
It's been a little crazy at work to finish this. I've just returned from two weeks vacation and I'm taking a couple of days off every week for a while.
Written by MC on Setting Orange, the 49 day of Confusion in the YOLD 3191 ().