OpenSK released by Google is a fully open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
OpenSK is based on the FIDO2 specifications, which combine the World Wide Web Consortium’s (W3C) Web Authentication (WebAuthn) specification and FIDO Alliance’s corresponding Client-to-Authenticator Protocol (CTAP).
The nRF52840 MDK USB Dongle works well with OpenSK. Taking advantage of the UF2 Bootloader, you can easily program the OpenSK by just copying the .uf2-format image to the flash drive.
This guide details how to get started with the OpenSK using the nRF52840 MDK USB Dongle without going through the complete toolchain installation.
What you'll need
- An nRF52840 MDK USB Dongle
- Latest version of Google Chrome browser (or at least version 38) or Firefox browser
Upgrade to UF2 Bootloader
The nRF52840 MDK USB Dongle was previously shipped with Open Bootloader with Device Firmware Update (DFU) functionality.
Currently, the prebuilt OpenSK firmware only works with the UF2 Bootloader. If your dongle is using UF2 Bootloader, just skip this step.
As Open Bootloader update must come from signed packages, the new UF2 Bootloader must be signed. The signed package is located in: firmware/open_bootloader/uf2_bootloader-0.2.13-44-gb2b4284-nosd_signed.zip
Enter DFU mode by holding the dongle's RESET/USR button during connecting to your PC. Use the following command to update firmware:
nrfutil dfu usb-serial -pkg uf2_bootloader-0.2.13-44-gb2b4284-nosd_signed.zip -p <your-serial-port-name>
Flash prebuilt OpenSK via UF2 Bootloader
The prebuilt OpenSK firmware is located in firmware/OpenSK with the
Enter DFU mode by holding the dongle's RESET/USR button during connecting to your PC. A flash drive with the name MDK-DONGLE will appear.
opensk_nrf52840_mdk_usb_dongle_gece14d7.uf2 image to MDK-DONGLE.
When programming is completed, the OpenSK will run automatically. The device named OpenSK will detected by the computer.
Now you can test the OpenSK via WebAuthn.io:
The two-factor authentication (2FA) has been successfully deployed by a growing number of websites, including Google, social networks, cloud providers, and many others. Happy trying!