mirror of https://github.com/brmlab/brmdoor_libnfc.git synced 2025-06-07 16:14:01 +02:00

Access system implementation with Raspi and RFID (ISO-14443) cards. Makes uncloneable cards possible with cryptography (unlike many commercial systems). With status reporting over IRC and SFTP.

Find a file

Ondrej Mikle 32c159ba88 README		2015-12-06 17:46:13 +01:00
.gitignore	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
brmdoor_adduser.py	retab	2014-08-22 21:38:03 +02:00
brmdoor_authenticator.py	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
brmdoor_nfc.config.sample	Numbering note in config.	2014-07-26 00:12:58 +02:00
brmdoor_nfc_daemon.py	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
create_authenticator_db.py	Added Yubikey Neo HMAC authenthication	2014-07-23 13:12:15 +02:00
Doxyfile	Doxygen documentation generation	2014-07-19 17:13:29 +02:00
Makefile	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
nfc_smartcard.cpp	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
nfc_smartcard.h	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
nfc_smartcard.i	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
README.md	README	2015-12-06 17:46:13 +01:00
test_nfc.py	Renamed module and files to nfc_smartcard	2015-12-06 17:06:53 +01:00
test_uids_db.sqlite	Added Yubikey Neo HMAC authenthication	2014-07-23 13:12:15 +02:00
unlocker.py	Make sure lock pin is pulled down when exiting on interrupt	2014-07-24 18:42:23 +02:00

README.md

Brmdoor via libnfc

This is an access-control system implementation via contactless ISO 14443A cards and a PN53x-based reader. So you basically swipe your card, and if it's in database, the door unlocks.

Info about authorized users and their cards and keys is stored in sqlite database.

This was originally designed for Raspberry (Raspbian), but it also runs on desktop PC if you have the PN532 USB reader.

The daemon is implemented in brmdoor_nfc_daemon.py.

NFC smartcard API

This project shows how to use libnfc from python to send APDUs to NFC smartcards. Have a look at test_nfc.py for some examples, currently it shows four interactions with NFC smartcards:

read NDEF message from token (Mifare Desfire, Yubikey Neo)
do HMAC-SHA1 authenthication (Yubikey Neo)
read Track 2 Equivalent Data from Visa
execute signature for payment on Mastercard

It is much more general in use than to use it as authenthicator to open door.

Building

You need just to run make. Additional dependencies:

libnfc, already present in Raspbian 8 repositories
SWIG
WiringPi2 pythonic binding (for switching lock on Raspberry)
you may have to change python2.7-config to python-config on some older systems in Makefile

Howto

Create the database

 python create_authenticator_db.py authenthicator_db.sqlite

Copy sample config file, edit your pins, DB file location, timeouts
```
 cp brmdoor_nfc.config.sample brmdoor_nfc.config
```
Add some users

either authenthication by UID, e.g.:

brmdoor_adduser.py -c brmdoor_nfc.config -a uid 34795FCC SomeUserName

authenthication by Yubikey's HMAC-SHA1 programmed on slot 2

brmdoor_adduser.py -c brmdoor_nfc.config -a hmac 40795FCCAB0701 SomeUserName 000102030405060708090a0b0c0d0e0f31323334

to program Yubikey slot 2 to use HMAC with given key, use:

ykpersonalize -2 -ochal-resp -ohmac-sha1 -ohmac-lt64 -oserial-api-visible

Finally, run the daemon:

    sudo python brmdoor_nfc_daemon.py brmdoor_nfc.config

Configuring libnfc devices

If you have PN532 device on other bus than USB (e.g. SPI), first search for it using:

sudo nfc-scan-device -i

After that, create file /etc/nfc/libnfc.conf with line describing your device from nfc-scan-device above, e.g. for SPI device:

device.connstring = "pn532_spi:/dev/spidev0.0"

This daemon expects the library to be already configured to find the PN532 device.

If you installed libnfc from source, the default directory might be /usr/local/etc/nfc instead of /etc/nfc.