Global Platform GUI

The flexSecure is a lot of work. What apps are available? What the heck is even installed on it? How much space do I have? And it goes on. So I made a thing.

screenshot1606×1275 70.4 KB

screenshot_app_description1606×1275 129 KB

It comes with all the usual warnings: use at your own risk etc. It’s still pretty early in development so it may crash on your–sorry. Next phase is a maintainability refactor. But first, it would be good to see if people think it’s useful or have any input about it as it stands.

Features:

• Lists the (supported) available apps in the latest release
• Can install (it will download, install, then remove the cap file) and uninstall
• Can create initial records for the NDEF app
• Allows you to name transponders (this is stored locally)
• Allows you to change the master key (this is stored locally)
• Tracks whether tags are known (to keep you from sending default keys to those without one)
• Supports adding other resources as ‘plugins’ (ie, other repos with cap files or even just to decode names)

Anything remotely serious is encrypted. Key management is handled by keyring. If you have GPG installed, you can use the smartpgp applet to wrap the secure storage instead. I am tempted to add SeedKeeper support as well.

Want to give it a go? Windows binary

Github Repo

A huge thanks to @Pilgrimsmaster for being the guinea pig. Also to @StarGate01 for badgering @amal into offering the flexSecure and @GrimEcho for putting together lots of early documentation. And of course to Martin Paljak who has been maintaining Global Platform Pro for a hot minute.

This is great! Nice work! Next logical feature would be configuring the installed apps I assume

Eh, that’s on the list. My intention was to offer the ability to install each of the apps we offer before moving on to that. But I suppose there’s something to be said about finishing the full scope of each in a go. Which would mean:

• NDEF
• PGP
• YkMAC shenanigans
• OTP

Maybe some other things I’m forgetting?

From a personal preference standpoint, when implementing something like this which has multiple items and each one has slightly different characteristics, I like to tackle a few items and then fully support them. That way when I inevitably need to do some major refactoring, I have a better understanding of how the whole system fits together, and I have less items that I need to propagate changes for.
Just my 2¢ either way this is a great tool

That makes a lot of sense–thanks!

You certainly did.

As mentioned, I was fortunate enough to get early access as said “guinea pig”

I had the simple job of just trying to break it, but the errors and feedback I gave Tac0s, he pushed out an update / solution super quick.

Every itteration just got better and better until Tac0s was happy to release it, and now here we are.

This has truly opened up the FlexSecure to everyone.

A simple .exe and you are up and running easily and simply.

Then you use your FlexSecure just like an Apex on ApexManager.

A Really Really huge step in the right direction.

Thanks @StarGate01 , @GrimEcho for laying the groundwork

and Tac0s for “Doing a thing”

17447025554704578628296459500746619×495 20.2 KB

Really cool project! I am sure this helps to lower the barrier to entry quite a lot, thank you!

This looks awesome! I will try and test it out this weekend. Love that it was written in Python too, which is 75% of what I develop in now days.