deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

random_bits are not needed any more

Browse Source
This commit is contained in:
NIIBE Yutaka
2011-10-06 17:02:37 +09:00
parent 6aca64b664
commit 48f552b69b
3 changed files with 9 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -1,5 +1,7 @@
2011-10-06 NIIBE Yutaka <gniibe@fsij.org> 2011-10-06 NIIBE Yutaka <gniibe@fsij.org>
* src/Makefile.in (random_bits): Remove.
* src/openpgp.c (GPGthread): Remove unused event message. * src/openpgp.c (GPGthread): Remove unused event message.
* src/main.c (main): Call random_init. * src/main.c (main): Call random_init.

38
README
View File

@@ -92,13 +92,9 @@ A9: GnuPG's SCDaemon has problems for handling insertion/removal of
Release notes Release notes
============= =============
This is fourteenth release of Gnuk. While it works well for specific This is fifteenth release of Gnuk. While it works well for specific
usages and it is considered stable, it is still somewhat experimental. usages and it is considered stable, it is still somewhat experimental.
Note that you need to write random bits after installation of gnuk
executable to the chip. This procedure is required to share a single
executable among multiple devices.
Tested features are: Tested features are:
* Personalization of the card * Personalization of the card
@@ -179,8 +175,8 @@ The author(s) of Gnuk expect users of Gnuk will be able to access the
source code of Gnuk, so that users can study the code and can modify source code of Gnuk, so that users can study the code and can modify
if needed. This doesn't mean person who has a USB Token by Gnuk if needed. This doesn't mean person who has a USB Token by Gnuk
should be able to acess everything on the Token, regardless of its should be able to acess everything on the Token, regardless of its
protections. Private keys, random bytes, and other information should protections. Private keys, and other information should be protected
be protected properly. properly.
External source code External source code
@@ -341,19 +337,7 @@ How to configure
You need python and pyscard (python-pyscard package in Debian) or You need python and pyscard (python-pyscard package in Debian) or
PyUSB (python-usb package in Debian). PyUSB (python-usb package in Debian).
(1) In the 'src' directory, type (1) [pyscard] Stop scdaemon
$ make random_bits
In this process, it takes time for the command of
dd if=/dev/random bs=1 of=random_bits count=1024
Don't just wait, but do some other works on your PC.
/dev/random needs entropy to finish.
(2) [pyscard] Stop scdaemon
[PyUSB] Stop the pcsc daemon. [PyUSB] Stop the pcsc daemon.
If scdaemon is running, please kill it, or you will get "Smartcard If scdaemon is running, please kill it, or you will get "Smartcard
@@ -366,17 +350,7 @@ In case of PyUSB tool, you need to stop pcscd.
# /etc/init.d/pcscd stop # /etc/init.d/pcscd stop
(3) Write the random bits to the device (2) [Optional] Write fixed serial number
Connect your board to USB port of your PC. And invoke gnuk_put_binary.py:
$ ../tool/gnuk_put_binary.py -r random_bits
random_bits: 1024
Updating random bits
...
(4) [Optional] Write fixed serial number
If you use fixed serial number in the file 'GNUK_SERIAL_NUMBER', you can do: If you use fixed serial number in the file 'GNUK_SERIAL_NUMBER', you can do:
@@ -384,7 +358,7 @@ If you use fixed serial number in the file 'GNUK_SERIAL_NUMBER', you can do:
Writing serial number Writing serial number
... ...
(5) [Optional] Write card holder certificate (3) [Optional] Write card holder certificate
If you have card holder certificate binary file, you can do: If you have card holder certificate binary file, you can do:

5
src/Makefile.in
View File

@@ -206,8 +206,5 @@ endif
include $(CHIBIOS)/os/ports/GCC/ARM/rules.mk include $(CHIBIOS)/os/ports/GCC/ARM/rules.mk
random_bits:
dd if=/dev/random bs=1 of=random_bits count=1024
distclean: clean distclean: clean
-rm -f Makefile gnuk.ld config.h random_bits -rm -f Makefile gnuk.ld config.h