version 1.1.6

ChangeLog

@@ -1,3 +1,7 @@
+2015-07-21  Niibe Yutaka  <gniibe@fsij.org>
+
+	* VERSION: 1.1.6.
+
 2015-07-20  Niibe Yutaka  <gniibe@fsij.org>
 
 	* src/openpgp-do.c (gpg_do_keygen): Support ECC.

NEWS

@@ -2,15 +2,26 @@ Gnuk NEWS - User visible changes
 
 * Major changes in Gnuk 1.1.6
 
-  Released 2015-??-??
+  Released 2015-07-21
 
 ** USB SerialNumber String
 The way to determine a serial number of Gnuk Token has been changed.
 It uses the 96-bit unique bits of MCU, but the portion for use is
 changed.
 
-** STM32 Primer2 support and CQ STARM support are back.
+** Upgrade of Chopstx
+We use Chopstx 0.07, which supports STM32 Primer2 and CQ STARM, too.
 
+** Experimental Curve25519 support.
+
+Gnuk can support Curve25519 (for deecryption).  Note that this is
+pretty much experimental, and subjects to change.  The low level code
+is somehow stable, but there are no consensus in higer level.
+Especially, OID in the key attribute would be changed in future.
+
+** No --enable-keygen option
+It is now standard feature included always.  Note that it doesn't mean
+this feature is stable now.  It is becoming stable, hopefully.
 
 
 * Major changes in Gnuk 1.1.5

README

@@ -1,24 +1,29 @@
 Gnuk - An Implementation of USB Cryptographic Token for GnuPG
 
-							  Version 1.1.5
+							  Version 1.1.6
-							     2015-06-03
+							     2015-07-21
 							   Niibe Yutaka
 				      Free Software Initiative of Japan
 
 Warning
 =======
 
-This is another experimental release of Gnuk, version 1.1.5, which has
+This is another experimental release of Gnuk, version 1.1.6, which has
 incompatible changes to Gnuk 1.0.x.  Specifically, it now supports
 overriding key import, but importing keys (or generating keys) results
 password reset.  Please update your documentation for Gnuk Token, so
 that the instruction of importing keys won't cause any confusion.  It
-has supports of ECDSA (with NIST P256 and secp256k1) and EdDSA with
+has supports of ECDSA (with NIST P256 and secp256k1), EdDSA, and ECDH
-EdDSA, but this feature is pretty much experimental, and it requires
+(with NIST P256, secp256k1, and Curve25519), but this ECC feature is
-development version of GnuPG with newest version of libgcrypt.  You
+pretty much experimental, and it requires development version of GnuPG
-will not able to keep using EdDSA keys, as the key format is subject
+with newest version of libgcrypt (Further, for Curve25519, it requires
-to change.  It also support RSA-4096 experimentally, but users should
+additional patches by me).
-know that it takes more than 8 second to sign/decrypt.
+
+It also support RSA-4096 experimentally, but users should know that it
+takes more than 8 second to sign/decrypt.
+
+You will not able to keep using Curve25519 keys, as the key format is
+subject to change.
 
 
 What's Gnuk?
@@ -114,18 +119,23 @@ Ab: That's because gnome-keyring-daemon interferes GnuPG.  Type:
     and at the tab of "Startup Programs", disable check buttons for
     "GPG Password Agent" and "SSH Key Agent".
 
-Qc: Do you know a good SWD debugger to connect FST-01 or something?
+Qc: With GNOME 3.x (x >= 8?), I can't use Gnuk Token at all.  Why?
-Ac: ST-Link/V2 is cheap one.  We have a tool/stlinkv2.py as flash ROM
+Ac: That's because gnome-keyring-daemon interferes GnuPG.  Please
+    disable the invocation of gnome-keyring-daemon.  In Debian
+    wheezy, it's in the files /etc/xdg/autostart/gnome-keyring-ssh.desktop
+    and /etc/xdg/autostart/gnome-keyring-gpg.desktop.
+    We have a line something like:
+
+        OnlyShowIn=GNOME;Unity;MATE;
+
+    Please edit this line to:
+
+        OnlyShowIn=
+
+Qd: Do you know a good SWD debugger to connect FST-01 or something?
+Ad: ST-Link/V2 is cheap one.  We have a tool/stlinkv2.py as flash ROM
     writer program.
 
-Qd: With GNOME 3.x (x >= 8?), I can't use Gnuk Token at all.  Why?
-Ad: Please set the configration variable OnlyShowIn as none.  Like:
-
-	OnlyShowIn=
-
-    In the files of /etc/xdg/autostart/gnome-keyring-gpg.desktop and
-                    /etc/xdg/autostart/gnome-keyring-ssh.desktop
-
 
 
 
@@ -135,10 +145,11 @@ Release notes
 This is third experimental release in version 1.1 series of Gnuk.
 
 While it is daily use by its developer, some newly introduced features
-(including ECDSA/EdDSA, key generation and firmware upgrade) should be
+(including ECDSA/EdDSA/ECDH, key generation and firmware upgrade)
-considered experimental.  ECDSA/EdDSA is really experimental.
+should be considered experimental.  ECDSA/EdDSA/ECDH is really
-Further, EdDSA is much experimental.  You won't be able to keep using
+experimental.  Further, ECDH on Curve25519 is much experimental.  You
-the EdDSA key, as the key format of GnuPG is subject to change.
+won't be able to keep using the key, since the key format of GnuPG is
+not defined and it's subject to change.
 
 Tested features are:
 
@@ -229,14 +240,14 @@ External source code
 
 Gnuk is distributed with external source code.
 
-* chopstx/  -- Chopstx 0.04
+* chopstx/  -- Chopstx 0.07
 
   We use Chopstx as the kernel for Gnuk.
 
   Chopstx is distributed under GPLv3+ (with a special exception).
 
 
-* polarssl/  -- PolarSSL 1.2.10
+* polarssl/  -- based on PolarSSL 1.2.10 (now mbedTLS)
 
   Souce code taken from: http://polarssl.org/
 
@@ -388,11 +399,10 @@ Flying Stone Tiny 01
 
 If you are using Flying Stone Tiny 01, you need a SWD writer.
 
-OpenOCD 0.6.1 now supports ST-Link/V2.  We can use it:
+OpenOCD 0.9 now supports ST-Link/V2.  We can use it:
 
   $ openocd -f interface/stlink-v2.cfg -f target/stm32f1x_stlink.cfg
 
-But it doesn't support option bytes handling (protection) yet.
 
 
 STBee

VERSION

@@ -1 +1 @@
-release/1.1.5
+release/1.1.6