diff --git a/README b/README index a9a0634..67b305d 100644 --- a/README +++ b/README @@ -87,7 +87,7 @@ With DfuSe support, CQ STARM, STBee, and STBee Mini are also our targets. But those targets with DfuSe are basically not for normal use but for experiments, because it would be impossible for DfuSe to disable read from flash. For real use, please consider killing DfuSe -and enable read protect using JTAG debugger. +and enable read protection using JTAG debugger. I think that it could run on Olimex STM32-P103, or other boards with STM32F103. Besides, we are porting it to STM32 Primer 2. diff --git a/doc/HACKING b/doc/HACKING index 6246e76..5087246 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -1,17 +1,3 @@ -* [DONE] configure support - -configure script would be good to select a board and to generate -random serial number. - - -* Random number update - -Currently, Gnuk doesn't have random number generator, but use random -bytes calculated by hosts. After Gnuk uses random number, the entry in -Flash ROM will be cleared. Some scheme to update random number bytes -is needed. Possibly, private Data Objects, or by another SELECT FILE. - - * Random Number Generator RNG is needed for Data Encryption Key to encrypt private key (P and Q). @@ -24,21 +10,44 @@ be possible to get entropy from USB traffic (of other devices). It would be good not to use malloc. +* Flash ROM recover from unexpected shutdown during write + + +* [DONE] configure support + +configure script would be good to select a board and to generate +random serial number. + + +* [DONE] Random number update + +Implemented using SECECT_FILE and UPDATE_BINARY command, which is not +in the OpenPGP card specification. + +Old description: Currently, Gnuk doesn't have random number generator, +but use random bytes calculated by hosts. After Gnuk uses random +number, the entry in Flash ROM will be cleared. Some scheme to update +random number bytes is needed. Possibly, private Data Objects, or by +another SELECT FILE. + + * [DONE] Manufacture ID Get it from FSFE. -* [Mostly DONE] Serial number +* [DONE] Serial number The AID of the card contains serial number. It should be unique. USB serial number should be unique to identify different tokens, too. -* Flash ROM recover from shutdown - - * [DONE] Flash ROM garbage collection -* Flash ROM protection +* [DONE] Flash ROM protection + +Flash ROM can be protected with OpenOCD. DfuSe users should know that +the content can be accessible by DfuSe, even if we enable read +protection of flash ROM. For proper protection, don't use DfuSe but +use OpenOCD to write and protect.