deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

version 0.20

Browse Source
This commit is contained in:
NIIBE Yutaka
2012-06-19 10:19:26 +09:00
parent cb8ee10292
commit b3c15ce93c
9 changed files with 46 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@@ -1,3 +1,9 @@
2012-06-19 Niibe Yutaka <gniibe@fsij.org>
* Version 0.20.
* src/usb_desc.c (gnukStringSerial): Updated.
2012-06-18 Niibe Yutaka <gniibe@fsij.org> 2012-06-18 Niibe Yutaka <gniibe@fsij.org>
LED display output change. LED display output change.
@@ -6,7 +12,7 @@
(main_mode, display_interaction): Remove. (main_mode, display_interaction): Remove.
(led_inverted, emit_led): New. (led_inverted, emit_led): New.
(display_status_code): Use emit_led. (display_status_code): Use emit_led.
(led_blink): Use LED_* for spec. (led_blink): Use LED_* for SPEC.
(main, fatal): New LED display output. (main, fatal): New LED display output.
* src/gnuk.h (LED_ONESHOT, LED_TWOSHOTS, LED_SHOW_STATUS) * src/gnuk.h (LED_ONESHOT, LED_TWOSHOTS, LED_SHOW_STATUS)
(LED_START_COMMAND, LED_FINISH_COMMAND, LED_FATAL): New semantics. (LED_START_COMMAND, LED_FINISH_COMMAND, LED_FATAL): New semantics.

20
NEWS
View File

@@ -1,19 +1,12 @@
Gnuk NEWS - User visible changes Gnuk NEWS - User visible changes
* Major changes in Gnuk XXXX * Major changes in Gnuk 0.20
Released 2012-XX-XX, by NIIBE Yutaka Released 2012-06-19, by NIIBE Yutaka
** LED display output change
LED display output by Gnuk is now more reactive. It shows status code
when it gets GET_STATUS message of CCID. When you communicate Gnuk by
internal CCID driver of GnuPG (instead of PC/SC), and enable
'debug-disable-ticker' option in .gnupg/scdaemon.conf, it is more
silent now.
** Key generation feature added ** Key generation feature added
Finally, key generation is supported. Note that it may be very slow. Finally, key generation is supported. Note that it may be very slow.
It will take a few minutes (or more) to generate two or three keys, It may take a few minutes (or more) to generate two or three keys,
when you are unlucky. when you are unlucky.
** DnD pinentry support is deprecated ** DnD pinentry support is deprecated
@@ -36,6 +29,13 @@ single block CFB mode). (3) Key data plus checksum are encrypted in
CFB mode with initial vector (it will be able to switch OCB mode CFB mode with initial vector (it will be able to switch OCB mode
easily). easily).
** LED display output change
LED display output by Gnuk is now more reactive. It shows status code
when it gets GET_STATUS message of CCID. When you communicate Gnuk by
internal CCID driver of GnuPG (instead of PC/SC), and enable
'debug-disable-ticker' option in .gnupg/scdaemon.conf, it is more
silent now.
* Major changes in Gnuk 0.19 * Major changes in Gnuk 0.19

38
README
View File

@@ -1,15 +1,15 @@
Gnuk - software for GnuPG USB Token Gnuk - An Implementation of USB Cryptographic Token for GnuPG
Version 0.19 Version 0.20
2012-06-06 2012-06-19
Niibe Yutaka Niibe Yutaka
Free Software Initiative of Japan Free Software Initiative of Japan
What's Gnuk? What's Gnuk?
============ ============
Gnuk is software implementation of a USB token for GNU Privacy Guard. Gnuk is an implementation of USB cryptographic token for GNU Privacy
Gnuk supports OpenPGP card protocol version 2, and it runs on Guard. Gnuk supports OpenPGP card protocol version 2, and it runs on
STM32F103 processor. STM32F103 processor.
I wish that Gnuk will be a developer's soother who uses GnuPG. I have I wish that Gnuk will be a developer's soother who uses GnuPG. I have
@@ -19,8 +19,8 @@ to bring a card reader all the time. With Gnuk, this issue will be
solved by a USB token which is small enough. solved by a USB token which is small enough.
Please look at the graphics of "gnuk.svg" for the software name. My Please look at the graphics of "gnuk.svg" for the software name. My
son used to be with his NUK(R), always, everywhere. I am with a USB son used to be with his NUK(R), always, everywhere. Now, I am with a
Token by "Gnuk", always, everywhere. USB Cryptographic Token by "Gnuk", always, everywhere.
FAQ FAQ
@@ -113,9 +113,10 @@ Ac: STLink v2 is cheap one. See http://code.google.com/p/arm-utilities/
Release notes Release notes
============= =============
This is twentieth release of Gnuk. In this release, firmware upgrade This is "version 1.0 release candidate" of Gnuk. In this release, key
feature is added. While it is daily use, some features (including generation feature is added. While it is daily use, some features
firmware upgrade) are still considered experimental. (including key generation and firmware upgrade) are still considered
experimental.
Tested features are: Tested features are:
@@ -137,12 +138,22 @@ Tested features are:
but you can remove all keys to import again). but you can remove all keys to import again).
* Key generation on device side * Key generation on device side
Original feature of Gnuk, tested (lightly):
* Upgrading with "EXTERNAL AUTHENTICATE" by reGNUal
It is known not-working well: It is known not-working well:
* For some version of kernel and libccid, --enable-debug can't * For some version of kernel and libccid, --enable-debug can't
work well. Please make sure to disable DEBUG option if it work well. Please make sure to disable DEBUG option if it
doesn't work well. doesn't work well.
It is known that the combination libccid 1.4.1 (or newer) with libusb
1.0.8 (or older) has a problem. It is possible for USB communication
to be failed, because of a bug in libusb implementation. Use libusbx
1.0.9 or newer, or don't use PC/SC, but use internal CCID driver of
GnuPG.
Targets Targets
======= =======
@@ -171,13 +182,6 @@ Another PIN-pad support is connecting rotary encoder, push switch and
7-segment LED display. Both of PIN verification and PIN modification 7-segment LED display. Both of PIN verification and PIN modification
are supported for this circuit extension. are supported for this circuit extension.
Also, there is "DnDpinentry" support. This is using usual file
manager for pinentry. User does "drag and drop" folders and it will
be pin entry. This feature doesn't require any additional hardware.
See doc/settings-for-DnDpinentry for your desktop configuration.
However, this will be removed in future version, as it found it's
not that useful.
Note that you need pinpad support for GnuPG to use PIN-pad enabled Note that you need pinpad support for GnuPG to use PIN-pad enabled
Gnuk. The pinpad support for GnuPG is currently in the master branch Gnuk. The pinpad support for GnuPG is currently in the master branch
of GnuPG git repository at git.gnupg.org, and it's under evaluation. of GnuPG git repository at git.gnupg.org, and it's under evaluation.

2
src/usb_desc.c
View File

@@ -262,7 +262,7 @@ const uint8_t gnukStringSerial[] = {
USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */ USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */
/* FSIJ-0.19 */ /* FSIJ-0.19 */
'F', 0, 'S', 0, 'I', 0, 'J', 0, '-', 0, 'F', 0, 'S', 0, 'I', 0, 'J', 0, '-', 0,
'0', 0, '.', 0, '1', 0, '9', 0, /* Version number of Gnuk */ '0', 0, '.', 0, '2', 0, '0', 0, /* Version number of Gnuk */
'-', 0, '-', 0,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,

2
tool/dfuse.py
View File

@@ -94,7 +94,7 @@ STATE_DFU_ERROR = 0x0a
def get_four_bytes (v): def get_four_bytes (v):
return [ v % 256, (v >> 8)%256, (v >> 16)%256, (v >> 24) ] return [ v % 256, (v >> 8)%256, (v >> 16)%256, (v >> 24) ]
class DFU_STM32: class DFU_STM32(object):
def __init__(self, device, configuration, interface): def __init__(self, device, configuration, interface):
""" """
__init__(device, configuration, interface) -> None __init__(device, configuration, interface) -> None

2
tool/gnuk_put_binary.py
View File

@@ -2,7 +2,7 @@
""" """
gnuk_put_binary.py - a tool to put binary to Gnuk Token gnuk_put_binary.py - a tool to put binary to Gnuk Token
This tool is for importing certificate, updating random number, etc. This tool is for importing certificate, writing serial number, etc.
Copyright (C) 2011, 2012 Free Software Initiative of Japan Copyright (C) 2011, 2012 Free Software Initiative of Japan
Author: NIIBE Yutaka <gniibe@fsij.org> Author: NIIBE Yutaka <gniibe@fsij.org>

5
tool/gnuk_put_binary_libusb.py
View File

@@ -2,7 +2,7 @@
""" """
gnuk_put_binary.py - a tool to put binary to Gnuk Token gnuk_put_binary.py - a tool to put binary to Gnuk Token
This tool is for importing certificate, updating random number, etc. This tool is for importing certificate, writing serial number, etc.
Copyright (C) 2011, 2012 Free Software Initiative of Japan Copyright (C) 2011, 2012 Free Software Initiative of Japan
Author: NIIBE Yutaka <gniibe@fsij.org> Author: NIIBE Yutaka <gniibe@fsij.org>
@@ -23,7 +23,6 @@ You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
""" """
from intel_hex import *
from struct import * from struct import *
import sys, time, os, binascii, string import sys, time, os, binascii, string
@@ -49,7 +48,7 @@ def iso7816_compose(ins, p1, p2, data, cls=0x00):
return pack('>BBBBB', cls, ins, p1, p2, data_len) + data return pack('>BBBBB', cls, ins, p1, p2, data_len) + data
# This class only supports Gnuk (for now) # This class only supports Gnuk (for now)
class gnuk_token: class gnuk_token(object):
def __init__(self, device, configuration, interface): def __init__(self, device, configuration, interface):
""" """
__init__(device, configuration, interface) -> None __init__(device, configuration, interface) -> None

5
tool/gnuk_upgrade.py
View File

@@ -22,7 +22,6 @@ You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
""" """
from intel_hex import *
from struct import * from struct import *
import sys, time, os, binascii, string import sys, time, os, binascii, string
@@ -47,7 +46,7 @@ def iso7816_compose(ins, p1, p2, data, cls=0x00):
else: else:
return pack('>BBBBB', cls, ins, p1, p2, data_len) + data return pack('>BBBBB', cls, ins, p1, p2, data_len) + data
class regnual: class regnual(object):
def __init__(self, dev): def __init__(self, dev):
conf = dev.configurations[0] conf = dev.configurations[0]
intf_alt = conf.interfaces[0] intf_alt = conf.interfaces[0]
@@ -154,7 +153,7 @@ class regnual:
pass pass
# This class only supports Gnuk (for now) # This class only supports Gnuk (for now)
class gnuk_token: class gnuk_token(object):
def __init__(self, device, configuration, interface): def __init__(self, device, configuration, interface):
""" """
__init__(device, configuration, interface) -> None __init__(device, configuration, interface) -> None

2
tool/intel_hex.py
View File

@@ -9,7 +9,7 @@ You can use/distribute/modify/etc. this for any purpose.
import binascii import binascii
class intel_hex: class intel_hex(object):
def __init__(self, filename): def __init__(self, filename):
self.start_address = 0 self.start_address = 0
self.address = 0 self.address = 0