deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

version 0.20

Browse Source
This commit is contained in:
NIIBE Yutaka
2012-06-19 10:19:26 +09:00
parent cb8ee10292
commit b3c15ce93c
9 changed files with 46 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@@ -1,3 +1,9 @@
2012-06-19 Niibe Yutaka <gniibe@fsij.org>
* Version 0.20.
* src/usb_desc.c (gnukStringSerial): Updated.
2012-06-18 Niibe Yutaka <gniibe@fsij.org>
LED display output change.
@@ -6,7 +12,7 @@
(main_mode, display_interaction): Remove.
(led_inverted, emit_led): New.
(display_status_code): Use emit_led.
(led_blink): Use LED_* for spec.
(led_blink): Use LED_* for SPEC.
(main, fatal): New LED display output.
* src/gnuk.h (LED_ONESHOT, LED_TWOSHOTS, LED_SHOW_STATUS)
(LED_START_COMMAND, LED_FINISH_COMMAND, LED_FATAL): New semantics.

20
NEWS
View File

@@ -1,19 +1,12 @@
Gnuk NEWS - User visible changes
* Major changes in Gnuk XXXX
* Major changes in Gnuk 0.20
Released 2012-XX-XX, by NIIBE Yutaka
** LED display output change
LED display output by Gnuk is now more reactive. It shows status code
when it gets GET_STATUS message of CCID. When you communicate Gnuk by
internal CCID driver of GnuPG (instead of PC/SC), and enable
'debug-disable-ticker' option in .gnupg/scdaemon.conf, it is more
silent now.
Released 2012-06-19, by NIIBE Yutaka
** Key generation feature added
Finally, key generation is supported. Note that it may be very slow.
It will take a few minutes (or more) to generate two or three keys,
It may take a few minutes (or more) to generate two or three keys,
when you are unlucky.
** DnD pinentry support is deprecated
@@ -36,6 +29,13 @@ single block CFB mode). (3) Key data plus checksum are encrypted in
CFB mode with initial vector (it will be able to switch OCB mode
easily).
** LED display output change
LED display output by Gnuk is now more reactive. It shows status code
when it gets GET_STATUS message of CCID. When you communicate Gnuk by
internal CCID driver of GnuPG (instead of PC/SC), and enable
'debug-disable-ticker' option in .gnupg/scdaemon.conf, it is more
silent now.
* Major changes in Gnuk 0.19

38
README
View File

@@ -1,15 +1,15 @@
Gnuk - software for GnuPG USB Token
Gnuk - An Implementation of USB Cryptographic Token for GnuPG
Version 0.19
2012-06-06
Version 0.20
2012-06-19
Niibe Yutaka
Free Software Initiative of Japan
What's Gnuk?
============
Gnuk is software implementation of a USB token for GNU Privacy Guard.
Gnuk supports OpenPGP card protocol version 2, and it runs on
Gnuk is an implementation of USB cryptographic token for GNU Privacy
Guard. Gnuk supports OpenPGP card protocol version 2, and it runs on
STM32F103 processor.
I wish that Gnuk will be a developer's soother who uses GnuPG. I have
@@ -19,8 +19,8 @@ to bring a card reader all the time. With Gnuk, this issue will be
solved by a USB token which is small enough.
Please look at the graphics of "gnuk.svg" for the software name. My
son used to be with his NUK(R), always, everywhere. I am with a USB
Token by "Gnuk", always, everywhere.
son used to be with his NUK(R), always, everywhere. Now, I am with a
USB Cryptographic Token by "Gnuk", always, everywhere.
FAQ
@@ -113,9 +113,10 @@ Ac: STLink v2 is cheap one. See http://code.google.com/p/arm-utilities/
Release notes
=============
This is twentieth release of Gnuk. In this release, firmware upgrade
feature is added. While it is daily use, some features (including
firmware upgrade) are still considered experimental.
This is "version 1.0 release candidate" of Gnuk. In this release, key
generation feature is added. While it is daily use, some features
(including key generation and firmware upgrade) are still considered
experimental.
Tested features are:
@@ -137,12 +138,22 @@ Tested features are:
but you can remove all keys to import again).
* Key generation on device side
Original feature of Gnuk, tested (lightly):
* Upgrading with "EXTERNAL AUTHENTICATE" by reGNUal
It is known not-working well:
* For some version of kernel and libccid, --enable-debug can't
work well. Please make sure to disable DEBUG option if it
doesn't work well.
It is known that the combination libccid 1.4.1 (or newer) with libusb
1.0.8 (or older) has a problem. It is possible for USB communication
to be failed, because of a bug in libusb implementation. Use libusbx
1.0.9 or newer, or don't use PC/SC, but use internal CCID driver of
GnuPG.
Targets
=======
@@ -171,13 +182,6 @@ Another PIN-pad support is connecting rotary encoder, push switch and
7-segment LED display. Both of PIN verification and PIN modification
are supported for this circuit extension.
Also, there is "DnDpinentry" support. This is using usual file
manager for pinentry. User does "drag and drop" folders and it will
be pin entry. This feature doesn't require any additional hardware.
See doc/settings-for-DnDpinentry for your desktop configuration.
However, this will be removed in future version, as it found it's
not that useful.
Note that you need pinpad support for GnuPG to use PIN-pad enabled
Gnuk. The pinpad support for GnuPG is currently in the master branch
of GnuPG git repository at git.gnupg.org, and it's under evaluation.

2
src/usb_desc.c
View File

@@ -262,7 +262,7 @@ const uint8_t gnukStringSerial[] = {
USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */
/* FSIJ-0.19 */
'F', 0, 'S', 0, 'I', 0, 'J', 0, '-', 0,
'0', 0, '.', 0, '1', 0, '9', 0, /* Version number of Gnuk */
'0', 0, '.', 0, '2', 0, '0', 0, /* Version number of Gnuk */
'-', 0,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,

2
tool/dfuse.py
View File

@@ -94,7 +94,7 @@ STATE_DFU_ERROR = 0x0a
def get_four_bytes (v):
return [ v % 256, (v >> 8)%256, (v >> 16)%256, (v >> 24) ]
class DFU_STM32:
class DFU_STM32(object):
def __init__(self, device, configuration, interface):
"""
__init__(device, configuration, interface) -> None

2
tool/gnuk_put_binary.py
View File

@@ -2,7 +2,7 @@
"""
gnuk_put_binary.py - a tool to put binary to Gnuk Token
This tool is for importing certificate, updating random number, etc.
This tool is for importing certificate, writing serial number, etc.
Copyright (C) 2011, 2012 Free Software Initiative of Japan
Author: NIIBE Yutaka <gniibe@fsij.org>

5
tool/gnuk_put_binary_libusb.py
View File

@@ -2,7 +2,7 @@
"""
gnuk_put_binary.py - a tool to put binary to Gnuk Token
This tool is for importing certificate, updating random number, etc.
This tool is for importing certificate, writing serial number, etc.
Copyright (C) 2011, 2012 Free Software Initiative of Japan
Author: NIIBE Yutaka <gniibe@fsij.org>
@@ -23,7 +23,6 @@ You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
from intel_hex import *
from struct import *
import sys, time, os, binascii, string
@@ -49,7 +48,7 @@ def iso7816_compose(ins, p1, p2, data, cls=0x00):
return pack('>BBBBB', cls, ins, p1, p2, data_len) + data
# This class only supports Gnuk (for now)
class gnuk_token:
class gnuk_token(object):
def __init__(self, device, configuration, interface):
"""
__init__(device, configuration, interface) -> None

5
tool/gnuk_upgrade.py
View File

@@ -22,7 +22,6 @@ You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
from intel_hex import *
from struct import *
import sys, time, os, binascii, string
@@ -47,7 +46,7 @@ def iso7816_compose(ins, p1, p2, data, cls=0x00):
else:
return pack('>BBBBB', cls, ins, p1, p2, data_len) + data
class regnual:
class regnual(object):
def __init__(self, dev):
conf = dev.configurations[0]
intf_alt = conf.interfaces[0]
@@ -154,7 +153,7 @@ class regnual:
pass
# This class only supports Gnuk (for now)
class gnuk_token:
class gnuk_token(object):
def __init__(self, device, configuration, interface):
"""
__init__(device, configuration, interface) -> None

2
tool/intel_hex.py
View File

@@ -9,7 +9,7 @@ You can use/distribute/modify/etc. this for any purpose.
import binascii
class intel_hex:
class intel_hex(object):
def __init__(self, filename):
self.start_address = 0
self.address = 0