Version 1.2.14.

I misunderstood semantics of __builtin_ffs function which prefers
less significant 1-bit.

.gitignore

@@ -6,6 +6,7 @@ src/.dep
 src/config.mk
 src/config.h
 src/gnuk.ld
+src/stdaln-sys.ld
 src/board.h
 src/build/*
 src/*.inc
@@ -16,3 +17,4 @@ regnual/regnual.elf
 doc/_build
 tests/.cache
 tests/__pycache__
+tests/.pytest_cache

AUTHORS

@@ -65,3 +65,12 @@ NIIBE Yutaka:
 	src/usb_lld.h
 	*
 	and others.
+
+Peter Lebbing:
+    Modified:
+	src/config.h.in
+	src/configure
+	src/main.c
+	src/Makefile
+    Wrote:
+	src/stdaln-sys.ld.in

ChangeLog

@@ -1,3 +1,88 @@
+2019-03-04  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* VERSION: 1.2.14.
+
+	* chopstx: Update to 1.14.
+
+	* tool/gnuk_token.py: Add 1209:2440.
+
+2019-02-24  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/usb-ccid.c (ccid_thread): Clean up the ack button state
+	at reset (by SET_INTERFACE).
+
+	* tool/gnuk_token.py (gnuk_token.__init__): Add back
+	setAltInterface to issue SET_INTERFACE control transfer.
+
+2019-02-22  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* tool/gnuk_get_random.py: New.
+
+	* src/openpgp.c (cmd_external_authenticate): move
+	ACKBTN_SUPPORT to...
+	(cmd_get_challenge): ... here.
+
+	* src/gnuk.h (EV_*): Change the values.
+
+	* src/usb-ccid.c (GPG_ACK_TIMEOUT): New.
+	(ccid_thread): Implement timout for the user interaction.
+
+2019-02-21  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* GNUK_USB_DEVICE_ID: Add 1209:2440.
+
+2018-12-26  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* VERSION: 1.2.13.
+
+2018-12-22  Peter Lebbing <peter@digitalbrains.com>
+
+	* src/main.c (device_initialize_once): Fill the stack address and
+	reset vector of Gnuk application (was the one of old SYS).
+	Reset the board after updating the first five pages of flash.
+
+2018-12-21  Peter Lebbing <peter@digitalbrains.com>
+
+	* src/main.c [DFU_SUPPORT] (flash_write_any): New.
+	(device_initialize_once): Overwrite DFU bootloader by SYS.
+	(main): Use SYS at ORIGIN_REAL.
+
+	* src/stdaln-sys.ld.in: New.
+
+	* src/Makefile [USE_DFU] (OBJS_ADD): Add standalone SYS object.
+	Add rules for stdaln-sys-bin.o and src/stdaln-sys.ld.
+
+	* src/configure: Generate stdaln-sys.ld.
+	[MAPLE_MINI]: Tweak ORIGIN and FLASH_SIZE.
+	(ORIGIN_DEFINE, ORIGIN_REAL_DEFINE): New macros.
+	(USE_DFU): New make variable.
+
+	* src/config.h.in (ORIGIN_DEFINE, ORIGIN_REAL_DEFINE): New.
+
+2018-12-20  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* chopstx: Update to 1.13.
+
+2018-12-07  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/gnuk.h (EV_EXEC_ACK_REQUIRED): Have precedence
+	than EV_EXEC_FINISHED.
+
+2018-12-06  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/usb-ccid.c (ccid_thread): Priority of handling
+	EV_TX_FINISHED is most important.  Don't handle
+	Ack button event when c->tx_busy = 1.
+
+2018-12-05  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp.c (cmd_external_authenticate): Support
+	ACK button for firmware update.
+
+2018-12-04  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp-do.c (gpg_data_copy): Fix for NR_DO_UIF_SIG.
+
 2018-11-25  NIIBE Yutaka  <gniibe@fsij.org>
 
 	* VERSION: 1.2.12.

GNUK_USB_DEVICE_ID

@@ -2,4 +2,5 @@
 0000:0000	0200	Gnuk Emulation	Free Software Initiative of Japan
 234b:0000	0200	Gnuk Token	Free Software Initiative of Japan
 20a0:4211	0200	Nitrokey Start	Nitrokey
+1209:2440	0200	Gnuk Token	GnuPG e.V.
 ##########<TAB>	##<TAB>	##########<TAB>	#################

NEWS

@@ -1,6 +1,39 @@
 Gnuk NEWS - User visible changes
 
 
+* Major changes in Gnuk 1.2.14
+
+  Released 2019-03-05, by NIIBE Yutaka
+
+** Timeout for ACK button support
+When a user doesn't acknowledge (> 15 seconds), the operation
+timeouts, and authentication state is cleared.
+
+** Upgrade of Chopstx
+We use Chopstx 1.14.
+
+
+* Major changes in Gnuk 1.2.13
+
+  Released 2018-12-26, by NIIBE Yutaka
+
+** DFU support and its firmware upgrade fix
+DFU support was not well maintained, and firmware upgrade was not
+possible for boards with DFU.  Now, at least for Maple Mini, it is
+tested.  Note that using Gnuk with DFU on a board is only for an
+experiment, because DFU can access the content of flash ROM.  DFU
+should be killed by upgrading to normal Gnuk, so that you can have
+your private keys.
+
+** Fix for UIF Data Object
+When flash ROM is full and coping to new page, UIF DO was not properly
+copied.  This bug resulted losing the flag for user interaction.  Now,
+it's properly copied, keeping the setting of the feature.
+
+** Upgrade of Chopstx
+We use Chopstx 1.13.
+
+
 * Major changes in Gnuk 1.2.12
 
   Released 2018-11-25, by NIIBE Yutaka

README

@@ -1,14 +1,14 @@
 Gnuk - An Implementation of USB Cryptographic Token for GnuPG
 
-							 Version 1.2.12
-							     2018-11-25
+							 Version 1.2.14
+							     2019-03-05
 							   Niibe Yutaka
 				      Free Software Initiative of Japan
 
 Release Notes
 =============
 
-This is the release of Gnuk, version 1.2.12, which has major
+This is the release of Gnuk, version 1.2.14, which has major
 incompatible changes to Gnuk 1.0.x.  Specifically, it now supports
 overriding key import, but importing keys (or generating keys) results
 password reset.  Also, you need to import private keys before changing
@@ -249,7 +249,7 @@ External source code
 
 Gnuk is distributed with external source code.
 
-* chopstx/  -- Chopstx 1.12
+* chopstx/  -- Chopstx 1.14
 
   We use Chopstx as the kernel for Gnuk.
 
@@ -372,9 +372,9 @@ On Debian we can install the packages of gcc-arm-none-eabi,
 gdb-arm-none-eabi and its friends.  I'm using:
 
 	binutils-arm-none-eabi	2.31.1-2+10
-	gcc-arm-none-eabi 	15:7-2018-q2-4
-	gdb-arm-none-eabi 	7.12-6+9+b2
-	libnewlib-arm-none-eabi	3.0.0.20180802-2
+	gcc-arm-none-eabi 	15:7-2018-q2-6
+	gdb-multiarch 		8.2.1-1
+	libnewlib-arm-none-eabi	3.1.0.20181231-1
 
 Or else, see https://launchpad.net/gcc-arm-embedded for preparation of
 GNU Toolchain for 'arm-none-eabi' target.

THANKS

@@ -35,6 +35,7 @@ Nico Rikken		nico@nicorikken.eu
 NOKUBI Takatsugu	knok@daionet.gr.jp
 Paul Fertser
 Paul Bakker		polarssl_maintainer@polarssl.org
+Peter Lebbing		peter@digitalbrains.com
 Santiago Ruano Rincón	santiago@debian.org
 Shane Coughlan		scoughlan@openinventionnetwork.com
 Stanislas Bach		sbach@0g.re

VERSION

@@ -1 +1 @@
-release/1.2.12
+release/1.2.14

regnual/Makefile

@@ -52,6 +52,7 @@ regnual-no-vidpid.elf: $(OBJS) $(LDSCRIPT)
 	$(CC) $(LDFLAGS) -o regnual-no-vidpid.elf $(OBJS)
 
 clean:
-	-rm -f $(OBJS) regnual.elf regnual.hex regnual.bin *.lst
+	-rm -f $(OBJS) regnual-no-vidpid.elf regnual.elf regnual.hex regnual.bin \
+		*.lst
 
 distclean: clean

src/Makefile

@@ -53,6 +53,10 @@ ifeq ($(CHIP),stm32f103)
 CSRC += mcu-stm32f103.c 
 endif
 
+ifneq ($(USE_DFU),)
+OBJS_ADD += build/stdaln-sys-bin.o
+endif
+
 ###################################
 CC   = $(CROSS)gcc
 LD   = $(CROSS)gcc
@@ -72,9 +76,19 @@ sys.c: board.h
 
 build/bignum.o: OPT = -O3 -g
 
+build/stdaln-sys.elf: build/sys-$(CHIP).o stdaln-sys.ld
+	@echo
+	$(LD) -v $< $(MCFLAGS) -nostartfiles -Tstdaln-sys.ld -Wl,--no-warn-mismatch,--gc-sections $(LLIBDIR) -o $@
+
+build/stdaln-sys-bin.o: build/stdaln-sys.elf
+	@echo
+	$(OBJCOPY) -O binary -j .sys $< build/stdaln-sys.bin
+	$(OBJCOPY) -I binary -O default --rename-section .data=.rodata \
+		build/stdaln-sys.bin $@
+
 distclean: clean
-	-rm -f gnuk.ld config.h board.h config.mk \
-	       usb-strings.c.inc usb-vid-pid-ver.c.inc
+	-rm -f gnuk.ld stdaln-sys.ld config.h board.h config.mk \
+	       usb-strings.c.inc put-vid-pid-ver.sh
 
 ifeq ($(EMULATION),)
 build/gnuk.elf: build/gnuk-no-vidpid.elf binary-edit.sh put-vid-pid-ver.sh

src/config.h.in

@@ -3,6 +3,8 @@
 #define ENABLE_VIRTUAL_COM_PORT 1
 #endif
 @DFU_DEFINE@
+@ORIGIN_DEFINE@
+@ORIGIN_REAL_DEFINE@
 @PINPAD_DEFINE@
 @PINPAD_MORE_DEFINE@
 @CERTDO_DEFINE@

src/configure

@@ -260,6 +260,8 @@ else
   echo "Debug option disabled"
 fi
 
+ORIGIN_REAL=0x08000000
+ORIGIN_REAL_DEFINE="#define ORIGIN_REAL $ORIGIN_REAL"
 # --with-dfu option
 if test "$with_dfu" = "yes"; then
   if test "$target" = "FST_01" -o "$target" = "FST_01G" \
@@ -268,15 +270,23 @@ if test "$with_dfu" = "yes"; then
       exit 1
   fi
   echo "Configured for DFU"
+  if test "$target" = "MAPLE_MINI"; then
+    # Note that the default bootloader is too large, need for instance
+    # STM32duino for DFU on Maple Mini
+    ORIGIN=0x08002000
+    FLASH_SIZE=$((FLASH_SIZE - 8))
+  else
     ORIGIN=0x08003000
     FLASH_SIZE=$((FLASH_SIZE - 12))
+  fi
   DFU_DEFINE="#define DFU_SUPPORT 1"
 else
   with_dfu=no
   echo "Configured for bare system (no-DFU)"
-  ORIGIN=0x08000000
+  ORIGIN=${ORIGIN_REAL}
   DFU_DEFINE="#undef DFU_SUPPORT"
 fi
+ORIGIN_DEFINE="#define ORIGIN $ORIGIN"
 
 # --enable-pinpad option
 if test "$pinpad" = "no"; then
@@ -473,6 +483,9 @@ fi
  if test "$ackbtn_support" = "yes"; then
    echo "USE_ACKBTN=yes"
  fi
+ if test "$with_dfu" = "yes"; then
+   echo "USE_DFU=yes"
+ fi
  if test "$emulation" = "yes"; then
    echo "prefix=$prefix"
    echo "exec_prefix=$exec_prefix"
@@ -493,8 +506,12 @@ else
       -e "s/@FLASH_PAGE_SIZE@/$FLASH_PAGE_SIZE/" \
 	< gnuk.ld.in > gnuk.ld
 fi
+sed -e "s/@ORIGIN_REAL@/$ORIGIN_REAL/" -e "s/@MEMORY_SIZE@/$MEMORY_SIZE/" \
+	< stdaln-sys.ld.in > stdaln-sys.ld
 sed -e "s/@DEBUG_DEFINE@/$DEBUG_DEFINE/" \
     -e "s/@DFU_DEFINE@/$DFU_DEFINE/" \
+    -e "s/@ORIGIN_DEFINE@/$ORIGIN_DEFINE/" \
+    -e "s/@ORIGIN_REAL_DEFINE@/$ORIGIN_REAL_DEFINE/" \
     -e "s/@PINPAD_DEFINE@/$PINPAD_DEFINE/" \
     -e "s/@PINPAD_MORE_DEFINE@/$PINPAD_MORE_DEFINE/" \
     -e "s/@CERTDO_DEFINE@/$CERTDO_DEFINE/" \

src/gnuk.h

@@ -24,18 +24,18 @@ extern struct apdu apdu;
 void ccid_card_change_signal (int how);
 
 /* CCID thread */
-#define EV_RX_DATA_READY      1 /* USB Rx data available  */
-#define EV_EXEC_ACK_REQUIRED  2 /* OpenPGPcard Execution ACK required*/
-#define EV_EXEC_FINISHED      4 /* OpenPGPcard Execution finished */
-#define EV_TX_FINISHED        8 /* CCID Tx finished  */
-#define EV_CARD_CHANGE       16
+#define EV_CARD_CHANGE        1
+#define EV_TX_FINISHED        2 /* CCID Tx finished  */
+#define EV_EXEC_ACK_REQUIRED  4 /* OpenPGPcard Execution ACK required */
+#define EV_EXEC_FINISHED      8 /* OpenPGPcard Execution finished */
+#define EV_RX_DATA_READY     16 /* USB Rx data available  */
 
 /* OpenPGPcard thread */
-#define EV_PINPAD_INPUT_DONE      1
-#define EV_EXIT                   2
+#define EV_MODIFY_CMD_AVAILABLE   1
+#define EV_VERIFY_CMD_AVAILABLE   2
 #define EV_CMD_AVAILABLE          4
-#define EV_VERIFY_CMD_AVAILABLE   8
-#define EV_MODIFY_CMD_AVAILABLE  16
+#define EV_EXIT                   8
+#define EV_PINPAD_INPUT_DONE     16
 
 /* Maximum cmd apdu data is key import 24+4+256+256 (proc_key_import) */
 #define MAX_CMD_APDU_DATA_SIZE (24+4+256+256) /* without header */

src/main.c

@@ -51,6 +51,28 @@
 #define LED_TIMEOUT_ONE		(100*1000)
 #define LED_TIMEOUT_STOP	(200*1000)
 
+#ifdef DFU_SUPPORT
+static int
+flash_write_any (uintptr_t dst_addr, const uint8_t *src, size_t len)
+{
+  int status;
+
+  while (len)
+    {
+      uint16_t hw = *src++;
+
+      hw |= (*src++ << 8);
+      status = flash_program_halfword (dst_addr, hw);
+      if (status != 0)
+        return 0;              /* error return */
+
+      dst_addr += 2;
+      len -= 2;
+    }
+
+  return 1;
+}
+#endif
 
 #ifdef GNU_LINUX_EMULATION
 uint8_t *flash_addr_key_storage_start;
@@ -83,6 +105,55 @@ device_initialize_once (void)
 	  nibble += (nibble >= 10 ? ('A' - 10) : '0');
 	  flash_put_data_internal (&p[i*4+2], nibble);
 	}
+
+#ifdef DFU_SUPPORT
+#define CHIP_ID_REG ((uint32_t *)0xE0042000)
+      /*
+       * Overwrite DFU bootloader with a copy of SYS linked to ORIGIN_REAL.
+       * Then protect flash from readout.
+       */
+      {
+        extern uint8_t _binary_build_stdaln_sys_bin_start;
+        extern uint8_t _binary_build_stdaln_sys_bin_size;
+        size_t stdaln_sys_size = (size_t) &_binary_build_stdaln_sys_bin_size;
+        extern const uint32_t FT0[256], FT1[256], FT2[256];
+        extern handler vector_table[];
+        uintptr_t addr;
+        uint32_t flash_page_size = 1024; /* 1KiB default */
+
+        if (((*CHIP_ID_REG)&0x07) == 0x04) /* High density device.  */
+          flash_page_size = 2048; /* It's 2KiB. */
+
+        /* Kill DFU */
+        for (addr = ORIGIN_REAL; addr < ORIGIN;
+             addr += flash_page_size)
+          flash_erase_page (addr);
+
+        /* Copy SYS */
+        addr = ORIGIN_REAL;
+        flash_write_any(addr, &_binary_build_stdaln_sys_bin_start,
+                        stdaln_sys_size);
+        addr += stdaln_sys_size;
+        flash_write_any(addr, (const uint8_t *) &FT0, sizeof(FT0));
+        addr += sizeof(FT0);
+        flash_write_any(addr, (const uint8_t *) &FT1, sizeof(FT1));
+        addr += sizeof(FT1);
+        flash_write_any(addr, (const uint8_t *) &FT2, sizeof(FT2));
+
+        addr = ORIGIN_REAL + 0x1000;
+        if (addr < ORIGIN) {
+          /* Need to patch top of stack and reset vector there */
+          handler *new_vector = (handler *) addr;
+          flash_write((uintptr_t) &new_vector[0], (const uint8_t *)
+                      &vector_table[0], sizeof(handler));
+          flash_write((uintptr_t) &new_vector[1], (const uint8_t *)
+                      &vector[1], sizeof(handler));
+        }
+
+        flash_protect();
+        nvic_system_reset();
+      }
+#endif
     }
 }
 #endif
@@ -402,26 +473,10 @@ main (int argc, const char *argv[])
   SCB->VTOR = (uintptr_t)&_regnual_start;
   entry = calculate_regnual_entry_address (&_regnual_start);
 #ifdef DFU_SUPPORT
-#define FLASH_SYS_START_ADDR 0x08000000
-#define FLASH_SYS_END_ADDR (0x08000000+0x1000)
-#define CHIP_ID_REG ((uint32_t *)0xE0042000)
   {
-    extern uint8_t _sys;
-    uintptr_t addr;
-    handler *new_vector = (handler *)FLASH_SYS_START_ADDR;
-    void (*func) (void (*)(void)) = (void (*)(void (*)(void)))new_vector[9];
-    uint32_t flash_page_size = 1024; /* 1KiB default */
-
-   if ((*CHIP_ID_REG)&0x07 == 0x04) /* High dencity device.  */
-     flash_page_size = 2048; /* It's 2KiB. */
-
-    /* Kill DFU */
-    for (addr = FLASH_SYS_START_ADDR; addr < FLASH_SYS_END_ADDR;
-	 addr += flash_page_size)
-      flash_erase_page (addr);
-
-    /* copy system service routines */
-    flash_write (FLASH_SYS_START_ADDR, &_sys, 0x1000);
+    /* Use SYS at ORIGIN_REAL instead of the one at ORIGIN */
+    handler *new_vector = (handler *)ORIGIN_REAL;
+    void (*func) (void (*)(void)) = (void (*)(void (*)(void))) new_vector[9];
 
     /* Leave Gnuk to exec reGNUal */
     (*func) ((void (*)(void))entry);

src/openpgp-do.c

@@ -1965,9 +1965,9 @@ gpg_data_copy (const uint8_t *p_start)
       }
 
   for (i = 0; i < 3; i++)
-    if ((v = (uif_flags & (3 << (i * 2)))))
+    if ((v = (uif_flags >> (i * 2)) & 3))
       {
-	flash_enum_write_internal (p, NR_DO_UIF_SIG + 1, v);
+	flash_enum_write_internal (p, NR_DO_UIF_SIG + i, v);
 	p += 2;
       }
 

src/openpgp.c

@@ -2,6 +2,7 @@
  * openpgp.c -- OpenPGP card protocol support
  *
  * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018
+ *               2019
  *               Free Software Initiative of Japan
  * Author: NIIBE Yutaka <gniibe@fsij.org>
  *
@@ -1425,6 +1426,13 @@ cmd_get_challenge (struct eventflag *ccid_comm)
   if (challenge)
     random_bytes_free (challenge);
 
+#ifdef ACKBTN_SUPPORT
+  if (gpg_do_get_uif (GPG_KEY_FOR_SIGNING)
+      || gpg_do_get_uif (GPG_KEY_FOR_DECRYPTION)
+      || gpg_do_get_uif (GPG_KEY_FOR_AUTHENTICATION))
+    eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED);
+#endif
+
   challenge = random_bytes_get ();
   memcpy (res_APDU, challenge, len);
   res_APDU_size = len;

src/stdaln-sys.ld.in

@@ -0,0 +1,39 @@
+/*
+ * ST32F103 memory setup.
+ */
+MEMORY
+{
+    flash0 : org = @ORIGIN_REAL@, len = 4k
+    ram : org = 0x20000000, len = @MEMORY_SIZE@k
+}
+
+__ram_start__           = ORIGIN(ram);
+__ram_size__            = LENGTH(ram);
+__ram_end__             = __ram_start__ + __ram_size__;
+
+SECTIONS
+{
+    . = 0;
+
+    .sys : ALIGN(4) SUBALIGN(4)
+    {
+	_sys = .;
+	KEEP(*(.vectors))
+	. = ALIGN(16);
+	KEEP(*(.sys.version))
+	KEEP(*(.sys.board_id))
+	KEEP(*(.sys.board_name))
+	build/sys-*.o(.text)
+	build/sys-*.o(.text.*)
+	build/sys-*.o(.rodata)
+	build/sys-*.o(.rodata.*)
+	. = ALIGN(1024);
+    } > flash0
+
+    .aesft : ALIGN(4) SUBALIGN(4)
+    {
+	*(.sys.0)
+	*(.sys.1)
+	*(.sys.2)
+    } > flash0
+}

src/usb-ccid.c

@@ -1,7 +1,8 @@
 /*
  * usb-ccid.c -- USB CCID protocol handling
  *
- * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018
+ * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018,
+ *               2019
  *               Free Software Initiative of Japan
  * Author: NIIBE Yutaka <gniibe@fsij.org>
  *
@@ -190,6 +191,7 @@ struct ccid {
   uint32_t state      : 4;
   uint32_t err        : 1;
   uint32_t tx_busy    : 1;
+  uint32_t timeout_cnt: 3;
 
   uint8_t *p;
   size_t len;
@@ -1577,7 +1579,7 @@ ccid_notify_slot_change (struct ccid *c)
 #define USB_CCID_TIMEOUT (1950*1000)
 
 #define GPG_THREAD_TERMINATED 0xffff
-
+#define GPG_ACK_TIMEOUT 0x6600
 
 extern uint32_t bDeviceState;
 extern void usb_device_reset (struct usb_dev *dev);
@@ -1728,6 +1730,7 @@ ccid_thread (void *arg)
   struct usb_dev dev;
   struct ccid *c = &ccid;
   uint32_t *timeout_p;
+  int ackbtn_active = 0;
 
   (void)arg;
 
@@ -1749,6 +1752,13 @@ ccid_thread (void *arg)
     struct ep_out *epo = &endpoint_out;
     struct apdu *a = &apdu;
 
+    if (ackbtn_active)
+      {
+	ackbtn_active = 0;
+	ackbtn_disable ();
+	led_blink (LED_WAIT_FOR_BUTTON);
+      }
+
     epi_init (epi, ENDP1, c);
     epo_init (epo, ENDP1, c);
     apdu_init (a);
@@ -1774,7 +1784,8 @@ ccid_thread (void *arg)
       eventflag_set_mask (&c->ccid_comm, c->tx_busy ? EV_TX_FINISHED : ~0);
 
 #ifdef ACKBTN_SUPPORT
-      chopstx_poll (timeout_p, CCID_POLL_NUM - c->tx_busy, ccid_poll);
+      chopstx_poll (timeout_p, CCID_POLL_NUM - (c->tx_busy || !ackbtn_active),
+		    ccid_poll);
 #else
       chopstx_poll (timeout_p, CCID_POLL_NUM, ccid_poll);
 #endif
@@ -1800,11 +1811,12 @@ ccid_thread (void *arg)
 	}
 
 #ifdef ACKBTN_SUPPORT
-      if (ack_intr.ready)
+      if (!c->tx_busy && ack_intr.ready)
 	{
+	  ackbtn_active = 0;
 	  ackbtn_disable ();
-	  chopstx_intr_done (&ack_intr);
 	  led_blink (LED_WAIT_FOR_BUTTON);
+	  chopstx_intr_done (&ack_intr);
 	  if (c->ccid_state == CCID_STATE_ACK_REQUIRED_1)
 	    goto exec_done;
 
@@ -1813,7 +1825,11 @@ ccid_thread (void *arg)
 	}
 #endif
 
+      if (timeout == 0)
+	{
 	  timeout = USB_CCID_TIMEOUT;
+	  c->timeout_cnt++;
+	}
       m = eventflag_get (&c->ccid_comm);
 
       if (m == EV_CARD_CHANGE)
@@ -1836,7 +1852,11 @@ ccid_thread (void *arg)
 	  ccid_notify_slot_change (c);
 	}
       else if (m == EV_RX_DATA_READY)
+	{
 	  c->ccid_state = ccid_handle_data (c);
+	  timeout = 0;
+	  c->timeout_cnt = 0;
+	}
       else if (m == EV_EXEC_FINISHED)
 	if (c->ccid_state == CCID_STATE_EXECUTE)
 	  {
@@ -1885,6 +1905,7 @@ ccid_thread (void *arg)
 	if (c->ccid_state == CCID_STATE_EXECUTE)
 	  {
 	    ackbtn_enable ();
+	    ackbtn_active = 1;
 	    led_blink (LED_WAIT_FOR_BUTTON);
 	    c->ccid_state = CCID_STATE_ACK_REQUIRED_0;
 	    ccid_send_data_block_time_extension (c);
@@ -1907,8 +1928,21 @@ ccid_thread (void *arg)
 	    ccid_prepare_receive (c);
 	}
       else			/* Timeout */
+	{
+	  if (c->timeout_cnt == 7
+	      && c->ccid_state == CCID_STATE_ACK_REQUIRED_1)
+	    {
+	      ackbtn_active = 0;
+	      ackbtn_disable ();
+	      led_blink (LED_WAIT_FOR_BUTTON);
+	      c->a->sw = GPG_ACK_TIMEOUT;
+	      c->a->res_apdu_data_len = 0;
+	      goto exec_done;
+	    }
+	  else
 	    c->ccid_state = ccid_handle_timeout (c);
 	}
+    }
 
   if (c->application)
     {

tool/gnuk_get_random.py

@@ -0,0 +1,21 @@
+#! /usr/bin/python3
+
+from gnuk_token import get_gnuk_device, gnuk_token
+from binascii import hexlify
+import sys
+
+if __name__ == '__main__':
+    count = 0
+    gnuk = get_gnuk_device()
+    gnuk.cmd_select_openpgp()
+    looping = (len(sys.argv) > 1)
+    while True:
+        try:
+            challenge = gnuk.cmd_get_challenge().tostring()
+        except Exception as e:
+            print(count)
+            raise e
+        print(hexlify(challenge))
+        count = count + 1
+        if not looping:
+            break

tool/gnuk_token.py

@@ -30,6 +30,7 @@ from array import array
 USB_PRODUCT_LIST=[
     { 'vendor' : 0x234b, 'product' : 0x0000 }, # FSIJ Gnuk Token
     { 'vendor' : 0x20a0, 'product' : 0x4211 }, # Nitrokey Start
+    { 'vendor' : 0x1209, 'product' : 0x2440 }, # GnuPG e.V.
 ]
 
 # USB class, subclass, protocol
@@ -74,6 +75,7 @@ class gnuk_token(object):
             raise ValueError("Wrong interface sub class")
         self.__devhandle = device.open()
         self.__devhandle.claimInterface(interface)
+        self.__devhandle.setAltInterface(interface)
 
         self.__intf = interface.interfaceNumber
         self.__alt = interface.alternateSetting