Compare commits
6 Commits
release/1.
...
release/1.
| Author | SHA1 | Date | |
|---|---|---|---|
|
57fdadf283 | ||
|
|
870de72ee2 | ||
|
|
fa667b04f7 | ||
|
2a72f3df08 | ||
|
|
db2527459f | ||
|
|
1ca3bbdaae |
29
ChangeLog
29
ChangeLog
@@ -1,3 +1,32 @@
|
||||
2021-10-12 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* VERSION: 1.2.19.
|
||||
* chopstx: Update to 1.20.
|
||||
|
||||
2021-10-11 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/configure (kdf_do): It can be overridden, now.
|
||||
|
||||
2021-07-01 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/configure (CONFIG): Add KDF configuration.
|
||||
|
||||
2021-06-10 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* tool/stlinkv2.py: Switch to Python3.
|
||||
|
||||
* tool/upgrade_by_passwd.py: Fix option handling.
|
||||
|
||||
2021-04-30 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/openpgp-do.c (rw_algorithm_attr): Fix writing algorithm
|
||||
attribute, which may cause GC. Note that flash_enum_write needs
|
||||
to call flash_enum_clear beforehand.
|
||||
|
||||
2021-04-28 Bertrand Jacquin <bertrand@jacquin.bzh>
|
||||
|
||||
* regnual/regnual.c: Include <string.h>.
|
||||
|
||||
2021-04-02 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* VERSION: 1.2.18.
|
||||
|
||||
28
NEWS
28
NEWS
@@ -1,6 +1,34 @@
|
||||
Gnuk NEWS - User visible changes
|
||||
|
||||
|
||||
* Major changes in Gnuk 1.2.19
|
||||
|
||||
Released 2021-10-12, by NIIBE Yutaka
|
||||
|
||||
** KDF Data Object configuration
|
||||
KDF Data Object should be highly recommended for all configurations.
|
||||
Nevertheless, for backward compatibillity, in Gnuk 1.2, it is optional
|
||||
by default; It is up to user to configure KDF Data Object before
|
||||
importing private keys. In this situation, it is not good to
|
||||
introduce new build-time option like --enable-always-require-kdf-do,
|
||||
because it might wrongly encourage use of Gnuk with no KDF Data Object
|
||||
setting, by confusion. If needed, please run configure:
|
||||
|
||||
kdf_do=required ./configure --enable-factory-reset --target...
|
||||
|
||||
or
|
||||
|
||||
kdf_do=optional ./configure --enable-factory-reset --target...
|
||||
|
||||
Please note that such a use of variable by shell command line is not
|
||||
well supported by the configure script (for other variables), but
|
||||
override of kdf_do is needed in some situations.
|
||||
|
||||
** Upgrade of Chopstx
|
||||
We use Chopstx 1.20. This enables use with PC/SC for GNU/Linux
|
||||
emulation.
|
||||
|
||||
|
||||
* Major changes in Gnuk 1.2.18
|
||||
|
||||
Released 2021-04-02, by NIIBE Yutaka
|
||||
|
||||
8
README
8
README
@@ -1,14 +1,14 @@
|
||||
Gnuk - An Implementation of USB Cryptographic Token for GnuPG
|
||||
|
||||
Version 1.2.18
|
||||
2021-04-02
|
||||
Version 1.2.19
|
||||
2021-10-12
|
||||
Niibe Yutaka
|
||||
Free Software Initiative of Japan
|
||||
|
||||
Release Notes
|
||||
=============
|
||||
|
||||
This is the release of Gnuk, version 1.2.18, which has major
|
||||
This is the release of Gnuk, version 1.2.19, which has major
|
||||
incompatible changes to Gnuk 1.0.x. Specifically, it now supports
|
||||
overriding key import, but importing keys (or generating keys) results
|
||||
password reset. Also, you need to import private keys before changing
|
||||
@@ -243,7 +243,7 @@ External source code
|
||||
|
||||
Gnuk is distributed with external source code.
|
||||
|
||||
* chopstx/ -- Chopstx 1.19
|
||||
* chopstx/ -- Chopstx 1.20
|
||||
|
||||
We use Chopstx as the kernel for Gnuk.
|
||||
|
||||
|
||||
1
THANKS
1
THANKS
@@ -18,6 +18,7 @@ Clint Adams clint@softwarefreedom.org
|
||||
Daniel Kahn Gillmor dkg@fifthhorseman.net
|
||||
Elliott Mitchell
|
||||
Fabio Utzig utzig@apache.org
|
||||
Heiko Schaefer heiko.schaefer@posteo.de
|
||||
Hironobu SUZUKI hironobu@h2np.net
|
||||
Jan Suhr jan@suhr.info
|
||||
Jeremy Drake jeremydrake+gnuk@eacceleration.com
|
||||
|
||||
2
chopstx
2
chopstx
Submodule chopstx updated: 71cc5a8f32...a6b96fe434
@@ -26,6 +26,8 @@
|
||||
* ReGNUal
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "types.h"
|
||||
#include "usb_lld.h"
|
||||
#include "sys.h"
|
||||
|
||||
10
src/configure
vendored
10
src/configure
vendored
@@ -46,7 +46,7 @@ hid_card_change=no
|
||||
factory_reset=no
|
||||
ackbtn_support=yes
|
||||
flash_override=""
|
||||
kdf_do_required=no
|
||||
kdf_do=${kdf_do:-optional}
|
||||
# For emulation
|
||||
prefix=/usr/local
|
||||
exec_prefix='${prefix}'
|
||||
@@ -219,7 +219,7 @@ if test "$target" = "GNU_LINUX"; then
|
||||
emulation="yes"
|
||||
cross=""
|
||||
mcu="none"
|
||||
kdf_do_required=yes
|
||||
kdf_do=${kdf_do:-required}
|
||||
def_emulation="-DGNU_LINUX_EMULATION"
|
||||
def_memory_size="-DMEMORY_SIZE=1024"
|
||||
enable_hexoutput=""
|
||||
@@ -341,7 +341,7 @@ else
|
||||
fi
|
||||
|
||||
# KDF Data Object is always required for GNU/Linux emulation
|
||||
if test "$kdf_do_required" = "yes"; then
|
||||
if test "$kdf_do" = "required"; then
|
||||
KDF_DO_REQUIRED_DEFINE="#define KDF_DO_REQUIRED 1"
|
||||
echo "KDF DO is required before key import/generation"
|
||||
else
|
||||
@@ -355,7 +355,7 @@ SERIALNO_STR_LEN_DEFINE="#define SERIALNO_STR_LEN ${#SERIALNO}"
|
||||
|
||||
|
||||
if test "$sys1_compat" = "yes"; then
|
||||
CONFIG="$target:dfu=$with_dfu:debug=$debug:pinpad=$pinpad:certdo=$certdo:factory_reset=$factory_reset"
|
||||
CONFIG="$target:dfu=$with_dfu:debug=$debug:pinpad=$pinpad:certdo=$certdo:factory_reset=$factory_reset:kdf=$kdf_do"
|
||||
else
|
||||
if test "$with_dfu" = "yes"; then
|
||||
echo "Common binary can't support DFU loader, don't use --with-dfu." >&2
|
||||
@@ -365,7 +365,7 @@ else
|
||||
FLASH_PAGE_SIZE=2048
|
||||
FLASH_SIZE=128
|
||||
MEMORY_SIZE=20
|
||||
CONFIG="common:debug=$debug:pinpad=$pinpad:certdo=$certdo:factory_reset=$factory_reset"
|
||||
CONFIG="common:debug=$debug:pinpad=$pinpad:certdo=$certdo:factory_reset=$factory_reset:kdf=$kdf_do"
|
||||
fi
|
||||
|
||||
output_vid_pid_version () {
|
||||
|
||||
@@ -815,6 +815,8 @@ rw_algorithm_attr (uint16_t tag, int with_tag,
|
||||
else if (algo == ALGO_RSA2K && *algo_attr_pp != NULL)
|
||||
{
|
||||
gpg_reset_algo_attr (kk);
|
||||
/* Read it again, since GC may occur. */
|
||||
algo_attr_pp = get_algo_attr_pointer (kk);
|
||||
flash_enum_clear (algo_attr_pp);
|
||||
if (*algo_attr_pp != NULL)
|
||||
return 0;
|
||||
@@ -823,6 +825,10 @@ rw_algorithm_attr (uint16_t tag, int with_tag,
|
||||
(*algo_attr_pp != NULL && (*algo_attr_pp)[1] != algo))
|
||||
{
|
||||
gpg_reset_algo_attr (kk);
|
||||
/* Read it again, since GC may occur. */
|
||||
algo_attr_pp = get_algo_attr_pointer (kk);
|
||||
if (*algo_attr_pp)
|
||||
flash_enum_clear (algo_attr_pp);
|
||||
*algo_attr_pp = flash_enum_write (kk_to_nr (kk), algo);
|
||||
if (*algo_attr_pp == NULL)
|
||||
return 0;
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
#! /usr/bin/python
|
||||
#! /usr/bin/python3
|
||||
|
||||
"""
|
||||
stlinkv2.py - a tool to control ST-Link/V2
|
||||
|
||||
@@ -131,19 +131,25 @@ if __name__ == '__main__':
|
||||
skip_check = False
|
||||
while len(sys.argv) > 1:
|
||||
option = sys.argv[1]
|
||||
sys.argv.pop(1)
|
||||
if option == '-f': # F for Factory setting
|
||||
sys.argv.pop(1)
|
||||
passwd = DEFAULT_PW3
|
||||
elif option == '-e': # E for Enumeration
|
||||
sys.argv.pop(1)
|
||||
wait_e = int(sys.argv[1])
|
||||
sys.argv.pop(1)
|
||||
elif option == '-k': # K for Key number
|
||||
sys.argv.pop(1)
|
||||
keyno = int(sys.argv[1])
|
||||
sys.argv.pop(1)
|
||||
elif option == '-s': # S for skip the check of target
|
||||
sys.argv.pop(1)
|
||||
skip_check = True
|
||||
else:
|
||||
if option[0] == '-':
|
||||
raise ValueError("unknown option", option)
|
||||
else:
|
||||
break
|
||||
if not passwd:
|
||||
passwd = getpass("Admin password: ")
|
||||
if len(sys.argv) > 1:
|
||||
|
||||
Reference in New Issue
Block a user