[Gnuk-users] Flashing the FST-01 and generating and importing a key in a secure environment

NIIBE Yutaka gniibe at fsij.org
Mon Feb 16 04:47:20 UTC 2015


On 02/14/2015 07:16 AM, Jonathan Schleifer wrote:
> https://webkeks.org/blog/?6a

Thank you for sharing your article.

I understand that ISO image would be better for clean environment but
as you addressed in the article, we need to care about good entropy.

If it's only one-time for your key generation and the speed of its
generation is not critical, NeuG standalone device is not the strong
requirement, because the output by NeuG (algorithm) can be available
through Gnuk Token, too.

In future, I will write a script for that.  Now, I demonstrate it:

Thank you for your suggestion.  I think that an ISO image specific for
Gnuk Token starters will be very useful, too.

--------------------------------------
gniibe at mini10:~$ cd work/gnuk/tool/
gniibe at mini10:~/work/gnuk/tool$ python
Python 2.7.8 (default, Oct 18 2014, 16:20:11)
[GCC 4.9.1] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from binascii import hexlify
>>> from gnuk_token import *
>>> g = get_gnuk_device()
Device:  008
Configuration:  1
Interface:  0
>>> g.cmd_select_openpgp()
True
>>> challenge = g.cmd_get_challenge()
>>> print hexlify(challenge)
570575cc7214a3ef92b8e2fc50987ebdd6f47979bc843d3ff649b0050f859449
>>> challenge = g.cmd_get_challenge()
>>> print hexlify(challenge)
1c353147a8864ced29813adb5d980f85c36f0656abf1ae95e86a177cc67662ec
>>> challenge = g.cmd_get_challenge()
>>> print hexlify(challenge)
c8dcabf1206a1faad0de3c0bf91f7d89fa428ed0f8df99c4e706878b02d6d0ba
>>> print "You can get 32-byte long random bytes in this way."
You can get 32-byte long random bytes in this way.
>>> 
gniibe at mini10:~/work/gnuk/tool$
-- 



More information about the gnuk-users mailing list