[Gnuk-users] Flashing the FST-01 and generating and importing a key in a secure environment

Jonathan Schleifer js-gnupg-users at webkeks.org
Tue Feb 17 09:58:08 UTC 2015


Am 16.02.2015 um 05:47 schrieb NIIBE Yutaka <gniibe at fsij.org>:

> gniibe at mini10:~/work/gnuk/tool$ python
> Python 2.7.8 (default, Oct 18 2014, 16:20:11)
> [GCC 4.9.1] on linux2
> Type "help", "copyright", "credits" or "license" for more information.
>>>> from binascii import hexlify
>>>> from gnuk_token import *
>>>> g = get_gnuk_device()
> Device:  008
> Configuration:  1
> Interface:  0
>>>> g.cmd_select_openpgp()
> True
>>>> challenge = g.cmd_get_challenge()
>>>> print hexlify(challenge)
> 570575cc7214a3ef92b8e2fc50987ebdd6f47979bc843d3ff649b0050f859449
>>>> challenge = g.cmd_get_challenge()
>>>> print hexlify(challenge)
> 1c353147a8864ced29813adb5d980f85c36f0656abf1ae95e86a177cc67662ec
>>>> challenge = g.cmd_get_challenge()
>>>> print hexlify(challenge)
> c8dcabf1206a1faad0de3c0bf91f7d89fa428ed0f8df99c4e706878b02d6d0ba
>>>> print "You can get 32-byte long random bytes in this way."
> You can get 32-byte long random bytes in this way.
>>>> 
> gniibe at mini10:~/work/gnuk/tool$

Ah, that's really cool. But there's no way to feed that randomness into GnuPG to create a key, is there? And supporting that with rngd would be hard, I guess.

--
Jonathan




More information about the gnuk-users mailing list