[Gnuk-users] Upgrading gnuk on a nitrokey start
Remy van Elst
relst at relst.nl
Sun Dec 18 11:22:52 UTC 2016
I was wondering if I could downgrade a Start to gnuk 1.0.4 that came with
the Nitrokey (from here
https://github.com/Nitrokey/nitrokey-start-firmware/commits/master) but the
make fails:
$ make
arm-none-eabi-gcc -c -mcpu=cortex-m3 -mfix-cortex-m3-ldrd -O3 -Os -ggdb
-fomit-frame-pointer -falign-functions=16 -ffunction-sections
-fdata-sections -Wall -Wextra -Wstrict-prototypes
-Wa,-alms=../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.lst
-DCORTEX_USE_BASEPRI=TRUE -DTHUMB_PRESENT -mno-thumb-interwork
-DTHUMB_NO_INTERWORKING -MD -MP -MF .dep/hal_lld.o.d -mthumb -DTHUMB -I .
-I../polarssl-0.14.0/include -I../ChibiOS_2.0.8/os/ports/GCC/ARMCMx
-I../ChibiOS_2.0.8/os/ports/GCC/ARMCMx/STM32F10x
-I../ChibiOS_2.0.8/os/ports/GCC/ARMCMx/cmsis
-I../ChibiOS_2.0.8/os/kernel/include -I../ChibiOS_2.0.8/os/hal/include
-I../ChibiOS_2.0.8/os/hal/platforms/STM32 -I../boards/common
-I../boards/NITROKEY_START -I../ChibiOS_2.0.8/os/various
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c -o
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.o
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:54:4: error:
'VAL_GPIOAODR' undeclared here (not in a function)
{VAL_GPIOAODR, VAL_GPIOACRL, VAL_GPIOACRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:54:18: error:
'VAL_GPIOACRL' undeclared here (not in a function)
{VAL_GPIOAODR, VAL_GPIOACRL, VAL_GPIOACRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:54:32: error:
'VAL_GPIOACRH' undeclared here (not in a function)
{VAL_GPIOAODR, VAL_GPIOACRL, VAL_GPIOACRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:55:4: error:
'VAL_GPIOBODR' undeclared here (not in a function)
{VAL_GPIOBODR, VAL_GPIOBCRL, VAL_GPIOBCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:55:18: error:
'VAL_GPIOBCRL' undeclared here (not in a function)
{VAL_GPIOBODR, VAL_GPIOBCRL, VAL_GPIOBCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:55:32: error:
'VAL_GPIOBCRH' undeclared here (not in a function)
{VAL_GPIOBODR, VAL_GPIOBCRL, VAL_GPIOBCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:56:4: error:
'VAL_GPIOCODR' undeclared here (not in a function)
{VAL_GPIOCODR, VAL_GPIOCCRL, VAL_GPIOCCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:56:18: error:
'VAL_GPIOCCRL' undeclared here (not in a function)
{VAL_GPIOCODR, VAL_GPIOCCRL, VAL_GPIOCCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:56:32: error:
'VAL_GPIOCCRH' undeclared here (not in a function)
{VAL_GPIOCODR, VAL_GPIOCCRL, VAL_GPIOCCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:57:4: error:
'VAL_GPIODODR' undeclared here (not in a function)
{VAL_GPIODODR, VAL_GPIODCRL, VAL_GPIODCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:57:18: error:
'VAL_GPIODCRL' undeclared here (not in a function)
{VAL_GPIODODR, VAL_GPIODCRL, VAL_GPIODCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:57:32: error:
'VAL_GPIODCRH' undeclared here (not in a function)
{VAL_GPIODODR, VAL_GPIODCRL, VAL_GPIODCRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:59:4: error:
'VAL_GPIOEODR' undeclared here (not in a function)
{VAL_GPIOEODR, VAL_GPIOECRL, VAL_GPIOECRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:59:18: error:
'VAL_GPIOECRL' undeclared here (not in a function)
{VAL_GPIOEODR, VAL_GPIOECRL, VAL_GPIOECRH},
^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:59:32: error:
'VAL_GPIOECRH' undeclared here (not in a function)
{VAL_GPIOEODR, VAL_GPIOECRL, VAL_GPIOECRH},
^~~~~~~~~~~~
make: *** [../ChibiOS_2.0.8/os/ports/GCC/ARM/rules.mk:116:
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.o] Error 1
Any tips on compiling this older version? I'm using the following gcc:
[12:22:05] [remy at gateway] [ ~/repo/nitrokey/src (master) ]
$ arm-none-eabi-gcc -v
Using built-in specs.
COLLECT_GCC=arm-none-eabi-gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/arm-none-eabi/6.2.0/lto-wrapper
Target: arm-none-eabi
Configured with: /build/arm-none-eabi-gcc/src/gcc-6-20161124/configure
--target=arm-none-eabi --prefix=/usr --with-sysroot=/usr/arm-none-eabi
--with-native-system-header-dir=/include --libexecdir=/usr/lib
--enable-languages=c,c++ --enable-plugins --disable-decimal-float
--disable-libffi --disable-libgomp --disable-libmudflap
--disable-libquadmath --disable-libssp --disable-libstdcxx-pch
--disable-nls --disable-shared --disable-threads --disable-tls
--with-gnu-as --with-gnu-ld --with-system-zlib --with-newlib
--with-headers=/usr/arm-none-eabi/include
--with-python-dir=share/gcc-arm-none-eabi --with-gmp --with-mpfr --with-mpc
--with-isl --with-libelf --enable-gnu-indirect-function
--with-host-libstdcxx='-static-libgcc -Wl,-Bstatic,-lstdc++,-Bdynamic -lm'
--with-pkgversion='Arch Repository' --with-bugurl=
https://bugs.archlinux.org/
--with-multilib-list=armv6-m,armv7-m,armv7e-m,armv7-r
Thread model: single
gcc version 6.2.0 (Arch Repository)
[12:22:19] [remy at gateway] [ ~/repo/nitrokey/src (master) ]
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/6.2.1/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc/src/gcc/configure --prefix=/usr
--libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --enable-libmpx --with-system-zlib --with-isl
--enable-__cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu
--disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object
--enable-linker-build-id --enable-lto --enable-plugin
--enable-install-libiberty --with-linker-hash-style=gnu
--enable-gnu-indirect-function --disable-multilib --disable-werror
--enable-checking=release
Thread model: posix
gcc version 6.2.1 20160830 (GCC)
https://raymii.org
On Sun, Dec 18, 2016 at 10:18 AM, Remy van Elst <relst at relst.nl> wrote:
> Well, it seems to work without issues on the nitrokeys I upgraded earlier
> via DFU, but it still bricks my only non-borked non-upgraded Nitrokey start:
>
> Before upgrade (my only non-bricked nitrokey still in the original case):
>
> $ gpg --card-status
> Reader ...........: 20A0:4211:FSIJ-1.0.4-52FF6C06:0
> Application ID ...: D276000124010200FFFE52FF6C060000
> Version ..........: 2.0
> Manufacturer .....: unmanaged S/N range
> Serial number ....: 52FF6C06
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Sex ..............: unspecified
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: forced
> Key attributes ...: rsa2048 rsa2048 rsa2048
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 3 3
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
>
>
> $ python2 usb_strings.py
> Device:
> Vendor: Nitrokey
> Product: Nitrokey Start
> Serial: FSIJ-1.0.4-52FF6C06
> Revision: release/1.0.4-6-g739e00e
> Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=yes:
> keygen=yes
> Sys: 1.0
>
>
>
>
> Upgrade fails:
>
> n python2 ./upgrade_by_passwd.py -f ../regnual/regnual.bin
> ../src/build/gnuk.bin
> ../regnual/regnual.bin: 4372
> ../src/build/gnuk.bin: 110592
> CRC32: f3fafa79
>
> Device:
> Configuration: 1
> Interface: 0
> 20001400:20004a00
> Downloading flash upgrade program...
> start 20001400
> end 20002500
> Run flash upgrade program...
> Waiting for device to appear:
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> ^CTraceback (most recent call last):
> File "./upgrade_by_passwd.py", line 134, in <module>
> main(wait_e, keyno, passwd, data_regnual, data_upgrade[4096:])
> File "./upgrade_by_passwd.py", line 75, in main
> time.sleep(wait_e)
> KeyboardInterrupt
>
>
>
> Nitrokey blinks, green light.
>
> The ealier-upgraded versions do work:
>
> Before upgrade (Nitrokey start key upgraded via DFU):
>
> $ gpg --card-status
> Reader ...........: 20A0:4211:FSIJ-1.2.1-87042430:0
> Application ID ...: D276000124010200FFFE870424300000
> Version ..........: 2.0
> Manufacturer .....: unmanaged S/N range
> Serial number ....: 87042430
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Sex ..............: unspecified
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: forced
> Key attributes ...: rsa2048 rsa2048 rsa2048
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 3 3
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
>
>
>
> $ python2 usb_strings.py
> Device:
> Vendor:
> Product: Nitrokey
> Serial: FSIJ-1.2.1-87042430
> Revision: release/1.2.1-1-g2b784cb-modified
> Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=no
> Sys: 3.0
>
>
>
> Upgrade:
>
>
>
> ../regnual/regnual.bin: 4372
> ../src/build/gnuk.bin: 110592
> CRC32: f3fafa79
>
> Device:
> Configuration: 1
> Interface: 0
> 20002800:20005000
> Downloading flash upgrade program...
> start 20002800
> end 20003900
> Run flash upgrade program...
> Waiting for device to appear:
> - Wait 1 seconds...
> Device:
> 08001000:08020000
> Downloading the program
> start 08001000
> end 0801b000
> Resetting device
> Update procedure finished
>
>
>
> After upgrade:
>
> $ python2 usb_strings.py
> Device:
> Vendor: Nitrokey
> Product: Nitrokey Start
> Serial: FSIJ-1.2.2-87042430
> Revision: release/1.0.2-471-g1a76ab5
> Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=no
> Sys: 3.0
>
>
> $ gpg --card-status
> Reader ...........: 20A0:4211:FSIJ-1.2.2-87042430:0
> Application ID ...: D276000124010200FFFE870424300000
> Version ..........: 2.0
> Manufacturer .....: unmanaged S/N range
> Serial number ....: 87042430
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Sex ..............: unspecified
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: forced
> Key attributes ...: rsa2048 rsa2048 rsa2048
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 3 3
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
>
>
>
>
> EC keys:
>
> [10:09:28] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
> $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 1 22 ed25519" /bye
> OK
>
> [10:09:31] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
> $ gpg --card-status
> Reader ...........: 20A0:4211:FSIJ-1.2.2-87042430:0
> Application ID ...: D276000124010200FFFE870424300000
> Version ..........: 2.0
> Manufacturer .....: unmanaged S/N range
> Serial number ....: 87042430
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Sex ..............: unspecified
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: forced
> Key attributes ...: ed25519 rsa2048 rsa2048
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 3 3
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
>
>
> [10:09:33] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
> $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 3 22 ed25519" /bye
> OK
>
> [10:10:05] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
> $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 2 18 cv25519" /bye
> OK
>
>
> $ gpg --card-status
> Reader ...........: 20A0:4211:FSIJ-1.2.2-87042430:0
> Application ID ...: D276000124010200FFFE870424300000
> Version ..........: 2.0
> Manufacturer .....: unmanaged S/N range
> Serial number ....: 87042430
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Sex ..............: unspecified
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: forced
> Key attributes ...: ed25519 cv25519 ed25519
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 3 3
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
>
>
>
>
>
>
> https://raymii.org
>
> On Fri, Dec 16, 2016 at 11:27 AM, Jan Suhr | Nitrokey <jan at nitrokey.com>
> wrote:
>
>> Hi Remy,
>>
>> we prepared a fix for regnual to enable updating a Nitrokey Start. It is
>> here: https://github.com/Nitrokey/nitrokey-start-firmware/tree/gnu
>> k1.2-regnual-fix
>>
>> Please let me know if it works for you.
>>
>> Best regards,
>> Jan
>>
>> Am 12.10.2016 19:50, schrieb Remy van Elst:
>>
>> I tried to do the update with the provided scripts, but that failed with
>> the same symptoms as before. The green LED keeps blinking, waiting a few
>> minutes doesn't give any progress and after reinsertion the Nitrokey seems
>> to not do anything. A DFU flash fixes that.
>>
>> Before the upgrade
>>
>> $ python2 usb_strings.py
>> Device:
>> Vendor:
>> Product: Nitrokey
>> Serial: FSIJ-1.2.1-87042430
>> Revision: release/1.2.1-1-g2b784cb-modified
>> Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=no
>> Sys: 3.0
>>
>>
>> Running the update:
>>
>> $ python2 upgrade_by_passwd.py -f ../regnual/regnual.bin
>> ../src/build/gnuk.bin
>> ../regnual/regnual.bin: 4412
>> ../src/build/gnuk.bin: 110592
>> CRC32: 303d2f62
>>
>> Device:
>> Configuration: 1
>> Interface: 0
>> 20002800:20005000
>> Downloading flash upgrade program...
>> start 20002800
>> end 20003900
>> Run flash upgrade program...
>> Wait 1 seconds...
>> Wait 1 seconds...
>> Wait 1 seconds...
>> [...] #repeats until cancelled
>>
>> ^CTraceback (most recent call last):
>> File "upgrade_by_passwd.py", line 130, in <module>
>> main(wait_e, keyno, passwd, data_regnual, data_upgrade[4096:])
>> File "upgrade_by_passwd.py", line 73, in main
>> time.sleep(wait_e)
>> KeyboardInterrupt
>>
>>
>>
>>
>> dmesg output during the update:
>>
>> [ 2464.228628] usb 2-1.2: USB disconnect, device number 4
>> [ 2468.101333] usb 1-1.1: new full-speed USB device number 3 using
>> ehci-pci
>> [ 2541.541385] usb 1-1.1: USB disconnect, device number 3
>> [ 2542.831257] usb 1-1.1: new full-speed USB device number 4 using
>> ehci-pci
>> [ 2554.745022] usb 1-1.1: USB disconnect, device number 4
>> [ 2557.543186] usb 1-1.1: new full-speed USB device number 5 using
>> ehci-pci
>>
>>
>>
>>
>>
>>
>>
>> https://raymii.org
>>
>> On Wed, Oct 12, 2016 at 1:38 PM, Jan Suhr <jan at nitrokey.com> wrote:
>>
>>> Hi Remy,
>>>
>>> I understand your Nitrokey Start is flashed with latest Gnuk 1.2 but I'm
>>> curious if regnual would work from now on or not. Did you try to update
>>> Gnuk 1.2 via regnual? (Perhaps "update" to the same Gnuk version just for
>>> the sake of testing it.)
>>>
>>> Regards,
>>> Jan
>>>
>>>
>>> Am 11.10.2016 17:33, schrieb Remy van Elst:
>>>
>>> Small update,
>>>
>>> I fried one Nitrokey when trying to solder on the ST Link headers.
>>> Bummer.
>>>
>>> I hot-air desoldered an USB header from an old motherboard in the
>>> e-waste bin and used the standard USB pinout, which suprisingly, worked. (
>>> https://i.imgur.com/PQ7QG2B.png).
>>>
>>> The stm32flash tool was unable to remove the flash protection:
>>>
>>> $ sudo stm32flash -u /dev/ttyUSB0
>>> stm32flash 0.5
>>>
>>> http://stm32flash.sourceforge.net/
>>>
>>> Interface serial_posix: 57600 8E1
>>> Version : 0x22
>>> Option 1 : 0x00
>>> Option 2 : 0x00
>>> Device ID : 0x0410 (STM32F10xxx Medium-density)
>>> - RAM : 20KiB (512b reserved by bootloader)
>>> - Flash : 128KiB (size first sector: 4x1024)
>>> - Option RAM : 16b
>>> - System RAM : 2KiB
>>> Write-unprotecting flash
>>> Got NACK from device on command 0x73
>>> Done.
>>>
>>> so I had to use the Windows ST Demo loader tool. It worked, and I'm able
>>> to flash the gnuk 1.2 release to the Nitrokey start. (Not the fried one,
>>> another one). That seems to work so far:
>>>
>>>
>>>
>>> $ gpg --card-status
>>>
>>> Reader ...........: Nitrokey Nitrokey Start (FSIJ-1.2.1-87042430) 00
>>> 00
>>> Application ID ...: D276000124010200FFFE870424300000
>>> Version ..........: 2.0
>>> Manufacturer .....: unmanaged S/N range
>>> Serial number ....: 87042430
>>> Name of cardholder: [not set]
>>> Language prefs ...: [not set]
>>> Sex ..............: unspecified
>>> URL of public key : [not set]
>>> Login data .......: [not set]
>>> Signature PIN ....: forced
>>> Key attributes ...: rsa2048 rsa2048 rsa2048
>>> Max. PIN lengths .: 127 127 127
>>> PIN retry counter : 3 3 3
>>> Signature counter : 4
>>> Signature key ....: 3D1B 8501 882B EA0D D813 6CAC 1437 62A5 87BD
>>> 54FE
>>> created ....: 2016-10-11 15:06:29
>>> Encryption key....: 9898 208B 7876 4F65 A06E 3E65 637A 80D6 31D5
>>> 21C2
>>> created ....: 2016-10-11 15:06:29
>>> Authentication key: 2141 3E30 8EFF F2D0 FB3D 4C9E DA3D F5B9 7130
>>> 1532
>>> created ....: 2016-10-11 15:06:29
>>> General key info..: pub rsa2048/0x143762A587BD54FE 2016-10-11 Remy
>>> test (Test gnuk1.2) <remy at test.nl>
>>> sec> rsa2048/0x143762A587BD54FE created: 2016-10-11 expires:
>>> 2016-10-18
>>> card-no: FFFE 87042430
>>> ssb> rsa2048/0xDA3DF5B971301532 created: 2016-10-11 expires:
>>> 2016-10-18
>>> card-no: FFFE 87042430
>>> ssb> rsa2048/0x637A80D631D521C2 created: 2016-10-11 expires:
>>> 2016-10-18
>>> card-no: FFFE 87042430
>>>
>>>
>>>
>>> After flashing it with the Windows tool, stm32flash does work:
>>>
>>>
>>>
>>> $ sudo stm32flash -w build/gnuk.bin -g 0x0 /dev/ttyUSB0
>>> stm32flash 0.5
>>>
>>> http://stm32flash.sourceforge.net/
>>>
>>> Using Parser : Raw BINARY
>>> Interface serial_posix: 57600 8E1
>>> Version : 0x22
>>> Option 1 : 0x00
>>> Option 2 : 0x00
>>> Device ID : 0x0410 (STM32F10xxx Medium-density)
>>> - RAM : 20KiB (512b reserved by bootloader)
>>> - Flash : 128KiB (size first sector: 4x1024)
>>> - Option RAM : 16b
>>> - System RAM : 2KiB
>>> Write to memory
>>> Erasing memory
>>> Wrote address 0x0801b000 (100.00%) Done.
>>>
>>> Starting execution at address 0x08000000... done.
>>>
>>> I can also place an ecc 25519 key on the device:
>>>
>>> $ gpg --card-status
>>>
>>> Reader ...........: Nitrokey Nitrokey Start (FSIJ-1.2.1-87042430) 00
>>> 00
>>> Application ID ...: D276000124010200FFFE870424300000
>>> Version ..........: 2.0
>>> Manufacturer .....: unmanaged S/N range
>>> Serial number ....: 87042430
>>> Name of cardholder: [not set]
>>> Language prefs ...: [not set]
>>> Sex ..............: unspecified
>>> URL of public key : [not set]
>>> Login data .......: [not set]
>>> Signature PIN ....: forced
>>> Key attributes ...: ed25519 rsa2048 rsa2048
>>> Max. PIN lengths .: 127 127 127
>>> PIN retry counter : 3 3 3
>>> Signature counter : 0
>>> Signature key ....: 3678 F2EE 1CCB 4B24 B107 38BA 101D 491F 08E7
>>> FD60
>>> created ....: 2016-10-11 15:31:27
>>> Encryption key....: [none]
>>> Authentication key: [none]
>>> General key info..: pub ed25519/0x101D491F08E7FD60 2016-10-11 test
>>> remy ecc (gnuk 1.2) <nitrokey at raymii.nl>
>>> sec> ed25519/0x101D491F08E7FD60 created: 2016-10-11 expires:
>>> 2016-10-18
>>> card-no: FFFE 87042430
>>>
>>>
>>> Yay!
>>>
>>>
>>>
>>>
>>> https://raymii.org
>>>
>>> On Fri, Sep 16, 2016 at 3:26 PM, NIIBE Yutaka <gniibe at fsij.org> wrote:
>>>
>>>> Hello, Jan,
>>>>
>>>> On 09/16/2016 05:38 PM, Jan Suhr wrote:
>>>> > Nitrokey Start hardware is based on FST-01. In particular the MCU is
>>>> > identical. The main differences are:
>>>> > - No external flash
>>>> > - Different pinning. See:
>>>> > https://github.com/Nitrokey/nitrokey-start-firmware/commit/c
>>>> 98d6cbc4a225f10bca8f2d7b86effcbdcf534f4
>>>> >
>>>> > Do you think the different pinning may be a cause for the update
>>>> issue?
>>>>
>>>> Thanks for the pointer.
>>>>
>>>> The file is a bit different to the one in Chopstx (Gnuk 1.2).
>>>>
>>>> https://git.gniibe.org/gitweb/?p=chopstx/chopstx.git;a=commi
>>>> tdiff;h=8650bde8a056ca8d7954837bfd6692958e263634;hp=6e7334dc
>>>> fff83898ff6b8568bf24c6fe90deaa9c
>>>>
>>>> I had thought that it's because of revision change of hardware. If it
>>>> is same hardware, I think that Gnuk 1.0 on Nitrokey Start doesn't work
>>>> well with upgrade through USB.
>>>>
>>>> One of my friends kindly showed me the board of Nitrokey Start.
>>>> I also examined the KiCAD schematic of:
>>>>
>>>> https://github.com/Nitrokey/nitrokey-pro-hardware
>>>>
>>>> Well, examining schematic is not that easy, even for such a simple
>>>> one.
>>>>
>>>> PA9 and PA10 is connected to USB-D- and USB-D+. And with the
>>>> configuration of Gnuk 1.0 for Nitrokey Start, those pins of PA9 and
>>>> PA10 is pulled up by Vdd. I think that this interferes the USB
>>>> shutdown and re-enumeration process of USB upgrade.
>>>>
>>>> I think that the configuration of Gnuk 1.2 for Nitrokey Start is
>>>> better.
>>>> --
>>>>
>>>> _______________________________________________
>>>> gnuk-users mailing list
>>>> gnuk-users at lists.alioth.debian.org
>>>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>>>
>>>
>>> _______________________________________________
>>> gnuk-users mailing list
>>> gnuk-users at lists.alioth.debian.org
>>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>>
>>>
>>> _______________________________________________
>>> gnuk-users mailing list
>>> gnuk-users at lists.alioth.debian.org
>>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>>
>>
>> _______________________________________________
>> gnuk-users mailing list
>> gnuk-users at lists.alioth.debian.org
>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/gnuk-users/attachments/20161218/0c9f97d3/attachment-0001.html>
More information about the gnuk-users
mailing list