[Gnuk-users] Upgrading gnuk on a nitrokey start

Remy van Elst relst at relst.nl
Sun Dec 18 11:22:52 UTC 2016


I was wondering if I could downgrade a Start to gnuk 1.0.4 that came with
the Nitrokey (from here
https://github.com/Nitrokey/nitrokey-start-firmware/commits/master) but the
make fails:

$ make

arm-none-eabi-gcc -c -mcpu=cortex-m3 -mfix-cortex-m3-ldrd -O3 -Os -ggdb
-fomit-frame-pointer -falign-functions=16 -ffunction-sections
-fdata-sections -Wall -Wextra -Wstrict-prototypes
-Wa,-alms=../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.lst
-DCORTEX_USE_BASEPRI=TRUE  -DTHUMB_PRESENT -mno-thumb-interwork
-DTHUMB_NO_INTERWORKING -MD -MP -MF .dep/hal_lld.o.d -mthumb -DTHUMB -I .
-I../polarssl-0.14.0/include -I../ChibiOS_2.0.8/os/ports/GCC/ARMCMx
-I../ChibiOS_2.0.8/os/ports/GCC/ARMCMx/STM32F10x
-I../ChibiOS_2.0.8/os/ports/GCC/ARMCMx/cmsis
-I../ChibiOS_2.0.8/os/kernel/include -I../ChibiOS_2.0.8/os/hal/include
-I../ChibiOS_2.0.8/os/hal/platforms/STM32 -I../boards/common
-I../boards/NITROKEY_START -I../ChibiOS_2.0.8/os/various
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c -o
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.o
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:54:4: error:
'VAL_GPIOAODR' undeclared here (not in a function)
   {VAL_GPIOAODR, VAL_GPIOACRL, VAL_GPIOACRH},
    ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:54:18: error:
'VAL_GPIOACRL' undeclared here (not in a function)
   {VAL_GPIOAODR, VAL_GPIOACRL, VAL_GPIOACRH},
                  ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:54:32: error:
'VAL_GPIOACRH' undeclared here (not in a function)
   {VAL_GPIOAODR, VAL_GPIOACRL, VAL_GPIOACRH},
                                ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:55:4: error:
'VAL_GPIOBODR' undeclared here (not in a function)
   {VAL_GPIOBODR, VAL_GPIOBCRL, VAL_GPIOBCRH},
    ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:55:18: error:
'VAL_GPIOBCRL' undeclared here (not in a function)
   {VAL_GPIOBODR, VAL_GPIOBCRL, VAL_GPIOBCRH},
                  ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:55:32: error:
'VAL_GPIOBCRH' undeclared here (not in a function)
   {VAL_GPIOBODR, VAL_GPIOBCRL, VAL_GPIOBCRH},
                                ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:56:4: error:
'VAL_GPIOCODR' undeclared here (not in a function)
   {VAL_GPIOCODR, VAL_GPIOCCRL, VAL_GPIOCCRH},
    ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:56:18: error:
'VAL_GPIOCCRL' undeclared here (not in a function)
   {VAL_GPIOCODR, VAL_GPIOCCRL, VAL_GPIOCCRH},
                  ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:56:32: error:
'VAL_GPIOCCRH' undeclared here (not in a function)
   {VAL_GPIOCODR, VAL_GPIOCCRL, VAL_GPIOCCRH},
                                ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:57:4: error:
'VAL_GPIODODR' undeclared here (not in a function)
   {VAL_GPIODODR, VAL_GPIODCRL, VAL_GPIODCRH},
    ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:57:18: error:
'VAL_GPIODCRL' undeclared here (not in a function)
   {VAL_GPIODODR, VAL_GPIODCRL, VAL_GPIODCRH},
                  ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:57:32: error:
'VAL_GPIODCRH' undeclared here (not in a function)
   {VAL_GPIODODR, VAL_GPIODCRL, VAL_GPIODCRH},
                                ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:59:4: error:
'VAL_GPIOEODR' undeclared here (not in a function)
   {VAL_GPIOEODR, VAL_GPIOECRL, VAL_GPIOECRH},
    ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:59:18: error:
'VAL_GPIOECRL' undeclared here (not in a function)
   {VAL_GPIOEODR, VAL_GPIOECRL, VAL_GPIOECRH},
                  ^~~~~~~~~~~~
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.c:59:32: error:
'VAL_GPIOECRH' undeclared here (not in a function)
   {VAL_GPIOEODR, VAL_GPIOECRL, VAL_GPIOECRH},
                                ^~~~~~~~~~~~
make: *** [../ChibiOS_2.0.8/os/ports/GCC/ARM/rules.mk:116:
../ChibiOS_2.0.8/os/hal/platforms/STM32/hal_lld.o] Error 1

Any tips on compiling this older version? I'm using the following gcc:

[12:22:05] [remy at gateway] [ ~/repo/nitrokey/src (master) ]
$ arm-none-eabi-gcc -v
Using built-in specs.
COLLECT_GCC=arm-none-eabi-gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/arm-none-eabi/6.2.0/lto-wrapper
Target: arm-none-eabi
Configured with: /build/arm-none-eabi-gcc/src/gcc-6-20161124/configure
--target=arm-none-eabi --prefix=/usr --with-sysroot=/usr/arm-none-eabi
--with-native-system-header-dir=/include --libexecdir=/usr/lib
--enable-languages=c,c++ --enable-plugins --disable-decimal-float
--disable-libffi --disable-libgomp --disable-libmudflap
--disable-libquadmath --disable-libssp --disable-libstdcxx-pch
--disable-nls --disable-shared --disable-threads --disable-tls
--with-gnu-as --with-gnu-ld --with-system-zlib --with-newlib
--with-headers=/usr/arm-none-eabi/include
--with-python-dir=share/gcc-arm-none-eabi --with-gmp --with-mpfr --with-mpc
--with-isl --with-libelf --enable-gnu-indirect-function
--with-host-libstdcxx='-static-libgcc -Wl,-Bstatic,-lstdc++,-Bdynamic -lm'
--with-pkgversion='Arch Repository' --with-bugurl=
https://bugs.archlinux.org/
--with-multilib-list=armv6-m,armv7-m,armv7e-m,armv7-r
Thread model: single
gcc version 6.2.0 (Arch Repository)


[12:22:19] [remy at gateway] [ ~/repo/nitrokey/src (master) ]
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/6.2.1/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc/src/gcc/configure --prefix=/usr
--libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --enable-libmpx --with-system-zlib --with-isl
--enable-__cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu
--disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object
--enable-linker-build-id --enable-lto --enable-plugin
--enable-install-libiberty --with-linker-hash-style=gnu
--enable-gnu-indirect-function --disable-multilib --disable-werror
--enable-checking=release
Thread model: posix
gcc version 6.2.1 20160830 (GCC)




https://raymii.org

On Sun, Dec 18, 2016 at 10:18 AM, Remy van Elst <relst at relst.nl> wrote:

> Well, it seems to work without issues on the nitrokeys I upgraded earlier
> via DFU, but it still bricks my only non-borked non-upgraded Nitrokey start:
>
> Before upgrade (my only non-bricked nitrokey still in the original case):
>
>     $ gpg --card-status
>     Reader ...........: 20A0:4211:FSIJ-1.0.4-52FF6C06:0
>     Application ID ...: D276000124010200FFFE52FF6C060000
>     Version ..........: 2.0
>     Manufacturer .....: unmanaged S/N range
>     Serial number ....: 52FF6C06
>     Name of cardholder: [not set]
>     Language prefs ...: [not set]
>     Sex ..............: unspecified
>     URL of public key : [not set]
>     Login data .......: [not set]
>     Signature PIN ....: forced
>     Key attributes ...: rsa2048 rsa2048 rsa2048
>     Max. PIN lengths .: 127 127 127
>     PIN retry counter : 3 3 3
>     Signature counter : 0
>     Signature key ....: [none]
>     Encryption key....: [none]
>     Authentication key: [none]
>     General key info..: [none]
>
>
>     $ python2 usb_strings.py
>     Device:
>         Vendor: Nitrokey
>        Product: Nitrokey Start
>         Serial: FSIJ-1.0.4-52FF6C06
>       Revision: release/1.0.4-6-g739e00e
>         Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=yes:
> keygen=yes
>            Sys: 1.0
>
>
>
>
> Upgrade fails:
>
> n python2 ./upgrade_by_passwd.py -f  ../regnual/regnual.bin
> ../src/build/gnuk.bin
> ../regnual/regnual.bin: 4372
> ../src/build/gnuk.bin: 110592
> CRC32: f3fafa79
>
> Device:
> Configuration: 1
> Interface: 0
> 20001400:20004a00
> Downloading flash upgrade program...
> start 20001400
> end   20002500
> Run flash upgrade program...
> Waiting for device to appear:
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> - Wait 1 seconds...
> ^CTraceback (most recent call last):
>   File "./upgrade_by_passwd.py", line 134, in <module>
>     main(wait_e, keyno, passwd, data_regnual, data_upgrade[4096:])
>   File "./upgrade_by_passwd.py", line 75, in main
>     time.sleep(wait_e)
> KeyboardInterrupt
>
>
>
> Nitrokey blinks, green light.
>
> The ealier-upgraded versions do work:
>
> Before upgrade (Nitrokey start key upgraded via DFU):
>
>     $ gpg --card-status
>     Reader ...........: 20A0:4211:FSIJ-1.2.1-87042430:0
>     Application ID ...: D276000124010200FFFE870424300000
>     Version ..........: 2.0
>     Manufacturer .....: unmanaged S/N range
>     Serial number ....: 87042430
>     Name of cardholder: [not set]
>     Language prefs ...: [not set]
>     Sex ..............: unspecified
>     URL of public key : [not set]
>     Login data .......: [not set]
>     Signature PIN ....: forced
>     Key attributes ...: rsa2048 rsa2048 rsa2048
>     Max. PIN lengths .: 127 127 127
>     PIN retry counter : 3 3 3
>     Signature counter : 0
>     Signature key ....: [none]
>     Encryption key....: [none]
>     Authentication key: [none]
>     General key info..: [none]
>
>
>
>     $ python2 usb_strings.py
>     Device:
>         Vendor:
>        Product: Nitrokey
>         Serial: FSIJ-1.2.1-87042430
>       Revision: release/1.2.1-1-g2b784cb-modified
>         Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=no
>            Sys: 3.0
>
>
>
> Upgrade:
>
>
>
>     ../regnual/regnual.bin: 4372
>     ../src/build/gnuk.bin: 110592
>     CRC32: f3fafa79
>
>     Device:
>     Configuration: 1
>     Interface: 0
>     20002800:20005000
>     Downloading flash upgrade program...
>     start 20002800
>     end   20003900
>     Run flash upgrade program...
>     Waiting for device to appear:
>     - Wait 1 seconds...
>     Device:
>     08001000:08020000
>     Downloading the program
>     start 08001000
>     end   0801b000
>     Resetting device
>     Update procedure finished
>
>
>
> After upgrade:
>
>     $ python2 usb_strings.py
>     Device:
>         Vendor: Nitrokey
>        Product: Nitrokey Start
>         Serial: FSIJ-1.2.2-87042430
>       Revision: release/1.0.2-471-g1a76ab5
>         Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=no
>            Sys: 3.0
>
>
>     $ gpg --card-status
>     Reader ...........: 20A0:4211:FSIJ-1.2.2-87042430:0
>     Application ID ...: D276000124010200FFFE870424300000
>     Version ..........: 2.0
>     Manufacturer .....: unmanaged S/N range
>     Serial number ....: 87042430
>     Name of cardholder: [not set]
>     Language prefs ...: [not set]
>     Sex ..............: unspecified
>     URL of public key : [not set]
>     Login data .......: [not set]
>     Signature PIN ....: forced
>     Key attributes ...: rsa2048 rsa2048 rsa2048
>     Max. PIN lengths .: 127 127 127
>     PIN retry counter : 3 3 3
>     Signature counter : 0
>     Signature key ....: [none]
>     Encryption key....: [none]
>     Authentication key: [none]
>     General key info..: [none]
>
>
>
>
> EC keys:
>
>     [10:09:28] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
>     $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 1 22 ed25519" /bye
>     OK
>
>     [10:09:31] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
>     $ gpg --card-status
>     Reader ...........: 20A0:4211:FSIJ-1.2.2-87042430:0
>     Application ID ...: D276000124010200FFFE870424300000
>     Version ..........: 2.0
>     Manufacturer .....: unmanaged S/N range
>     Serial number ....: 87042430
>     Name of cardholder: [not set]
>     Language prefs ...: [not set]
>     Sex ..............: unspecified
>     URL of public key : [not set]
>     Login data .......: [not set]
>     Signature PIN ....: forced
>     Key attributes ...: ed25519 rsa2048 rsa2048
>     Max. PIN lengths .: 127 127 127
>     PIN retry counter : 3 3 3
>     Signature counter : 0
>     Signature key ....: [none]
>     Encryption key....: [none]
>     Authentication key: [none]
>     General key info..: [none]
>
>
>     [10:09:33] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
>     $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 3 22 ed25519" /bye
>     OK
>
>     [10:10:05] [remy at gateway] [ ~/repo/nitrokey-upfix/tool
> (gnuk1.2-regnual-fix) ]
>     $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 2 18 cv25519" /bye
>     OK
>
>
>     $ gpg --card-status
>     Reader ...........: 20A0:4211:FSIJ-1.2.2-87042430:0
>     Application ID ...: D276000124010200FFFE870424300000
>     Version ..........: 2.0
>     Manufacturer .....: unmanaged S/N range
>     Serial number ....: 87042430
>     Name of cardholder: [not set]
>     Language prefs ...: [not set]
>     Sex ..............: unspecified
>     URL of public key : [not set]
>     Login data .......: [not set]
>     Signature PIN ....: forced
>     Key attributes ...: ed25519 cv25519 ed25519
>     Max. PIN lengths .: 127 127 127
>     PIN retry counter : 3 3 3
>     Signature counter : 0
>     Signature key ....: [none]
>     Encryption key....: [none]
>     Authentication key: [none]
>     General key info..: [none]
>
>
>
>
>
>
> https://raymii.org
>
> On Fri, Dec 16, 2016 at 11:27 AM, Jan Suhr | Nitrokey <jan at nitrokey.com>
> wrote:
>
>> Hi Remy,
>>
>> we prepared a fix for regnual to enable updating a Nitrokey Start. It is
>> here: https://github.com/Nitrokey/nitrokey-start-firmware/tree/gnu
>> k1.2-regnual-fix
>>
>> Please let me know if it works for you.
>>
>> Best regards,
>> Jan
>>
>> Am 12.10.2016 19:50, schrieb Remy van Elst:
>>
>> I tried to do the update with the provided scripts, but that failed with
>> the same symptoms as before. The green LED keeps blinking, waiting a few
>> minutes doesn't give any progress and after reinsertion the Nitrokey seems
>> to not do anything. A DFU flash fixes that.
>>
>> Before the upgrade
>>
>>     $ python2 usb_strings.py
>>     Device:
>>         Vendor:
>>        Product: Nitrokey
>>         Serial: FSIJ-1.2.1-87042430
>>       Revision: release/1.2.1-1-g2b784cb-modified
>>         Config: NITROKEY_START:dfu=no:debug=no:pinpad=no:certdo=no
>>            Sys: 3.0
>>
>>
>> Running the update:
>>
>>     $ python2 upgrade_by_passwd.py -f ../regnual/regnual.bin
>> ../src/build/gnuk.bin
>>     ../regnual/regnual.bin: 4412
>>     ../src/build/gnuk.bin: 110592
>>     CRC32: 303d2f62
>>
>>     Device:
>>     Configuration: 1
>>     Interface: 0
>>     20002800:20005000
>>     Downloading flash upgrade program...
>>     start 20002800
>>     end   20003900
>>     Run flash upgrade program...
>>     Wait 1 seconds...
>>     Wait 1 seconds...
>>     Wait 1 seconds...
>>     [...] #repeats until cancelled
>>
>>     ^CTraceback (most recent call last):
>>       File "upgrade_by_passwd.py", line 130, in <module>
>>         main(wait_e, keyno, passwd, data_regnual, data_upgrade[4096:])
>>       File "upgrade_by_passwd.py", line 73, in main
>>         time.sleep(wait_e)
>>     KeyboardInterrupt
>>
>>
>>
>>
>> dmesg output during the update:
>>
>>     [ 2464.228628] usb 2-1.2: USB disconnect, device number 4
>>     [ 2468.101333] usb 1-1.1: new full-speed USB device number 3 using
>> ehci-pci
>>     [ 2541.541385] usb 1-1.1: USB disconnect, device number 3
>>     [ 2542.831257] usb 1-1.1: new full-speed USB device number 4 using
>> ehci-pci
>>     [ 2554.745022] usb 1-1.1: USB disconnect, device number 4
>>     [ 2557.543186] usb 1-1.1: new full-speed USB device number 5 using
>> ehci-pci
>>
>>
>>
>>
>>
>>
>>
>> https://raymii.org
>>
>> On Wed, Oct 12, 2016 at 1:38 PM, Jan Suhr <jan at nitrokey.com> wrote:
>>
>>> Hi Remy,
>>>
>>> I understand your Nitrokey Start is flashed with latest Gnuk 1.2 but I'm
>>> curious if regnual would work from now on or not. Did you try to update
>>> Gnuk 1.2 via regnual? (Perhaps "update" to the same Gnuk version just for
>>> the sake of testing it.)
>>>
>>> Regards,
>>> Jan
>>>
>>>
>>> Am 11.10.2016 17:33, schrieb Remy van Elst:
>>>
>>> Small update,
>>>
>>> I fried one Nitrokey when trying to solder on the ST Link headers.
>>> Bummer.
>>>
>>> I hot-air desoldered an USB header from an old motherboard in the
>>> e-waste bin and used the standard USB pinout, which suprisingly, worked. (
>>> https://i.imgur.com/PQ7QG2B.png).
>>>
>>> The stm32flash tool was unable to remove the flash protection:
>>>
>>>     $ sudo stm32flash -u  /dev/ttyUSB0
>>>     stm32flash 0.5
>>>
>>>     http://stm32flash.sourceforge.net/
>>>
>>>     Interface serial_posix: 57600 8E1
>>>     Version      : 0x22
>>>     Option 1     : 0x00
>>>     Option 2     : 0x00
>>>     Device ID    : 0x0410 (STM32F10xxx Medium-density)
>>>     - RAM        : 20KiB  (512b reserved by bootloader)
>>>     - Flash      : 128KiB (size first sector: 4x1024)
>>>     - Option RAM : 16b
>>>     - System RAM : 2KiB
>>>     Write-unprotecting flash
>>>     Got NACK from device on command 0x73
>>>     Done.
>>>
>>> so I had to use the Windows ST Demo loader tool. It worked, and I'm able
>>> to flash the gnuk 1.2 release to the Nitrokey start. (Not the fried one,
>>> another one). That seems to work so far:
>>>
>>>
>>>
>>> $ gpg --card-status
>>>
>>>     Reader ...........: Nitrokey Nitrokey Start (FSIJ-1.2.1-87042430) 00
>>> 00
>>>     Application ID ...: D276000124010200FFFE870424300000
>>>     Version ..........: 2.0
>>>     Manufacturer .....: unmanaged S/N range
>>>     Serial number ....: 87042430
>>>     Name of cardholder: [not set]
>>>     Language prefs ...: [not set]
>>>     Sex ..............: unspecified
>>>     URL of public key : [not set]
>>>     Login data .......: [not set]
>>>     Signature PIN ....: forced
>>>     Key attributes ...: rsa2048 rsa2048 rsa2048
>>>     Max. PIN lengths .: 127 127 127
>>>     PIN retry counter : 3 3 3
>>>     Signature counter : 4
>>>     Signature key ....: 3D1B 8501 882B EA0D D813  6CAC 1437 62A5 87BD
>>> 54FE
>>>           created ....: 2016-10-11 15:06:29
>>>     Encryption key....: 9898 208B 7876 4F65 A06E  3E65 637A 80D6 31D5
>>> 21C2
>>>           created ....: 2016-10-11 15:06:29
>>>     Authentication key: 2141 3E30 8EFF F2D0 FB3D  4C9E DA3D F5B9 7130
>>> 1532
>>>           created ....: 2016-10-11 15:06:29
>>>     General key info..: pub  rsa2048/0x143762A587BD54FE 2016-10-11 Remy
>>> test (Test gnuk1.2) <remy at test.nl>
>>>     sec>  rsa2048/0x143762A587BD54FE  created: 2016-10-11  expires:
>>> 2016-10-18
>>>                                       card-no: FFFE 87042430
>>>     ssb>  rsa2048/0xDA3DF5B971301532  created: 2016-10-11  expires:
>>> 2016-10-18
>>>                                       card-no: FFFE 87042430
>>>     ssb>  rsa2048/0x637A80D631D521C2  created: 2016-10-11  expires:
>>> 2016-10-18
>>>                                       card-no: FFFE 87042430
>>>
>>>
>>>
>>> After flashing it with the Windows tool, stm32flash does work:
>>>
>>>
>>>
>>>     $ sudo stm32flash -w build/gnuk.bin -g 0x0 /dev/ttyUSB0
>>>     stm32flash 0.5
>>>
>>>     http://stm32flash.sourceforge.net/
>>>
>>>     Using Parser : Raw BINARY
>>>     Interface serial_posix: 57600 8E1
>>>     Version      : 0x22
>>>     Option 1     : 0x00
>>>     Option 2     : 0x00
>>>     Device ID    : 0x0410 (STM32F10xxx Medium-density)
>>>     - RAM        : 20KiB  (512b reserved by bootloader)
>>>     - Flash      : 128KiB (size first sector: 4x1024)
>>>     - Option RAM : 16b
>>>     - System RAM : 2KiB
>>>     Write to memory
>>>     Erasing memory
>>>     Wrote address 0x0801b000 (100.00%) Done.
>>>
>>>     Starting execution at address 0x08000000... done.
>>>
>>> I can also place an ecc 25519 key on the device:
>>>
>>>     $ gpg --card-status
>>>
>>>     Reader ...........: Nitrokey Nitrokey Start (FSIJ-1.2.1-87042430) 00
>>> 00
>>>     Application ID ...: D276000124010200FFFE870424300000
>>>     Version ..........: 2.0
>>>     Manufacturer .....: unmanaged S/N range
>>>     Serial number ....: 87042430
>>>     Name of cardholder: [not set]
>>>     Language prefs ...: [not set]
>>>     Sex ..............: unspecified
>>>     URL of public key : [not set]
>>>     Login data .......: [not set]
>>>     Signature PIN ....: forced
>>>     Key attributes ...: ed25519 rsa2048 rsa2048
>>>     Max. PIN lengths .: 127 127 127
>>>     PIN retry counter : 3 3 3
>>>     Signature counter : 0
>>>     Signature key ....: 3678 F2EE 1CCB 4B24 B107  38BA 101D 491F 08E7
>>> FD60
>>>           created ....: 2016-10-11 15:31:27
>>>     Encryption key....: [none]
>>>     Authentication key: [none]
>>>     General key info..: pub  ed25519/0x101D491F08E7FD60 2016-10-11 test
>>> remy ecc (gnuk 1.2) <nitrokey at raymii.nl>
>>>     sec>  ed25519/0x101D491F08E7FD60  created: 2016-10-11  expires:
>>> 2016-10-18
>>>                                       card-no: FFFE 87042430
>>>
>>>
>>> Yay!
>>>
>>>
>>>
>>>
>>> https://raymii.org
>>>
>>> On Fri, Sep 16, 2016 at 3:26 PM, NIIBE Yutaka <gniibe at fsij.org> wrote:
>>>
>>>> Hello, Jan,
>>>>
>>>> On 09/16/2016 05:38 PM, Jan Suhr wrote:
>>>> > Nitrokey Start hardware is based on FST-01. In particular the MCU is
>>>> > identical. The main differences are:
>>>> > - No external flash
>>>> > - Different pinning. See:
>>>> > https://github.com/Nitrokey/nitrokey-start-firmware/commit/c
>>>> 98d6cbc4a225f10bca8f2d7b86effcbdcf534f4
>>>> >
>>>> > Do you think the different pinning may be a cause for the update
>>>> issue?
>>>>
>>>> Thanks for the pointer.
>>>>
>>>> The file is a bit different to the one in Chopstx (Gnuk 1.2).
>>>>
>>>> https://git.gniibe.org/gitweb/?p=chopstx/chopstx.git;a=commi
>>>> tdiff;h=8650bde8a056ca8d7954837bfd6692958e263634;hp=6e7334dc
>>>> fff83898ff6b8568bf24c6fe90deaa9c
>>>>
>>>> I had thought that it's because of revision change of hardware.  If it
>>>> is same hardware, I think that Gnuk 1.0 on Nitrokey Start doesn't work
>>>> well with upgrade through USB.
>>>>
>>>> One of my friends kindly showed me the board of Nitrokey Start.
>>>> I also examined the KiCAD schematic of:
>>>>
>>>>     https://github.com/Nitrokey/nitrokey-pro-hardware
>>>>
>>>> Well, examining schematic is not that easy, even for such a simple
>>>> one.
>>>>
>>>> PA9 and PA10 is connected to USB-D- and USB-D+.  And with the
>>>> configuration of Gnuk 1.0 for Nitrokey Start, those pins of PA9 and
>>>> PA10 is pulled up by Vdd.  I think that this interferes the USB
>>>> shutdown and re-enumeration process of USB upgrade.
>>>>
>>>> I think that the configuration of Gnuk 1.2 for Nitrokey Start is
>>>> better.
>>>> --
>>>>
>>>> _______________________________________________
>>>> gnuk-users mailing list
>>>> gnuk-users at lists.alioth.debian.org
>>>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>>>
>>>
>>> _______________________________________________
>>> gnuk-users mailing list
>>> gnuk-users at lists.alioth.debian.org
>>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>>
>>>
>>> _______________________________________________
>>> gnuk-users mailing list
>>> gnuk-users at lists.alioth.debian.org
>>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>>
>>
>> _______________________________________________
>> gnuk-users mailing list
>> gnuk-users at lists.alioth.debian.org
>> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/gnuk-users/attachments/20161218/0c9f97d3/attachment-0001.html>


More information about the gnuk-users mailing list