[Gnuk-users] Gnuk and possible hardware vulnerability

intrigeri intrigeri at boum.org
Sat Sep 30 16:13:47 UTC 2017


NIIBE Yutaka:
> It is true that in the use cases of Gnuk Token, users somehow depend on
> the "protection" mechanism of the MCU.  I recommend enabling this to
> prevent reading private key from its flash ROM by SWD/JTAG debugger.  By
> enabling the feature, SWD/JTAG access won't work.

I have two questions on this topic:

1. How can I check if my Gnuk Token (FST-01) has this protection
   mechanism enabled?

   It came without Gnuk pre-installed (IIRC it had NeuG) so my
   understanding is that the protection is disabled by default.

2. Did I get it right that I need ST-Link/V2 hardware to enable this
   protection mechanism?

   The "How to protect flash ROM" section in Gnuk's README tells me to
   use OpenOCD, an "Open on-chip JTAG debug solution for ARM and MIPS

Thanks in advance!


More information about the gnuk-users mailing list