From gniibe at fsij.org Thu Apr 5 08:32:48 2018 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 05 Apr 2018 15:32:48 +0900 Subject: Gnuk version 1.2.9 Message-ID: <87zi2i2men.fsf@iwagami.gniibe.org> Hello, Gnuk version 1.2.9 is released. tag release/1.2.9 Tagger: NIIBE Yutaka Date: Thu Apr 5 14:02:20 2018 +0900 commit 24adc0940641f9108aafa03f1d9681d3c63173bb While I implement --card-edit/kdf-setup command in GnuPG (in forthcoming 2.2.6), I also put some tests in gnuk/tests/. Then, some bugs were found and fixed. Since I realized that full KDF Data Object is not compatible to admin-less mode, I added "single-salt" KDF Data Object, which share the single salt among user/admin/resetcode. Please note that when you setup KDF on your token, you can only use it with newer GnuPG. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From marian.buschsieweke at ovgu.de Fri Apr 6 18:26:18 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Fri, 6 Apr 2018 18:26:18 +0200 Subject: USB vendor ID 0000 on Blue Pill Message-ID: <20180406182618.2d3ff0d3@faultier2go> Hi, I tried to flash gnuk on my STM32F103 blue pill board, but the USB vendor ID is detected as 0000. Steps to reproduce: 1. Build: ./configure --vidpid=234b:0000 --target=BLUE_PILL && make 2. Connect Blue Pill via USB-TTL adapter: A9 <--> RX A10 <--> TX 3.3V <--> 3.3 V GND <--> GND 3. Flash - Set boot0 to 1, boot1 to 0, plug USB-TTL adapter in - stm32flash -w build/gnuk.bin -v -g 0x0 /dev/ttyUSB0 4. Remove cables and set boot0 to 0, boot1 to 0 and connect Blue Pill board to USB Output of dmesg: [26499.499164] usb 1-3.2: new full-speed USB device number 77 using xhci_hcd [26499.605549] usb 1-3.2: New USB device found, idVendor=0000, idProduct=0000 ^^^^ Wrong vendor ID [26499.605556] usb 1-3.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [26499.605559] usb 1-3.2: Product: Gnuk Token [26499.605562] usb 1-3.2: Manufacturer: Free Software Initiative of Japan [26499.605565] usb 1-3.2: SerialNumber: FSIJ-1.2.9-43223327 Does anyone know what went wrong? Thanks for your help! Kind regards, Marian PS: I'm using the Blue Pill clone: http://wiki.stm32duino.com/index.php?title=RobotDyn_Black_Pill From mike at sowbug.com Sat Apr 7 02:03:12 2018 From: mike at sowbug.com (Mike Tsao) Date: Sat, 07 Apr 2018 00:03:12 +0000 Subject: USB vendor ID 0000 on Blue Pill In-Reply-To: <20180406182618.2d3ff0d3@faultier2go> References: <20180406182618.2d3ff0d3@faultier2go> Message-ID: You have to build the VID/PID into the image you're flashing: $ make build/gnuk-vidpid.elf This is a recent change to the project. I missed it at first, too, but it's mentioned in the README at line 410. I don't know why make is a separate step from make build/gnuk-vidpid.elf. I don't remember off the top of my head whether you have to flash the gnuk-vidpid.hex file rather than just gnuk.hex. On Fri, Apr 6, 2018 at 12:10 PM Marian Buschsieweke < marian.buschsieweke at ovgu.de> wrote: > Hi, > > I tried to flash gnuk on my STM32F103 blue pill board, but the USB vendor > ID > is detected as 0000. > > Steps to reproduce: > > 1. Build: > ./configure --vidpid=234b:0000 --target=BLUE_PILL && make > > 2. Connect Blue Pill via USB-TTL adapter: > A9 <--> RX > A10 <--> TX > 3.3V <--> 3.3 V > GND <--> GND > > 3. Flash > - Set boot0 to 1, boot1 to 0, plug USB-TTL adapter in > - stm32flash -w build/gnuk.bin -v -g 0x0 /dev/ttyUSB0 > > 4. Remove cables and set boot0 to 0, boot1 to 0 and connect Blue Pill > board to > USB > > Output of dmesg: > > [26499.499164] usb 1-3.2: new full-speed USB device number 77 using > xhci_hcd > [26499.605549] usb 1-3.2: New USB device found, idVendor=0000, > idProduct=0000 > ^^^^ > Wrong vendor ID > [26499.605556] usb 1-3.2: New USB device strings: Mfr=1, Product=2, > SerialNumber=3 > [26499.605559] usb 1-3.2: Product: Gnuk Token > [26499.605562] usb 1-3.2: Manufacturer: Free Software Initiative of Japan > [26499.605565] usb 1-3.2: SerialNumber: FSIJ-1.2.9-43223327 > > Does anyone know what went wrong? Thanks for your help! > > Kind regards, > Marian > > PS: I'm using the Blue Pill clone: > http://wiki.stm32duino.com/index.php?title=RobotDyn_Black_Pill > > _______________________________________________ > Gnuk-users mailing list > Gnuk-users at gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnuk-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marian.buschsieweke at ovgu.de Sat Apr 7 17:41:58 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Sat, 7 Apr 2018 17:41:58 +0200 Subject: USB vendor ID 0000 on Blue Pill In-Reply-To: References: <20180406182618.2d3ff0d3@faultier2go> Message-ID: <20180407174158.2bd49482@faultier2go> Hi, thank you very much :-) Any chance the default make gets changed so that build/gnuk-vidpid.elf is build by default? A quick and dirty hack to achieve this behavior is attached. Kind regards, Marian On Sat, 07 Apr 2018 00:03:12 +0000 Mike Tsao wrote: > You have to build the VID/PID into the image you're flashing: > > $ make build/gnuk-vidpid.elf > > This is a recent change to the project. I missed it at first, too, but it's > mentioned in the README at line 410. I don't know why make is a separate > step from make build/gnuk-vidpid.elf. > > I don't remember off the top of my head whether you have to flash the > gnuk-vidpid.hex file rather than just gnuk.hex. > > On Fri, Apr 6, 2018 at 12:10 PM Marian Buschsieweke < > marian.buschsieweke at ovgu.de> wrote: > > > Hi, > > > > I tried to flash gnuk on my STM32F103 blue pill board, but the USB vendor > > ID > > is detected as 0000. > > > > Steps to reproduce: > > > > 1. Build: > > ./configure --vidpid=234b:0000 --target=BLUE_PILL && make > > > > 2. Connect Blue Pill via USB-TTL adapter: > > A9 <--> RX > > A10 <--> TX > > 3.3V <--> 3.3 V > > GND <--> GND > > > > 3. Flash > > - Set boot0 to 1, boot1 to 0, plug USB-TTL adapter in > > - stm32flash -w build/gnuk.bin -v -g 0x0 /dev/ttyUSB0 > > > > 4. Remove cables and set boot0 to 0, boot1 to 0 and connect Blue Pill > > board to > > USB > > > > Output of dmesg: > > > > [26499.499164] usb 1-3.2: new full-speed USB device number 77 using > > xhci_hcd > > [26499.605549] usb 1-3.2: New USB device found, idVendor=0000, > > idProduct=0000 > > ^^^^ > > Wrong vendor ID > > [26499.605556] usb 1-3.2: New USB device strings: Mfr=1, Product=2, > > SerialNumber=3 > > [26499.605559] usb 1-3.2: Product: Gnuk Token > > [26499.605562] usb 1-3.2: Manufacturer: Free Software Initiative of Japan > > [26499.605565] usb 1-3.2: SerialNumber: FSIJ-1.2.9-43223327 > > > > Does anyone know what went wrong? Thanks for your help! > > > > Kind regards, > > Marian > > > > PS: I'm using the Blue Pill clone: > > http://wiki.stm32duino.com/index.php?title=RobotDyn_Black_Pill > > > > _______________________________________________ > > Gnuk-users mailing list > > Gnuk-users at gnupg.org > > https://lists.gnupg.org/mailman/listinfo/gnuk-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Makefile-Added-default-target.patch Type: text/x-patch Size: 740 bytes Desc: not available URL: From gniibe at fsij.org Mon Apr 9 04:15:31 2018 From: gniibe at fsij.org (NIIBE Yutaka) Date: Mon, 09 Apr 2018 11:15:31 +0900 Subject: USB vendor ID 0000 on Blue Pill In-Reply-To: <20180407174158.2bd49482@faultier2go> References: <20180406182618.2d3ff0d3@faultier2go> <20180407174158.2bd49482@faultier2go> Message-ID: <87sh85cegs.fsf@iwagami.gniibe.org> Marian Buschsieweke wrote: > Any chance the default make gets changed so that build/gnuk-vidpid.elf > is build by default? The last step was introduced, so that people can do: (1) Distribute the binary image gnuk.elf, gnuk.bin, gnuk.hex (or whatever) without VID-PID and it means: (2) Encourage reproducible build, or make it easier to check if it's correctly built or not I wanted to make sure that the image by default build doesn't contain VID-PID, even if it is specified at configure time. Adding "default" to build/gnuk-vidpid.elf will go other way, I'm afraid. Or... is it better to default to the image with VID-PID, changing the last step to generate distribution image withno VID-PID? I wonder. -- From marian.buschsieweke at ovgu.de Mon Apr 9 11:07:31 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Mon, 9 Apr 2018 11:07:31 +0200 Subject: USB vendor ID 0000 on Blue Pill In-Reply-To: References: <20180406182618.2d3ff0d3@faultier2go> <20180407174158.2bd49482@faultier2go> <87sh85cegs.fsf@iwagami.gniibe.org> Message-ID: <20180409110731.1d2671d5@faultier2go> Hi, imho the new naming convention suggested by Peter Lebbing is more obvious and has the advantage to remain compatible with old HowTos. Also, I personally believe there is no harm in building building both versions by default. This also seems to me the more common case that users want the image with vid & pid included, so it would be nice to have this case covered by default. Kind regards, Marian ------------------------------------------------------------- M.Sc. Marian Buschsieweke Dept. Communication and Networked Systems (ComSys) Institute for Intelligent Cooperating Systems (IKS) Otto-von-Guericke-University of Magdeburg Universit?tsplatz 2, Building 29, Room 314 39106 Magdeburg Germany http://www.comsys.ovgu.de/Team/Marian+Buschsieweke.html Tel.: +49 - 391 - 67 - 52673 Fax: +49 - 391 - 67 - 41161 ------------------------------------------------------------- On Mon, 9 Apr 2018 10:55:23 +0200 Peter Lebbing wrote: > On 09/04/18 04:15, NIIBE Yutaka wrote: > > Or... is it better to default to the image with VID-PID, changing the > > last step to generate distribution image withno VID-PID? I wonder. > > Right now, you explicitly name the image /with/ a VID and PID. But maybe > people will pick up quicker on the way it works when you explicitly name > the image /without/ a VID and PID. > > Instead of > gnuk.bin/.hex/.elf/... > gnuk-vidpid.bin/.hex/.elf/... > > Name them > gnuk-novidpid.bin/... > gnuk.bin/... > > That way, the name is a red flag to anyone trying to flash the former, > and they will consult the documentation to find out what step they are > missing. > > HTH, > > Peter. > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Mon Apr 9 10:55:23 2018 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 9 Apr 2018 10:55:23 +0200 Subject: USB vendor ID 0000 on Blue Pill In-Reply-To: <87sh85cegs.fsf@iwagami.gniibe.org> References: <20180406182618.2d3ff0d3@faultier2go> <20180407174158.2bd49482@faultier2go> <87sh85cegs.fsf@iwagami.gniibe.org> Message-ID: On 09/04/18 04:15, NIIBE Yutaka wrote: > Or... is it better to default to the image with VID-PID, changing the > last step to generate distribution image withno VID-PID? I wonder. Right now, you explicitly name the image /with/ a VID and PID. But maybe people will pick up quicker on the way it works when you explicitly name the image /without/ a VID and PID. Instead of gnuk.bin/.hex/.elf/... gnuk-vidpid.bin/.hex/.elf/... Name them gnuk-novidpid.bin/... gnuk.bin/... That way, the name is a red flag to anyone trying to flash the former, and they will consult the documentation to find out what step they are missing. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From marian.buschsieweke at ovgu.de Tue Apr 10 11:36:25 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Tue, 10 Apr 2018 11:36:25 +0200 Subject: Setting the Gnuk serial Message-ID: <20180410113625.56b83ee3@faultier2go> Hi, sadly I'm unable to set the serial of my Gnuk device. Any pointers what went wrong? env EMAIL=marian.buschsieweke at ovgu.de ./gnuk_put_binary_libusb.py -p -s ../GNUK_SERIAL_NUMBER Admin password: Writing serial number Device: Configuration: 1 Interface: 0 Traceback (most recent call last): File "./gnuk_put_binary_libusb.py", line 111, in main(fileid, is_update, data, passwd) File "./gnuk_put_binary_libusb.py", line 54, in main gnuk.cmd_write_binary(fileid, data, is_update) File "/home/maribu/Repos/software/gnuk/tool/gnuk_token.py", line 288, in cmd_write_binary raise ValueError("cmd_write_binary 0", "%02x%02x" % (sw[0], sw[1])) ValueError: ('cmd_write_binary 0', '6581') Kind regards, Marian -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From lovro at oreskovic.me Thu Apr 12 18:36:16 2018 From: lovro at oreskovic.me (=?UTF-8?B?TG92cm8gT3JlxaFrb3ZpxIc=?=) Date: Thu, 12 Apr 2018 18:36:16 +0200 Subject: I'm not able to set vid and pid Message-ID: So let me start from the end I can see the FST01 with gnuk firmware on it with lsusb, you can see the verbose output at the end of the email [1]. The problem is the vid and pid are set to 0000:0000 I tried building the binary a couple of ways, but it is also the same when I use docker (versions of programs installed on my machine should not be a problem this way) I am using this command to build it: env GNUK_CONFIG="--target=FST_01 --vidpid=234b:0000" make all I can see the gnuk when I start gpg --card-status as root. [2] I am using stlinkv2 (chinese clone) (both with 2.17.4 and 2.30.7 firmware versions) Let me just add to unlock the rom I first need to run this command sudo openocd -f /usr/local/share/openocd/scripts/interface/stlink-v2.cfg -f /usr/local/share/openocd/scripts/target/stm32f1x.cfg -c "init; reset halt; shutdown" while pulling reset to ground then letting it go half way through the command, if I do not do that I get ValueError('Status of core is not halt.', 128) when trying to run sudo python2 ../tool/stlinkv2.py -u I have tried a lot of combinations but in the end all of them end up with the FST01 having vid and pid set to 0000:0000. So, thnx in advance, does anybody have any pointers? Lovro [1] Bus 002 Device 096: ID 0000:0000 Device Descriptor: bLength 18 bDescriptorType 1 bcdUSB 2.00 bDeviceClass 0 (Defined at Interface level) bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize0 64 idVendor 0x0000 idProduct 0x0000 bcdDevice 0.00 iManufacturer 1 Free Software Initiative of Japan iProduct 2 Gnuk Token iSerial 3 FSIJ-1.2.9-87022328 bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 93 bNumInterfaces 1 bConfigurationValue 1 iConfiguration 0 bmAttributes 0x80 (Bus Powered) MaxPower 100mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber 0 bAlternateSetting 0 bNumEndpoints 3 bInterfaceClass 11 Chip/SmartCard bInterfaceSubClass 0 bInterfaceProtocol 0 iInterface 0 ChipCard Interface Descriptor: bLength 54 bDescriptorType 33 bcdCCID 1.10 (Warning: Only accurate for version 1.0) nMaxSlotIndex 0 bVoltageSupport 1 5.0V dwProtocols 2 T=1 dwDefaultClock 4000 dwMaxiumumClock 4000 bNumClockSupported 0 dwDataRate 9600 bps dwMaxDataRate 9600 bps bNumDataRatesSupp. 0 dwMaxIFSD 254 dwSyncProtocols 00000000 dwMechanical 00000000 dwFeatures 0002047A Auto configuration based on ATR Auto voltage selection Auto clock change Auto baud rate change Auto parameter negotation made by CCID Auto IFSD exchange Short APDU level exchange dwMaxCCIDMsgLen 271 bClassGetResponse echo bClassEnvelope FF wlcdLayout none bPINSupport 0 bMaxCCIDBusySlots 1 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x81 EP 1 IN bmAttributes 2 Transfer Type Bulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x01 EP 1 OUT bmAttributes 2 Transfer Type Bulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x82 EP 2 IN bmAttributes 3 Transfer Type Interrupt Synch Type None Usage Type Data wMaxPacketSize 0x0004 1x 4 bytes bInterval 255 Device Status: 0x0000 (Bus Powered) [2] Reader ...........: 0000:0000:FSIJ-1.2.9-87022328:0 Application ID ...: D276000124010200FFFE870223280000 Version ..........: 2.0 Manufacturer .....: unmanaged S/N range Serial number ....: 87022328 Name of cardholder: [not set] Language prefs ...: [not set] Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Key attributes ...: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] -- http://lovro.oreskovic.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From marian.buschsieweke at ovgu.de Thu Apr 12 21:05:44 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Thu, 12 Apr 2018 21:05:44 +0200 Subject: I'm not able to set vid and pid In-Reply-To: References: Message-ID: <20180412210544.2fbff04f@faultier2go> Dear Lovro Ore?kovi?, instead of "make all" please run "make build/gnuk-vidpid.elf", as the images gnuk.elf/gnuk.hex/gnuk.bin no longer contain the vid/pid set with configure. This was introduced to allow reproduceable builds. I had the same issue a few days ago ;-) While the documentation of gnuk was updated accordingly, a lot of 3rd party guides and tutorials exist that still refer to the old way to build the firmware. Kind regards, Marian On Thu, 12 Apr 2018 18:36:16 +0200 Lovro Ore?kovi? wrote: > So let me start from the end > > I can see the FST01 with gnuk firmware on it with lsusb, you can see the > verbose output at the end of the email [1]. > The problem is the vid and pid are set to 0000:0000 > > I tried building the binary a couple of ways, but it is also the same when > I use docker (versions of programs installed on my machine should not be a > problem this way) > I am using this command to build it: > env GNUK_CONFIG="--target=FST_01 --vidpid=234b:0000" make all > > I can see the gnuk when I start gpg --card-status as root. [2] > > I am using stlinkv2 (chinese clone) (both with 2.17.4 and 2.30.7 firmware > versions) > > Let me just add to unlock the rom I first need to run this command > sudo openocd -f /usr/local/share/openocd/scripts/interface/stlink-v2.cfg > -f /usr/local/share/openocd/scripts/target/stm32f1x.cfg -c "init; reset > halt; shutdown" > while pulling reset to ground then letting it go half way through the > command, if I do not do that I get ValueError('Status of core is not > halt.', 128) when trying to run sudo python2 ../tool/stlinkv2.py -u > > I have tried a lot of combinations but in the end all of them end up with > the FST01 having vid and pid set to 0000:0000. > > So, thnx in advance, > does anybody have any pointers? > > Lovro > > [1] > Bus 002 Device 096: ID 0000:0000 > Device Descriptor: > bLength 18 > bDescriptorType 1 > bcdUSB 2.00 > bDeviceClass 0 (Defined at Interface level) > bDeviceSubClass 0 > bDeviceProtocol 0 > bMaxPacketSize0 64 > idVendor 0x0000 > idProduct 0x0000 > bcdDevice 0.00 > iManufacturer 1 Free Software Initiative of Japan > iProduct 2 Gnuk Token > iSerial 3 FSIJ-1.2.9-87022328 > bNumConfigurations 1 > Configuration Descriptor: > bLength 9 > bDescriptorType 2 > wTotalLength 93 > bNumInterfaces 1 > bConfigurationValue 1 > iConfiguration 0 > bmAttributes 0x80 > (Bus Powered) > MaxPower 100mA > Interface Descriptor: > bLength 9 > bDescriptorType 4 > bInterfaceNumber 0 > bAlternateSetting 0 > bNumEndpoints 3 > bInterfaceClass 11 Chip/SmartCard > bInterfaceSubClass 0 > bInterfaceProtocol 0 > iInterface 0 > ChipCard Interface Descriptor: > bLength 54 > bDescriptorType 33 > bcdCCID 1.10 (Warning: Only accurate for version 1.0) > nMaxSlotIndex 0 > bVoltageSupport 1 5.0V > dwProtocols 2 T=1 > dwDefaultClock 4000 > dwMaxiumumClock 4000 > bNumClockSupported 0 > dwDataRate 9600 bps > dwMaxDataRate 9600 bps > bNumDataRatesSupp. 0 > dwMaxIFSD 254 > dwSyncProtocols 00000000 > dwMechanical 00000000 > dwFeatures 0002047A > Auto configuration based on ATR > Auto voltage selection > Auto clock change > Auto baud rate change > Auto parameter negotation made by CCID > Auto IFSD exchange > Short APDU level exchange > dwMaxCCIDMsgLen 271 > bClassGetResponse echo > bClassEnvelope FF > wlcdLayout none > bPINSupport 0 > bMaxCCIDBusySlots 1 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x81 EP 1 IN > bmAttributes 2 > Transfer Type Bulk > Synch Type None > Usage Type Data > wMaxPacketSize 0x0040 1x 64 bytes > bInterval 0 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x01 EP 1 OUT > bmAttributes 2 > Transfer Type Bulk > Synch Type None > Usage Type Data > wMaxPacketSize 0x0040 1x 64 bytes > bInterval 0 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x82 EP 2 IN > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0004 1x 4 bytes > bInterval 255 > Device Status: 0x0000 > (Bus Powered) > > [2] > Reader ...........: 0000:0000:FSIJ-1.2.9-87022328:0 > Application ID ...: D276000124010200FFFE870223280000 > Version ..........: 2.0 > Manufacturer .....: unmanaged S/N range > Serial number ....: 87022328 > Name of cardholder: [not set] > Language prefs ...: [not set] > Sex ..............: unspecified > URL of public key : [not set] > Login data .......: [not set] > Signature PIN ....: forced > Key attributes ...: rsa2048 rsa2048 rsa2048 > Max. PIN lengths .: 127 127 127 > PIN retry counter : 3 3 3 > Signature counter : 0 > Signature key ....: [none] > Encryption key....: [none] > Authentication key: [none] > General key info..: [none] > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From lovro at oreskovic.me Thu Apr 12 21:06:52 2018 From: lovro at oreskovic.me (=?UTF-8?B?TG92cm8gT3JlxaFrb3ZpxIc=?=) Date: Thu, 12 Apr 2018 21:06:52 +0200 Subject: I'm not able to set vid and pid In-Reply-To: References: Message-ID: Yeah, I after about a day of building it in a million different ways and following about a dozen different tutorials, I've finally read the README from start to finish, after I've sent the email to the list. Sorry about making noise on the mailing list with something the that basically has a RTFM answer. I would've answered to my self, but I guess the mail was waiting for approval or something, I was not seeing it. Your second question, that is the docker build, you will find the all target in the gnuk/docker/Makefile. Lovro On Thu, Apr 12, 2018 at 8:24 PM, Mike Tsao wrote: > You didn't say whether you read the prior couple messages to this group, > so apologies if you did and that's still not working. Did you? ( > https://lists.gnupg.org/pipermail/gnuk-users/2018-April/000026.html) > > By the way, I don't see a target called "all" in the makefile my system > generated at gnuk/src/Makefile. Why are you using a different method to > build from the one specified in the README file? > > On Thu, Apr 12, 2018 at 11:10 AM Lovro Ore?kovi? > wrote: > >> So let me start from the end >> >> I can see the FST01 with gnuk firmware on it with lsusb, you can see the >> verbose output at the end of the email [1]. >> The problem is the vid and pid are set to 0000:0000 >> >> I tried building the binary a couple of ways, but it is also the same >> when I use docker (versions of programs installed on my machine should not >> be a problem this way) >> I am using this command to build it: >> env GNUK_CONFIG="--target=FST_01 --vidpid=234b:0000" make all >> >> I can see the gnuk when I start gpg --card-status as root. [2] >> >> I am using stlinkv2 (chinese clone) (both with 2.17.4 and 2.30.7 >> firmware versions) >> >> Let me just add to unlock the rom I first need to run this command >> sudo openocd -f /usr/local/share/openocd/scripts/interface/stlink-v2.cfg >> -f /usr/local/share/openocd/scripts/target/stm32f1x.cfg -c "init; reset >> halt; shutdown" >> while pulling reset to ground then letting it go half way through the >> command, if I do not do that I get ValueError('Status of core is not >> halt.', 128) when trying to run sudo python2 ../tool/stlinkv2.py -u >> >> I have tried a lot of combinations but in the end all of them end up with >> the FST01 having vid and pid set to 0000:0000. >> >> So, thnx in advance, >> does anybody have any pointers? >> >> Lovro >> >> [1] >> Bus 002 Device 096: ID 0000:0000 >> Device Descriptor: >> bLength 18 >> bDescriptorType 1 >> bcdUSB 2.00 >> bDeviceClass 0 (Defined at Interface level) >> bDeviceSubClass 0 >> bDeviceProtocol 0 >> bMaxPacketSize0 64 >> idVendor 0x0000 >> idProduct 0x0000 >> bcdDevice 0.00 >> iManufacturer 1 Free Software Initiative of Japan >> iProduct 2 Gnuk Token >> iSerial 3 FSIJ-1.2.9-87022328 >> bNumConfigurations 1 >> Configuration Descriptor: >> bLength 9 >> bDescriptorType 2 >> wTotalLength 93 >> bNumInterfaces 1 >> bConfigurationValue 1 >> iConfiguration 0 >> bmAttributes 0x80 >> (Bus Powered) >> MaxPower 100mA >> Interface Descriptor: >> bLength 9 >> bDescriptorType 4 >> bInterfaceNumber 0 >> bAlternateSetting 0 >> bNumEndpoints 3 >> bInterfaceClass 11 Chip/SmartCard >> bInterfaceSubClass 0 >> bInterfaceProtocol 0 >> iInterface 0 >> ChipCard Interface Descriptor: >> bLength 54 >> bDescriptorType 33 >> bcdCCID 1.10 (Warning: Only accurate for version >> 1.0) >> nMaxSlotIndex 0 >> bVoltageSupport 1 5.0V >> dwProtocols 2 T=1 >> dwDefaultClock 4000 >> dwMaxiumumClock 4000 >> bNumClockSupported 0 >> dwDataRate 9600 bps >> dwMaxDataRate 9600 bps >> bNumDataRatesSupp. 0 >> dwMaxIFSD 254 >> dwSyncProtocols 00000000 >> dwMechanical 00000000 >> dwFeatures 0002047A >> Auto configuration based on ATR >> Auto voltage selection >> Auto clock change >> Auto baud rate change >> Auto parameter negotation made by CCID >> Auto IFSD exchange >> Short APDU level exchange >> dwMaxCCIDMsgLen 271 >> bClassGetResponse echo >> bClassEnvelope FF >> wlcdLayout none >> bPINSupport 0 >> bMaxCCIDBusySlots 1 >> Endpoint Descriptor: >> bLength 7 >> bDescriptorType 5 >> bEndpointAddress 0x81 EP 1 IN >> bmAttributes 2 >> Transfer Type Bulk >> Synch Type None >> Usage Type Data >> wMaxPacketSize 0x0040 1x 64 bytes >> bInterval 0 >> Endpoint Descriptor: >> bLength 7 >> bDescriptorType 5 >> bEndpointAddress 0x01 EP 1 OUT >> bmAttributes 2 >> Transfer Type Bulk >> Synch Type None >> Usage Type Data >> wMaxPacketSize 0x0040 1x 64 bytes >> bInterval 0 >> Endpoint Descriptor: >> bLength 7 >> bDescriptorType 5 >> bEndpointAddress 0x82 EP 2 IN >> bmAttributes 3 >> Transfer Type Interrupt >> Synch Type None >> Usage Type Data >> wMaxPacketSize 0x0004 1x 4 bytes >> bInterval 255 >> Device Status: 0x0000 >> (Bus Powered) >> >> [2] >> Reader ...........: 0000:0000:FSIJ-1.2.9-87022328:0 >> Application ID ...: D276000124010200FFFE870223280000 >> Version ..........: 2.0 >> Manufacturer .....: unmanaged S/N range >> Serial number ....: 87022328 >> Name of cardholder: [not set] >> Language prefs ...: [not set] >> Sex ..............: unspecified >> URL of public key : [not set] >> Login data .......: [not set] >> Signature PIN ....: forced >> Key attributes ...: rsa2048 rsa2048 rsa2048 >> Max. PIN lengths .: 127 127 127 >> PIN retry counter : 3 3 3 >> Signature counter : 0 >> Signature key ....: [none] >> Encryption key....: [none] >> Authentication key: [none] >> General key info..: [none] >> >> -- >> http://lovro.oreskovic.me >> >> _______________________________________________ >> Gnuk-users mailing list >> Gnuk-users at gnupg.org >> https://lists.gnupg.org/mailman/listinfo/gnuk-users > > -- http://lovro.oreskovic.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From peter at digitalbrains.com Thu Apr 12 21:24:55 2018 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 12 Apr 2018 21:24:55 +0200 Subject: OT: Answer to own message (was: I'm not able to set vid and pid) In-Reply-To: References: Message-ID: <49611dbe-4c83-9e9c-4765-8693882cd5ed@digitalbrains.com> On 12/04/18 21:06, Lovro Ore?kovi? wrote: > Sorry about making noise on the mailing list with something the that > basically has a RTFM answer. No problem, we all make mistakes. > I would've answered to my self, but I guess the mail was waiting for > approval or something, I was not seeing it. I'm not sure if I've ever done this on gnuk-users, but I certainly have on gnupg-users, and it works fine, so the Mailman at lists.gnupg.org works with this: If I need to reply to my own message, I simply reply to the copy in my Sent folder. Since my MUA generated the Message-ID of the message that will end up at all subscribers of the mailing list, and that Message-ID is also in my own copy in my Sent folder, it will thread correctly just like it would have if I'd replied to the copy I got back from the mailing list. That's how I think to understand it implementation-wise, but TL;DR: Simply reply to your own copy in your Sent folder and all will be fine. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: OpenPGP digital signature URL: From mike at sowbug.com Thu Apr 12 20:24:18 2018 From: mike at sowbug.com (Mike Tsao) Date: Thu, 12 Apr 2018 18:24:18 +0000 Subject: I'm not able to set vid and pid In-Reply-To: References: Message-ID: You didn't say whether you read the prior couple messages to this group, so apologies if you did and that's still not working. Did you? ( https://lists.gnupg.org/pipermail/gnuk-users/2018-April/000026.html) By the way, I don't see a target called "all" in the makefile my system generated at gnuk/src/Makefile. Why are you using a different method to build from the one specified in the README file? On Thu, Apr 12, 2018 at 11:10 AM Lovro Ore?kovi? wrote: > So let me start from the end > > I can see the FST01 with gnuk firmware on it with lsusb, you can see the > verbose output at the end of the email [1]. > The problem is the vid and pid are set to 0000:0000 > > I tried building the binary a couple of ways, but it is also the same when > I use docker (versions of programs installed on my machine should not be a > problem this way) > I am using this command to build it: > env GNUK_CONFIG="--target=FST_01 --vidpid=234b:0000" make all > > I can see the gnuk when I start gpg --card-status as root. [2] > > I am using stlinkv2 (chinese clone) (both with 2.17.4 and 2.30.7 > firmware versions) > > Let me just add to unlock the rom I first need to run this command > sudo openocd -f /usr/local/share/openocd/scripts/interface/stlink-v2.cfg > -f /usr/local/share/openocd/scripts/target/stm32f1x.cfg -c "init; reset > halt; shutdown" > while pulling reset to ground then letting it go half way through the > command, if I do not do that I get ValueError('Status of core is not > halt.', 128) when trying to run sudo python2 ../tool/stlinkv2.py -u > > I have tried a lot of combinations but in the end all of them end up with > the FST01 having vid and pid set to 0000:0000. > > So, thnx in advance, > does anybody have any pointers? > > Lovro > > [1] > Bus 002 Device 096: ID 0000:0000 > Device Descriptor: > bLength 18 > bDescriptorType 1 > bcdUSB 2.00 > bDeviceClass 0 (Defined at Interface level) > bDeviceSubClass 0 > bDeviceProtocol 0 > bMaxPacketSize0 64 > idVendor 0x0000 > idProduct 0x0000 > bcdDevice 0.00 > iManufacturer 1 Free Software Initiative of Japan > iProduct 2 Gnuk Token > iSerial 3 FSIJ-1.2.9-87022328 > bNumConfigurations 1 > Configuration Descriptor: > bLength 9 > bDescriptorType 2 > wTotalLength 93 > bNumInterfaces 1 > bConfigurationValue 1 > iConfiguration 0 > bmAttributes 0x80 > (Bus Powered) > MaxPower 100mA > Interface Descriptor: > bLength 9 > bDescriptorType 4 > bInterfaceNumber 0 > bAlternateSetting 0 > bNumEndpoints 3 > bInterfaceClass 11 Chip/SmartCard > bInterfaceSubClass 0 > bInterfaceProtocol 0 > iInterface 0 > ChipCard Interface Descriptor: > bLength 54 > bDescriptorType 33 > bcdCCID 1.10 (Warning: Only accurate for version 1.0) > nMaxSlotIndex 0 > bVoltageSupport 1 5.0V > dwProtocols 2 T=1 > dwDefaultClock 4000 > dwMaxiumumClock 4000 > bNumClockSupported 0 > dwDataRate 9600 bps > dwMaxDataRate 9600 bps > bNumDataRatesSupp. 0 > dwMaxIFSD 254 > dwSyncProtocols 00000000 > dwMechanical 00000000 > dwFeatures 0002047A > Auto configuration based on ATR > Auto voltage selection > Auto clock change > Auto baud rate change > Auto parameter negotation made by CCID > Auto IFSD exchange > Short APDU level exchange > dwMaxCCIDMsgLen 271 > bClassGetResponse echo > bClassEnvelope FF > wlcdLayout none > bPINSupport 0 > bMaxCCIDBusySlots 1 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x81 EP 1 IN > bmAttributes 2 > Transfer Type Bulk > Synch Type None > Usage Type Data > wMaxPacketSize 0x0040 1x 64 bytes > bInterval 0 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x01 EP 1 OUT > bmAttributes 2 > Transfer Type Bulk > Synch Type None > Usage Type Data > wMaxPacketSize 0x0040 1x 64 bytes > bInterval 0 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x82 EP 2 IN > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0004 1x 4 bytes > bInterval 255 > Device Status: 0x0000 > (Bus Powered) > > [2] > Reader ...........: 0000:0000:FSIJ-1.2.9-87022328:0 > Application ID ...: D276000124010200FFFE870223280000 > Version ..........: 2.0 > Manufacturer .....: unmanaged S/N range > Serial number ....: 87022328 > Name of cardholder: [not set] > Language prefs ...: [not set] > Sex ..............: unspecified > URL of public key : [not set] > Login data .......: [not set] > Signature PIN ....: forced > Key attributes ...: rsa2048 rsa2048 rsa2048 > Max. PIN lengths .: 127 127 127 > PIN retry counter : 3 3 3 > Signature counter : 0 > Signature key ....: [none] > Encryption key....: [none] > Authentication key: [none] > General key info..: [none] > > -- > http://lovro.oreskovic.me > > _______________________________________________ > Gnuk-users mailing list > Gnuk-users at gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnuk-users -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike at sowbug.com Thu Apr 12 23:03:47 2018 From: mike at sowbug.com (Mike Tsao) Date: Thu, 12 Apr 2018 21:03:47 +0000 Subject: I'm not able to set vid and pid In-Reply-To: References: Message-ID: Sending an email like that is magic. It always seems to cause you to discover the solution on your own five minutes later. The same thing has happened to all of us (including me). On Thu, Apr 12, 2018, 12:07 PM Lovro Ore?kovi? wrote: > Yeah, > I after about a day of building it in a million different ways and > following about a dozen different tutorials, I've finally read the README > from start to finish, after I've sent the email to the list. Sorry about > making noise on the mailing list with something the that basically has a > RTFM answer. > I would've answered to my self, but I guess the mail was waiting for > approval or something, I was not seeing it. > > Your second question, that is the docker build, you will find the all > target in the gnuk/docker/Makefile. > > Lovro > > > On Thu, Apr 12, 2018 at 8:24 PM, Mike Tsao wrote: > >> You didn't say whether you read the prior couple messages to this group, >> so apologies if you did and that's still not working. Did you? ( >> https://lists.gnupg.org/pipermail/gnuk-users/2018-April/000026.html) >> >> By the way, I don't see a target called "all" in the makefile my system >> generated at gnuk/src/Makefile. Why are you using a different method to >> build from the one specified in the README file? >> >> On Thu, Apr 12, 2018 at 11:10 AM Lovro Ore?kovi? >> wrote: >> >>> So let me start from the end >>> >>> I can see the FST01 with gnuk firmware on it with lsusb, you can see the >>> verbose output at the end of the email [1]. >>> The problem is the vid and pid are set to 0000:0000 >>> >>> I tried building the binary a couple of ways, but it is also the same >>> when I use docker (versions of programs installed on my machine should not >>> be a problem this way) >>> I am using this command to build it: >>> env GNUK_CONFIG="--target=FST_01 --vidpid=234b:0000" make all >>> >>> I can see the gnuk when I start gpg --card-status as root. [2] >>> >>> I am using stlinkv2 (chinese clone) (both with 2.17.4 and 2.30.7 >>> firmware versions) >>> >>> Let me just add to unlock the rom I first need to run this command >>> sudo openocd -f >>> /usr/local/share/openocd/scripts/interface/stlink-v2.cfg -f >>> /usr/local/share/openocd/scripts/target/stm32f1x.cfg -c "init; reset halt; >>> shutdown" >>> while pulling reset to ground then letting it go half way through the >>> command, if I do not do that I get ValueError('Status of core is not >>> halt.', 128) when trying to run sudo python2 ../tool/stlinkv2.py -u >>> >>> I have tried a lot of combinations but in the end all of them end up >>> with the FST01 having vid and pid set to 0000:0000. >>> >>> So, thnx in advance, >>> does anybody have any pointers? >>> >>> Lovro >>> >>> [1] >>> Bus 002 Device 096: ID 0000:0000 >>> Device Descriptor: >>> bLength 18 >>> bDescriptorType 1 >>> bcdUSB 2.00 >>> bDeviceClass 0 (Defined at Interface level) >>> bDeviceSubClass 0 >>> bDeviceProtocol 0 >>> bMaxPacketSize0 64 >>> idVendor 0x0000 >>> idProduct 0x0000 >>> bcdDevice 0.00 >>> iManufacturer 1 Free Software Initiative of Japan >>> iProduct 2 Gnuk Token >>> iSerial 3 FSIJ-1.2.9-87022328 >>> bNumConfigurations 1 >>> Configuration Descriptor: >>> bLength 9 >>> bDescriptorType 2 >>> wTotalLength 93 >>> bNumInterfaces 1 >>> bConfigurationValue 1 >>> iConfiguration 0 >>> bmAttributes 0x80 >>> (Bus Powered) >>> MaxPower 100mA >>> Interface Descriptor: >>> bLength 9 >>> bDescriptorType 4 >>> bInterfaceNumber 0 >>> bAlternateSetting 0 >>> bNumEndpoints 3 >>> bInterfaceClass 11 Chip/SmartCard >>> bInterfaceSubClass 0 >>> bInterfaceProtocol 0 >>> iInterface 0 >>> ChipCard Interface Descriptor: >>> bLength 54 >>> bDescriptorType 33 >>> bcdCCID 1.10 (Warning: Only accurate for version >>> 1.0) >>> nMaxSlotIndex 0 >>> bVoltageSupport 1 5.0V >>> dwProtocols 2 T=1 >>> dwDefaultClock 4000 >>> dwMaxiumumClock 4000 >>> bNumClockSupported 0 >>> dwDataRate 9600 bps >>> dwMaxDataRate 9600 bps >>> bNumDataRatesSupp. 0 >>> dwMaxIFSD 254 >>> dwSyncProtocols 00000000 >>> dwMechanical 00000000 >>> dwFeatures 0002047A >>> Auto configuration based on ATR >>> Auto voltage selection >>> Auto clock change >>> Auto baud rate change >>> Auto parameter negotation made by CCID >>> Auto IFSD exchange >>> Short APDU level exchange >>> dwMaxCCIDMsgLen 271 >>> bClassGetResponse echo >>> bClassEnvelope FF >>> wlcdLayout none >>> bPINSupport 0 >>> bMaxCCIDBusySlots 1 >>> Endpoint Descriptor: >>> bLength 7 >>> bDescriptorType 5 >>> bEndpointAddress 0x81 EP 1 IN >>> bmAttributes 2 >>> Transfer Type Bulk >>> Synch Type None >>> Usage Type Data >>> wMaxPacketSize 0x0040 1x 64 bytes >>> bInterval 0 >>> Endpoint Descriptor: >>> bLength 7 >>> bDescriptorType 5 >>> bEndpointAddress 0x01 EP 1 OUT >>> bmAttributes 2 >>> Transfer Type Bulk >>> Synch Type None >>> Usage Type Data >>> wMaxPacketSize 0x0040 1x 64 bytes >>> bInterval 0 >>> Endpoint Descriptor: >>> bLength 7 >>> bDescriptorType 5 >>> bEndpointAddress 0x82 EP 2 IN >>> bmAttributes 3 >>> Transfer Type Interrupt >>> Synch Type None >>> Usage Type Data >>> wMaxPacketSize 0x0004 1x 4 bytes >>> bInterval 255 >>> Device Status: 0x0000 >>> (Bus Powered) >>> >>> [2] >>> Reader ...........: 0000:0000:FSIJ-1.2.9-87022328:0 >>> Application ID ...: D276000124010200FFFE870223280000 >>> Version ..........: 2.0 >>> Manufacturer .....: unmanaged S/N range >>> Serial number ....: 87022328 >>> Name of cardholder: [not set] >>> Language prefs ...: [not set] >>> Sex ..............: unspecified >>> URL of public key : [not set] >>> Login data .......: [not set] >>> Signature PIN ....: forced >>> Key attributes ...: rsa2048 rsa2048 rsa2048 >>> Max. PIN lengths .: 127 127 127 >>> PIN retry counter : 3 3 3 >>> Signature counter : 0 >>> Signature key ....: [none] >>> Encryption key....: [none] >>> Authentication key: [none] >>> General key info..: [none] >>> >>> -- >>> http://lovro.oreskovic.me >>> >>> _______________________________________________ >>> Gnuk-users mailing list >>> Gnuk-users at gnupg.org >>> https://lists.gnupg.org/mailman/listinfo/gnuk-users >> >> > > > -- > http://lovro.oreskovic.me > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gniibe at fsij.org Fri Apr 13 07:12:21 2018 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 13 Apr 2018 14:12:21 +0900 Subject: Setting the Gnuk serial In-Reply-To: <20180410113625.56b83ee3@faultier2go> References: <20180410113625.56b83ee3@faultier2go> Message-ID: <87zi27ell6.fsf@iwagami.gniibe.org> Marian Buschsieweke wrote: > sadly I'm unable to set the serial of my Gnuk device. Any pointers what went > wrong? It is only possible to set once. Even factory-reset can't reset it. Is it your case? While I implemented, I think that it is questionable feature. I only use it for my old key. I just use (a kind of) ephemeral serial number for other key. -- From marian.buschsieweke at ovgu.de Fri Apr 13 09:34:59 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Fri, 13 Apr 2018 09:34:59 +0200 Subject: Setting the Gnuk serial In-Reply-To: <87zi27ell6.fsf@iwagami.gniibe.org> References: <20180410113625.56b83ee3@faultier2go> <87zi27ell6.fsf@iwagami.gniibe.org> Message-ID: <20180413093435.34f3632f@faultier2go> Hi, I have not set the serial before, but I did deploy my keys and personal information before I tried to set the serial. I want to deploy a second Gnuk device at work in a secure location in case a forget to bring my primary one. Because both devices have different serials, I have to replace the key references in GnuPG when I use the secondary device. It's not much work, but it would be cool that I could use either of the devices out of the box. I believe it is not possible to tell GnuPG that the same key material is deployed on to different devices, so using the same serial seemed like a work around for me. Kind regards, Marian PS: I also checked to change the serial for a third device which I have not used so far. Unless setting the serial is only allowed on the very first boot of the device right after flashing the firmware, I have exactly the same issue there. On Fri, 13 Apr 2018 14:12:21 +0900 NIIBE Yutaka wrote: > Marian Buschsieweke wrote: > > sadly I'm unable to set the serial of my Gnuk device. Any pointers what went > > wrong? > > It is only possible to set once. Even factory-reset can't reset it. > Is it your case? > > While I implemented, I think that it is questionable feature. I only > use it for my old key. I just use (a kind of) ephemeral serial number > for other key. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Fri Apr 13 12:44:15 2018 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 13 Apr 2018 19:44:15 +0900 Subject: Setting the Gnuk serial In-Reply-To: <20180413093435.34f3632f@faultier2go> References: <20180410113625.56b83ee3@faultier2go> <87zi27ell6.fsf@iwagami.gniibe.org> <20180413093435.34f3632f@faultier2go> Message-ID: <87k1tbwfls.fsf@fsij.org> Marian Buschsieweke wrote: > Because both devices have different serials, I have to replace the key > references in GnuPG when I use the secondary device. It's not much work, but it > would be cool that I could use either of the devices out of the box. I see. That's valid use case. Do you have your own entry in gnuk/GNUK_SERIAL_NUMBER? The data should be six bytes long. -- From marian.buschsieweke at ovgu.de Fri Apr 13 13:44:34 2018 From: marian.buschsieweke at ovgu.de (Marian Buschsieweke) Date: Fri, 13 Apr 2018 13:44:34 +0200 Subject: Setting the Gnuk serial In-Reply-To: <87k1tbwfls.fsf@fsij.org> References: <20180410113625.56b83ee3@faultier2go> <87zi27ell6.fsf@iwagami.gniibe.org> <20180413093435.34f3632f@faultier2go> <87k1tbwfls.fsf@fsij.org> Message-ID: <20180413133802.7545c965@faultier2go> Hi, > The data should be six bytes long. that was the problem. Seems like counting to six is not one of my talents :-( Thanks for your help! Kind regards, Marian On Fri, 13 Apr 2018 19:44:15 +0900 NIIBE Yutaka wrote: > Marian Buschsieweke wrote: > > Because both devices have different serials, I have to replace the key > > references in GnuPG when I use the secondary device. It's not much work, but it > > would be cool that I could use either of the devices out of the box. > > I see. That's valid use case. > > Do you have your own entry in gnuk/GNUK_SERIAL_NUMBER? The data should > be six bytes long. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From lovro at oreskovic.me Wed Apr 18 16:53:53 2018 From: lovro at oreskovic.me (=?UTF-8?B?TG92cm8gT3JlxaFrb3ZpxIc=?=) Date: Wed, 18 Apr 2018 16:53:53 +0200 Subject: Docker build Message-ID: Hi everybody, So I had some problems building the gnuk code about a week ago, but that sorted itself about about the moment I clicked send on the email I've sent to the list :-) Anyways, I said I should probably write a blog post about it, so that it can help someone else if they have the same problem. I wanted to explain how to do it with docker files supplied in the repo. So I was writing the post and was trying it in parallel to make sure it works. And I've found there is a problem if you try to start the docker build but the configure command was not run before it will break. It is happening because it si trying to run make clean before running configure. I've attached two patches, one for the problem mentioned above and I've added a build option to the docker makefile so you can execute " make build/gnuk-vidpid.elf " inside the docker build. I've also requested a merge request for the same changes on the salsa debian gitlab. How are contributions usually submitted? Lovro -- http://lovro.oreskovic.me -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: docker_build_fix.patch Type: text/x-patch Size: 462 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: docker_vid-pid_generation.patch Type: text/x-patch Size: 654 bytes Desc: not available URL: