gary at mups.co.uk
Tue Apr 30 20:45:53 CEST 2019
On 30/04/2019 16:45, Markus Reichelt wrote:
> today I found out about Gnuk Extractor:
> Quoting the site: "This tool can extract the PGP secret keys from the
> dumped firmware of a Gnuk token. It was tested on a Nitrokey Start
> and on a Gnuk Token made from a $2 ST-LINK/V2 clone."
This relies on your flash not being locked after uploading firmware/keys.
If you lock the device using "stm32flx lock 0" via an openocd telnet
session, this should no longer be possible. Alternatively see the "Lock
flash ROM" section of
More information about the Gnuk-users