Changing the default Pin Retry number
Szczepan Zalega | Nitrokey
szczepan at nitrokey.com
Mon Mar 8 18:15:30 CET 2021
On 3/6/21 10:35 PM, Louis-Philippe Véronneau wrote:
> I've setup a Nitro Start and I was wondering if there is a way to change
> the default Pin Retry number? 3 is a little low for me and I'd prefer to
> use 5.
>
> I've found this, but it seems to be Yubikey specific, as it doesn't work
> for my token:
>
> https://developers.yubico.com/ykneo-openpgp/PinRetries.html
>
Hi!
Nitrokey Start / GNUK does not offer such feature unfortunately. You can
however rebuild the firmware with the changed constant named
PASSWORD_ERRORS_MAX [1][2]. Maximum value should fit into 1 byte (less
than 256).
At [5] you should find the build script for development, and [6] used
for the release.
Procedure like mentioned in the linked docs could be realized by adding
a custom command, like the INS_SET_IDENTITY - see [3][4].
Best regards,
Szczepan
[1] src/openpgp-do.c:44
[2]
https://github.com/Nitrokey/nitrokey-start-firmware/blob/gnuk1.2-regnual-fix/src/openpgp-do.c#L44
[3]
https://github.com/Nitrokey/nitrokey-start-firmware/blob/gnuk1.2-regnual-fix/src/openpgp.c#L1547
[4]
https://github.com/Nitrokey/nitrokey-start-firmware/blob/gnuk1.2-regnual-fix/src/openpgp.c#L914
[5]
https://github.com/Nitrokey/nitrokey-start-firmware/blob/gnuk1.2-regnual-fix/docker/Makefile
[6]
https://github.com/Nitrokey/nitrokey-start-firmware/blob/gnuk1.2-regnual-fix/prebuilt/build_all.sh
--
Szczepan Zalega
Senior Software Developer
Nitrokey GmbH
https://www.nitrokey.com
Email: szczepan at nitrokey.com
Nickname: szszszsz
Rheinstr. 10 C, 14513 Teltow, Germany
CEO / Geschäftsführer: Jan Suhr
Register: AG Potsdam, HRB 32882 P
VAT ID / USt-IdNr.: DE300136599
More information about the Gnuk-users
mailing list