[chopstx] Add support for Blue Pill Plus board

Alexandre Esse alexandre.esse.dev at gmail.com
Thu Mar 13 19:52:45 CET 2025 

Hello Frédéric,

Great, I didn't see you already did some integration developments on this
board, I just joined the mailing list and didn't look extensively into the
history. For now I only pushed the chopstx part but indeed, gnuk itself
should also be updated.

I also have the STM32F103CBT6 version of the board. (marked as v1.1 on the
PCB: not sure what it means: I opened an Issue on github and send an email
to WeAct support to get some info:
https://github.com/WeActStudio/BluePill-Plus/issues/19)

I have been testing both on the 1.2.20 branch and 2.2. But I guess I will
stay on v2.2 for the rest of my tests.

Here are the remaining tweaks I did on v2.2 (
de9652726b1ce52b21e939c6989dda0268b5c640) of gnuk to make it work:

diff --git a/src/configure b/src/configure
index 1188a72..4ff7d1a 100755
--- a/src/configure
+++ b/src/configure
@@ -130,6 +130,7 @@ Configuration:
                           ST_NUCLEO_F103
                           NITROKEY_START
                           BLUE_PILL
+                          BLUE_PILL_PLUS
                           STM8S_DISCOVERY
                           CQ_STARM
                           STM32_PRIMER2
@@ -164,7 +165,7 @@ MEMORY_SIZE=20

 # Settings for TARGET
 case $target in
-BLUE_PILL|STM8S_DISCOVERY)
+BLUE_PILL|BLUE_PILL_PLUS|STM8S_DISCOVERY)
   # It's 64KB version of STM32F103, but actually has 128KB
   flash_override="-DSTM32F103_OVERRIDE_FLASH_SIZE_KB=128"
   ;;

I haven't been testing "on-the-token" key generation. I only transferred to
it from a host PC. I always had KDF-DO activated.

The main issue I get is when I try to "reset" the token, it simply doesn't
work but I haven't been investigating it.

Also some PIN management's actions seem shaky (but there is a possibility
that this is due to my lack of experience on gnuk tokens too).

So for now, I tested the key with this kind of secret keys I get with 'gpg
--list-secret-keys':

sec>  ed25519 2025-03-13 [SC]
      XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      Card serial no. = FFFF 00000000
uid           [ultimate] Tmp Tmp <tmp at tmp.tmp>
ssb>  cv25519 2025-03-13 [E]
ssb>  ed25519 2025-03-13 [A]

I managed to sign, decrypt data and authenticate through ssh sessions with
it.

PB2 as LED is working and PA0 as ACK button is also working fine, I haven't
seen any issue for these use-case in a week.

Regards,
Alexandre



On Fri, 7 Mar 2025 at 10:00, Frédéric SUEL <frederic.suel at free.fr> wrote:

> Ref : Post on the gnuk list : Frédéric SUEL frederic.suel at free.fr Mon
> Feb 17 11:13:25 CET 2025
>
> Hi,
>
> Thank you for your interest for this board.
>
> When i asked help about this board, i proposed a file
> board-blue-pill-plus-cb.h because this board exist with 4 arm processor and
> two riscv processors. I indicated cd because there is STM32F103C8T6 (64k)
> and CBT6 (128k). To take care of 64K version, you have to add code in
> /gnuk/src/.configure. (see my post)
>
> For my blue-pilll-board stm32F103CB, i have #define BOARD_ID    0x1ba01477 (see
> my post). Perhaps your board is a STM32F103C6T6 board, i don't know why IDs
> are different
>
> For instance, i doesn't take care of ackbutton because there is a
> supplementary problem as PA0 is used for it's ADC and for entropy
> generation. I think you have to modify
> /gnuk/chopstx/contrib/adc-stm32ff103.c but i doesn't know how.
>
> ----
>
> So i just created  /gnuk/board/board-blue-pill-plus-cb.h, modified
> /gnuk/src/.configure to add definition of BLUE-PILL-PLLUS-CB and chopstx/mcu/sys-stm31f103.h
> for my first tests and doesn't take care of ackbutton on PA0
>
> I get :
>
> -- works fine with curve25519 : generation on the board and import on the
> board.
>
> -- impossibility to generate secp256k1 on the board even with KDF-DO
> activate as Niibe suggested (msg : used conditions not satisfied)
>
> -- impossibility to generate X448 on the board even with Niibe patch (msg
> : board error)
>
> -- impossibility to import X448 on the board. It seems to work but only
> encrypt key is on the board and works. The other keys are marked as # .  I
> get with gpg --list-secret-keys
>
> sec#  ed448/0xAA988F88C70C3DEE 2025-02-23 [SC] [expire : 2075-02-11]
>
> Empreinte de la clef = AA988 F88C7 0C3DE E74BE DFF48 D127D 4BA4E CAEB3
> 685B3 575E7
>
> uid                  [  ultime ] tmp
>
> ssb>  cv448/0x406CC6562774BC84 2025-02-23 [E] [expire : 2075-02-11]
>
> ssb#  ed448/0x02BB1F8E7A2B268A 2025-02-23 [A] [expire : 2075-02-11]
>
> ----
>
> Can you precise what's work with your board ?
>
> Best regards
>
>
>
> Le 06/03/2025 à 23:47, Alexandre Esse a écrit :
>
> Hello,
>
> Here is a short message to notify the mailing list that I proposed a merge
> request on chopstx:
> https://salsa.debian.org/gnuk-team/chopstx/chopstx/-/merge_requests/1
>
> This is the first step to add gnuk support for Blue Pill Plus boards
> <https://github.com/WeActStudio/BluePill-Plus/>.
>
> Not sure if this is the way to contribute: looking forward to your
> feedback.
>
> Regards,
> Alexandre
>
> _______________________________________________
> Gnuk-users mailing listGnuk-users at gnupg.orghttps://lists.gnupg.org/mailman/listinfo/gnuk-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnuk-users/attachments/20250313/cb05594e/attachment.html>

More information about the Gnuk-users mailing list