[chopstx] Add support for Blue Pill Plus board
Frédéric SUEL
frederic.suel at free.fr
Fri Mar 14 18:53:49 CET 2025
Hi Alexandre,
Thank you for your explanation. I haven't understood that board id was
just a hash of the name give to the board in board.h !
For Blue Pill Plus board, i have just begin to adapt gnuk for CBT6
board. But i can give you some information about the different boards.
* RISCV Board (CH32V) :
https://github.com/WeActStudio/WeActStudio.BluePill-Plus-CH32
Available here : https://fr.aliexpress.com/item/1005001474741936.html
Processors characteristics here :
https://www.wch.cn/products/productsCenter/mcuInterface?categoryId=70
* ARM boards
** APM32F103CBT6 :
https://github.com/WeActStudio/WeActStudio.BluePill-Plus-APM32/
** GD32F103CBT6 :
https://github.com/WeActStudio/WeActStudio.BluePill-Plus-GD32/
** CH32F103C8T6 : https://github.com/WeActStudio/BluePill-Plus/
Available here : https://fr.aliexpress.com/item/1005001474741936.html
**STM32F103C8T6 and CBT6 :
https://github.com/WeActStudio/BluePill-Plus/
Available here : https://fr.aliexpress.com/item/1005006110046576.html
Regards
Frédéric
Le 14/03/2025 à 18:10, Alexandre Esse a écrit :
> Thank you for the merge!
>
> Also, thank you for these information Frédéric: Following your
> comments, we can agree that my contribution should be updated to take
> into account the different variants of the "BP+": C6T6, CBT6 ... ?
>
> Is there somewhere in documentation we can keep track of the available
> and tested features of each board/token ?
>
> In order to generate the board ID, i run this command:
> ```
> $ echo -n "Blue Pill Plus" | shasum -a 256 | sed -e 's/^.*\(........\)
> -$/\1/'
> ```
> Which gave me: 0x49403d56
>
> I will try to get into key generation and neug next and keep you up to
> date if I get anything relevant.
>
> Regards,
> Alexandre
>
> On Fri, 14 Mar 2025 at 17:42, Frédéric SUEL <frederic.suel at free.fr> wrote:
>
> Hello,
>
> A lot of thanks for your work.
>
> See my observations /infra/. I hope it can help you.
>
> Best regards
>
> Le 13/03/2025 à 19:52, Alexandre Esse a écrit :
>> Hello Frédéric,
>>
>> Great, I didn't see you already did some integration developments
>> on this board, I just joined the mailing list and didn't look
>> extensively into the history. For now I only pushed the chopstx
>> part but indeed, gnuk itself should also be updated.
>>
>> I also have the STM32F103CBT6 version of the board. (marked as
>> v1.1 on the PCB: not sure what it means: I opened an Issue on
>> github and send an email to WeAct support to get some info:
>> https://github.com/WeActStudio/BluePill-Plus/issues/19)
> You can find the difference between V1.0 et V1.1 here :
> https://github.com/WeActStudio/WeActStudio.BluePill-Plus-CH32/tree/master/HDK
> It's for CH32 processor but the design of the boards are all the same.
>>
>> I have been testing both on the 1.2.20 branch and 2.2. But I
>> guess I will stay on v2.2 for the rest of my tests.
>>
>> Here are the remaining tweaks I did on v2.2
>> (de9652726b1ce52b21e939c6989dda0268b5c640)of gnuk to make it work:
>>
>> diff --git a/src/configure b/src/configure
>> index 1188a72..4ff7d1a 100755
>> --- a/src/configure
>> +++ b/src/configure
>> @@ -130,6 +130,7 @@ Configuration:
>> ST_NUCLEO_F103
>> NITROKEY_START
>> BLUE_PILL
>> + BLUE_PILL_PLUS
>> STM8S_DISCOVERY
>> CQ_STARM
>> STM32_PRIMER2
>> @@ -164,7 +165,7 @@ MEMORY_SIZE=20
>>
>> # Settings for TARGET
>> case $target in
>> -BLUE_PILL|STM8S_DISCOVERY)
>> +BLUE_PILL|BLUE_PILL_PLUS|STM8S_DISCOVERY)
>> # It's 64KB version of STM32F103, but actually has 128KB
>> flash_override="-DSTM32F103_OVERRIDE_FLASH_SIZE_KB=128"
>> ;;
>>
> There is STM32F103C6T6 (64K) and CBT6 (128K), so i think your add
> relative to : # setting to target, is not necessary for CBT6
> processor which have 128K memory. That's why i suggested to have
> multiple definition board to take care of different processor (arm
> and riscv) and different amount of memory
>> I haven't been testing "on-the-token" key generation. I only
>> transferred to it from a host PC. I always had KDF-DO activated.
>> The main issue I get is when I try to "reset" the token, it
>> simply doesn't work but I haven't been investigating it.
>> Also some PIN management's actions seem shaky (but there is a
>> possibility that this is due to my lack of experience on gnuk
>> tokens too).
>> So for now, I tested the key with this kind of secret keys I get
>> with 'gpg --list-secret-keys':
>> sec> ed25519 2025-03-13 [SC]
>> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>> Card serial no. = FFFF 00000000
>> uid [ultimate] Tmp Tmp <tmp at tmp.tmp> <mailto:tmp at tmp.tmp>
>> ssb> cv25519 2025-03-13 [E]
>> ssb> ed25519 2025-03-13 [A]
>> I managed to sign, decrypt data and authenticate through ssh
>> sessions with it.
>> PB2 as LED is working and PA0 as ACK button is also working fine,
>> I haven't seen any issue for these use-case in a week.
>
> About ack button, it is on PA0 and PA0 is used for it's ADC
> function and entropy generation, so i think you have to modifiy
> /gnuk/chopstx/contrib/adc-stm32ff103.c in order to use an other
> pin for ADC than PA0
>
> Entropy generation graph is explain on Niibe site here :
> https://www.gniibe.org/memo/development/gnuk/rng/neug.html
>
> You can see that PA0 and PA1 are used for their ADC. It's also
> indicate for example in board-fst-01-00.h file
>
> * PA0 - input with pull-up. AN0
> * PA1 - input with pull-up. AN1
>
> For Blue-Pill-Plus, button is connect to 3.3V
> (https://github.com/WeActStudio/BluePill-Plus/blob/master/HDK/BluePillPlus_V10_SchDoc.pdf)
> so i think you configure PA0 as input pull-down. I think all this
> change can interfere with good entropy generation. I see different
> cases of board in /gnuk/chopstx/contrib/adc-stm32ff103.c which
> seem to use different ADC pins but i don't really understand how.
> It's for that, i didn't take care of ackbutton to day.
>
> ---------------------------------------------------------------
>
> In your board file, you indicate id board : 0x49403d56. In mine, i
> indicate 0x1ba01477. I get this id with stlink program as core id.
> Can your tell me how you get your board id ?
>
> Frédéric SUEL
>
>>
>> Regards,
>> Alexandre
>>
>>
>>
>> On Fri, 7 Mar 2025 at 10:00, Frédéric SUEL
>> <frederic.suel at free.fr> wrote:
>>
>> Ref : Post on the gnuk list : Frédéric SUEL frederic.suel at
>> free.fr <http://free.fr> Mon Feb 17 11:13:25 CET 2025
>>
>> Hi,
>>
>> Thank you for your interest for this board.
>>
>> When i asked help about this board, i proposed a file
>> board-blue-pill-plus-cb.h because this board exist with 4 arm
>> processor and two riscv processors. I indicated cd because
>> there is STM32F103C8T6 (64k) and CBT6 (128k). To take care
>> of 64K version, you have to add code in /gnuk/src/.configure.
>> (see my post)
>>
>> For my blue-pilll-board stm32F103CB, i have #define BOARD_ID
>> 0x1ba01477 (see my post). Perhaps your board is a
>> STM32F103C6T6 board, i don't know why IDs are different
>>
>> For instance, i doesn't take care of ackbutton because there
>> is a supplementary problem as PA0 is used for it's ADC and
>> for entropy generation. I think you have to modify
>> /gnuk/chopstx/contrib/adc-stm32ff103.c but i doesn't know how.
>>
>> ----
>>
>> So i just created /gnuk/board/board-blue-pill-plus-cb.h,
>> modified /gnuk/src/.configure to add definition of
>> BLUE-PILL-PLLUS-CB and/**/chopstx/mcu/sys-stm31f103.h for my
>> first tests and doesn't take care of ackbutton on PA0
>>
>> I get :
>>
>> -- works fine with curve25519 : generation on the board and
>> import on the board.
>>
>> -- impossibility to generate secp256k1 on the board even with
>> KDF-DO activate as Niibe suggested (msg : used conditions not
>> satisfied)
>>
>> -- impossibility to generate X448 on the board even with
>> Niibe patch (msg : board error)
>>
>> -- impossibility to import X448 on the board. It seems to
>> work but only encrypt key is on the board and works. The
>> other keys are marked as # . I get with gpg --list-secret-keys
>>
>> sec# ed448/0xAA988F88C70C3DEE 2025-02-23 [SC] [expire :
>> 2075-02-11]
>>
>> Empreinte de la clef = AA988 F88C7 0C3DE E74BE DFF48 D127D
>> 4BA4E CAEB3 685B3 575E7
>>
>> uid [ ultime ] tmp
>>
>> ssb> cv448/0x406CC6562774BC84 2025-02-23 [E] [expire :
>> 2075-02-11]
>>
>> ssb# ed448/0x02BB1F8E7A2B268A 2025-02-23 [A] [expire :
>> 2075-02-11]
>>
>> ----
>>
>> Can you precise what's work with your board ?
>>
>> Best regards
>>
>>
>>
>> Le 06/03/2025 à 23:47, Alexandre Esse a écrit :
>>> Hello,
>>>
>>> Here is a short message to notify the mailing list that I
>>> proposed a merge request on chopstx:
>>> https://salsa.debian.org/gnuk-team/chopstx/chopstx/-/merge_requests/1
>>>
>>> This is the first step to add gnuk support for Blue Pill
>>> Plus boards <https://github.com/WeActStudio/BluePill-Plus/>.
>>>
>>> Not sure if this is the way to contribute: looking forward
>>> to your feedback.
>>>
>>> Regards,
>>> Alexandre
>>>
>>> _______________________________________________
>>> Gnuk-users mailing list
>>> Gnuk-users at gnupg.org
>>> https://lists.gnupg.org/mailman/listinfo/gnuk-users
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnuk-users/attachments/20250314/c4526c7a/attachment.html>
More information about the Gnuk-users
mailing list