<div dir="ltr"><div>Hello Frédéric,</div><div><br></div><div>Great, I didn't see you already did some integration developments on this board, I just joined the mailing list and didn't look extensively into the history. For now I only pushed the chopstx part but indeed, gnuk itself should also be updated.</div><div><br></div><div>I also have the <font face="Noto Serif">STM32F103CBT6 version of the board. (marked as v1.1 on the PCB: not sure what it means: I opened an Issue on github and send an email to WeAct support to get some info: </font><a href="https://github.com/WeActStudio/BluePill-Plus/issues/19" target="_blank">https://github.com/WeActStudio/BluePill-Plus/issues/19</a><font face="Noto Serif">)</font></div><div><font face="Noto Serif"><br></font></div><div><font face="Noto Serif">I have been testing both on the 1.2.20 branch and 2.2. But I guess I will stay on v2.2 for the rest of my tests.</font></div><div><font face="Noto Serif"><br></font></div><div><font face="Noto Serif">Here are the remaining tweaks I did on v2.2 (</font>de9652726b1ce52b21e939c6989dda0268b5c640)<font face="Noto Serif"> of gnuk to make it work:</font></div><div><font face="Noto Serif"><br></font></div><div>diff --git a/src/configure b/src/configure<br>index 1188a72..4ff7d1a 100755<br>--- a/src/configure<br>+++ b/src/configure<br>@@ -130,6 +130,7 @@ Configuration:<br> ST_NUCLEO_F103<br> NITROKEY_START<br> BLUE_PILL<br>+ BLUE_PILL_PLUS<br> STM8S_DISCOVERY<br> CQ_STARM<br> STM32_PRIMER2<br>@@ -164,7 +165,7 @@ MEMORY_SIZE=20<br> <br> # Settings for TARGET<br> case $target in<br>-BLUE_PILL|STM8S_DISCOVERY)<br>+BLUE_PILL|BLUE_PILL_PLUS|STM8S_DISCOVERY)<br> # It's 64KB version of STM32F103, but actually has 128KB<br> flash_override="-DSTM32F103_OVERRIDE_FLASH_SIZE_KB=128"<br> ;;<br></div><div><br></div><div>I haven't been testing "on-the-token" key generation. I only transferred to it from a host PC. I always had <span style="white-space:pre-wrap">KDF-DO activated.</span></div><div><span style="white-space:pre-wrap"><br></span></div><div><span style="white-space:pre-wrap">The main issue I get is when I try to "reset" the token, it simply doesn't work but I haven't been investigating it.</span></div><div><span style="white-space:pre-wrap"><br></span></div><div><span style="white-space:pre-wrap">Also some PIN management's actions seem </span><span class="gmail-HwtZe" lang="en"><span class="gmail-jCAhz"><span class="gmail-ryNqvb">shaky (but there is a possibility that this is due to my lack of experience on gnuk tokens too).</span></span></span></div><div><span style="white-space:pre-wrap"><br></span></div><div><span style="white-space:pre-wrap">So for now, I tested the key with this kind of secret keys </span>I get with 'gpg --list-secret-keys'<span style="white-space:pre-wrap">:</span></div><div><span style="white-space:pre-wrap"><br></span></div><div>sec> ed25519 2025-03-13 [SC]</div><div> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</div><div> Card serial no. = FFFF 00000000<br>uid [ultimate] Tmp Tmp <tmp@tmp.tmp><br>ssb> cv25519 2025-03-13 [E]<br>ssb> ed25519 2025-03-13 [A]</div><div><span style="white-space:pre-wrap"><br></span></div><div><span style="white-space:pre-wrap">I managed to sign, decrypt data and authenticate through ssh sessions with it.</span></div><div><span style="white-space:pre-wrap"><br></span></div><div>PB2 as LED is working and PA0 as ACK button is also working fine, I haven't seen any issue for these use-case in a week.</div><div><br></div><div>Regards,</div><div>Alexandre</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 7 Mar 2025 at 10:00, Frédéric SUEL <<a href="mailto:frederic.suel@free.fr" target="_blank">frederic.suel@free.fr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>
<div>
<p><font face="Noto Serif">Ref : Post on the gnuk list : Frédéric
SUEL frederic.suel at <a href="http://free.fr" target="_blank">free.fr</a> Mon Feb 17 11:13:25 CET 2025<br>
</font></p>
<p><font face="Noto Serif">Hi,</font></p>
<p><font face="Noto Serif">Thank you for your interest for this
board.</font></p>
<p><font face="Noto Serif">When i asked help about this board, i
proposed a file board-blue-pill-plus-cb.h because this board
exist with 4 arm processor and two riscv processors. I indicated
cd because there is STM32F103C8T6 (64k) and CBT6 (128k). To
take care of 64K version, you have to add code in
/gnuk/src/.configure. (see my post)<br>
</font></p>
<p><font face="Noto Serif">For my blue-pilll-board stm32F103CB, i
have #define BOARD_ID 0x1ba01477 </font><font face="Noto Serif">(see my post). Perhaps your board is a
STM32F103C6T6 board, i don't know why IDs are different<br>
</font></p>
<p><font face="Noto Serif">For instance, i doesn't take care of
ackbutton because there is a supplementary problem as PA0 is
used for it's ADC and for entropy generation. I think you have
to modify /gnuk/chopstx/contrib/adc-stm32ff103.c but i doesn't
know how.</font></p>
<p><font face="Noto Serif">----<br>
</font></p>
<p><font face="Noto Serif">So i just created
/gnuk/board/board-blue-pill-plus-cb.h, modified
/gnuk/src/.configure to add definition of BLUE-PILL-PLLUS-CB and</font><i><b>
</b></i>chopstx/mcu/sys-stm31f103.h for my first tests and
doesn't take care of ackbutton on PA0<br>
</p>
<p>I get : <br>
</p>
<p>-- works fine with curve25519 : generation on the board and
import on the board.</p>
<p>-- impossibility to generate <span style="white-space:pre-wrap">secp256k1 on the board even with KDF-DO activate as Niibe suggested </span>(msg
: used conditions not satisfied)</p>
<p>-- impossibility to generate X448 on the board even with Niibe
patch (msg : board error)</p>
<p>-- impossibility to import X448 on the board. It seems to work
but only encrypt key is on the board and works. The other keys are
marked as # . I get with gpg --list-secret-keys</p>
<p>sec# ed448/0xAA988F88C70C3DEE 2025-02-23 [SC] [expire :
2075-02-11]</p>
<p>Empreinte de la clef = AA988 F88C7 0C3DE E74BE DFF48 D127D 4BA4E
CAEB3 685B3 575E7</p>
<p>uid [ ultime ] tmp</p>
<p>ssb> cv448/0x406CC6562774BC84 2025-02-23 [E] [expire :
2075-02-11]</p>
<p>ssb# ed448/0x02BB1F8E7A2B268A 2025-02-23 [A] [expire :
2075-02-11]</p>
<p></p>
<p>----</p>
<p>Can you precise what's work with your board ?<br>
</p>
<p><span style="white-space:pre-wrap">Best regards
</span></p>
<p>
</p>
<p><font face="Noto Serif"><br>
</font></p>
<p><font face="Noto Serif"><br>
</font></p>
<div>Le 06/03/2025 à 23:47, Alexandre Esse a
écrit :<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>Hello,</div>
<div><br>
</div>
<div>Here is a short message to notify the mailing list that I
proposed a merge request on chopstx: <a href="https://salsa.debian.org/gnuk-team/chopstx/chopstx/-/merge_requests/1" target="_blank">https://salsa.debian.org/gnuk-team/chopstx/chopstx/-/merge_requests/1</a></div>
<div><br>
</div>
<div>This is the first step to add gnuk support for <a href="https://github.com/WeActStudio/BluePill-Plus/" target="_blank">Blue Pill Plus boards</a>.</div>
<div><br>
</div>
<div>Not sure if this is the way to contribute: looking forward
to your feedback.</div>
<div><br>
</div>
<div>Regards,</div>
<div>Alexandre</div>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Gnuk-users mailing list
<a href="mailto:Gnuk-users@gnupg.org" target="_blank">Gnuk-users@gnupg.org</a>
<a href="https://lists.gnupg.org/mailman/listinfo/gnuk-users" target="_blank">https://lists.gnupg.org/mailman/listinfo/gnuk-users</a>
</pre>
</blockquote>
<div id="m_-7387951049827616546m_-5409594798482423759grammalecte_menu_main_button_shadow_host" style="width:0px;height:0px"></div>
</div>
</blockquote></div>