mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 02:40:08 +00:00
version 0.17
This commit is contained in:
parent
6550dd5353
commit
14673b825b
@ -1,3 +1,12 @@
|
||||
2012-02-02 Niibe Yutaka <gniibe@fsij.org>
|
||||
|
||||
* Version 0.17.
|
||||
|
||||
* src/usb_desc.c (gnukStringSerial): Updated.
|
||||
|
||||
* tool/gnuk_put_binary.py (cmd_get_response): New.
|
||||
(cmd_select_openpgp, cmd_get_data): Call cmd_get_response.
|
||||
|
||||
2012-01-30 Niibe Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/usb-icc.c (struct ccid): Add chained_cls_ins_p1_p2.
|
||||
|
11
NEWS
11
NEWS
@ -2,14 +2,19 @@ Gnuk NEWS - User visible changes
|
||||
|
||||
* Major changes in Gnuk 0.17
|
||||
|
||||
Released 2012-01-XX, by NIIBE Yutaka
|
||||
Released 2012-02-02, by NIIBE Yutaka
|
||||
|
||||
** ISO 7816 SELECT command behavior is strict now
|
||||
** USB CCID/ICCD protocol implementation change
|
||||
Gnuk now only supports short APDU level exchange, not support.
|
||||
extended APDU level exchange. Thus, Gnuk could be compatible to older
|
||||
host side software implementation.
|
||||
|
||||
** ISO 7816 SELECT command behavior is somewhat strict now
|
||||
Old implementations do not check DF name for SELECT command.
|
||||
This causes some trouble when Gnuk Token is identified as if it were
|
||||
different card/token. Now, DF name of OpenPGP card is checked.
|
||||
|
||||
** USB CCID/ICCD low level bug is fixed
|
||||
** USB CCID/ICCD low-level bug is fixed
|
||||
When the size of command APDU data is just 49, the lower level packet
|
||||
size is 64. This is maximum size of BULK-OUT transfer packet, and
|
||||
caused trouble in the past implementations. Example is setting url
|
||||
|
23
README
23
README
@ -1,7 +1,7 @@
|
||||
Gnuk - software for GnuPG USB Token
|
||||
|
||||
Version 0.16
|
||||
2011-12-14
|
||||
Version 0.17
|
||||
2012-02-02
|
||||
Niibe Yutaka
|
||||
Free Software Initiative of Japan
|
||||
|
||||
@ -104,12 +104,15 @@ Ab: That's because gnome-keyring-daemon interferes GnuPG. Type:
|
||||
and at the tab of "Startup Programs", disable check buttons for
|
||||
"GPG Password Agent" and "SSH Key Agent".
|
||||
|
||||
Qc: Do you know a good SWD debugger to connect FST-01 or something?
|
||||
Ac: Perhaps, you can use a part of STM32F4 Discovery Kit as SWD
|
||||
debugger. It seems that there is a free software tool for that.
|
||||
|
||||
|
||||
Release notes
|
||||
=============
|
||||
|
||||
This is seventeenth release of Gnuk. While it works well for specific
|
||||
This is eighteenth release of Gnuk. While it works well for specific
|
||||
usages and it is considered stable, it is still somewhat experimental.
|
||||
|
||||
Tested features are:
|
||||
@ -127,18 +130,13 @@ Tested features are:
|
||||
* Changing value of password status bytes (0x00C4): forcesig
|
||||
* Verify with pin pad
|
||||
* Modify with pin pad
|
||||
* Card holder certificate
|
||||
|
||||
It is known not-working well:
|
||||
|
||||
* For some version of kernel and libccid, --enable-debug can't
|
||||
work well. Please disable DEBUG option if it doesn't work well.
|
||||
|
||||
* Card holder certificate
|
||||
It is implemented in Gnuk side. But its large size matters
|
||||
(> 1KB). Some versions of GnuPG cannot handle a data object
|
||||
of large size with PC/SC backend. Specifically,
|
||||
handle_transmit function in pcsc-wrapper.c uses the buffer
|
||||
of size 1024-byte.
|
||||
work well. Please make sure to disable DEBUG option if it
|
||||
doesn't work well.
|
||||
|
||||
Not supported feature(s):
|
||||
|
||||
@ -241,8 +239,7 @@ Gnuk is distributed with external source code.
|
||||
Host Requirements
|
||||
=================
|
||||
|
||||
For GNU/Linux, libccid version >= 1.3.11 is required.
|
||||
libccid version == 1.3.9 is known not working well by the issue [r4235].
|
||||
For GNU/Linux, libccid version >= 1.3.11 is recommended.
|
||||
|
||||
I think that it should not be requirment but the kernel version of my use is:
|
||||
Linux version 2.6.32-5-686 (Debian 2.6.32-18) (ben@decadent.org.uk) (gcc version 4.3.5 (Debian 4.3.5-2) ) #1 SMP Sat Jul 24 02:27:10 UTC 2010
|
||||
|
@ -275,7 +275,7 @@ static const uint8_t gnukStringProduct[] = {
|
||||
const uint8_t gnukStringSerial[] = {
|
||||
13*2+2, /* bLength */
|
||||
USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */
|
||||
'0', 0, '.', 0, '1', 0, '6', 0, /* Version number of Gnuk */
|
||||
'0', 0, '.', 0, '1', 0, '7', 0, /* Version number of Gnuk */
|
||||
'-', 0,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
|
@ -43,6 +43,13 @@ class GnukToken(object):
|
||||
cardservice = cardrequest.waitforcard()
|
||||
self.connection = cardservice.connection
|
||||
|
||||
def cmd_get_response(self, expected_len):
|
||||
apdu = [0x00, 0xc0, 0x00, 0x00, expected_len ]
|
||||
response, sw1, sw2 = self.connection.transmit(apdu)
|
||||
if not (sw1 == 0x90 and sw2 == 0x00):
|
||||
raise ValueError, ("%02x%02x" % (sw1, sw2))
|
||||
return response
|
||||
|
||||
def cmd_verify(self, who, passwd):
|
||||
apdu = [0x00, 0x20, 0x00, 0x80+who, len(passwd)] + s2l(passwd)
|
||||
response, sw1, sw2 = self.connection.transmit(apdu)
|
||||
@ -84,13 +91,17 @@ class GnukToken(object):
|
||||
def cmd_select_openpgp(self):
|
||||
apdu = [0x00, 0xa4, 0x04, 0x0c, 6, 0xd2, 0x76, 0x00, 0x01, 0x24, 0x01 ]
|
||||
response, sw1, sw2 = self.connection.transmit(apdu)
|
||||
if not (sw1 == 0x90 and sw2 == 0x00):
|
||||
if sw1 == 0x61:
|
||||
response = self.cmd_get_response(sw2)
|
||||
elif not (sw1 == 0x90 and sw2 == 0x00):
|
||||
raise ValueError, ("%02x%02x" % (sw1, sw2))
|
||||
|
||||
def cmd_get_data(self, tagh, tagl):
|
||||
apdu = [0x00, 0xca, tagh, tagl]
|
||||
response, sw1, sw2 = self.connection.transmit(apdu)
|
||||
if not (sw1 == 0x90 and sw2 == 0x00):
|
||||
if sw1 == 0x61:
|
||||
response = self.cmd_get_response(sw2)
|
||||
elif not (sw1 == 0x90 and sw2 == 0x00):
|
||||
raise ValueError, ("%02x%02x" % (sw1, sw2))
|
||||
return response
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user