mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 02:40:08 +00:00
update NEWS and README
This commit is contained in:
parent
995961a593
commit
fdaee50acb
33
NEWS
33
NEWS
@ -1,5 +1,38 @@
|
||||
Gnuk NEWS - User visible changes
|
||||
|
||||
* Major changes in Gnuk 0.12
|
||||
|
||||
Released 2011-05-1X, by NIIBE Yutaka
|
||||
|
||||
** Admin-less mode is supported.
|
||||
The OpenPGP card specification assumes existence of a security
|
||||
officer, who has privilege to manage the card. On the other hand,
|
||||
many use cases of Gnuk are admin == user.
|
||||
|
||||
Thus, Gnuk now supports "admin-less" mode. In this mode, user can get
|
||||
privilege with the password of PW1.
|
||||
|
||||
At the initialization of the card, Gnuk becomes compatible mode by
|
||||
setting PW3. Without setting PW3, it becomes "admin-less" mode
|
||||
by setting PW1.
|
||||
|
||||
** Important bug fix.
|
||||
Gnuk (<= 0.11) has a severe bug which makes possible for attacker to
|
||||
guess admin password easily. When admin password is not set (the
|
||||
default value of factory setting), failure of VERIFY doesn't increment
|
||||
error counter in older versions. Observing no increment of error
|
||||
counter, attacker could know that admin password is the one of factory
|
||||
setting.
|
||||
|
||||
** tool/gnuk_put_binary.py now uses pyscard.
|
||||
Instead of PyUSB, it uses Python binding of PC/SC. PyUSB version is
|
||||
still available as tool/gnuk_put_binary_libusb.py.
|
||||
|
||||
** Logo for Gnuk is updated.
|
||||
|
||||
** Gnuk Sticker SVG is available.
|
||||
|
||||
|
||||
* Major changes in Gnuk 0.11
|
||||
|
||||
Released 2011-04-15, by NIIBE Yutaka
|
||||
|
29
README
29
README
@ -310,7 +310,8 @@ accessing by JTAG debugger is recommended.
|
||||
How to configure
|
||||
================
|
||||
|
||||
You need python and PyUSB (python-usb package in Debian).
|
||||
You need python and pyscard (python-pyscard package in Debian) or
|
||||
PyUSB (python-usb package in Debian).
|
||||
|
||||
(1) In the 'src' directory, type
|
||||
|
||||
@ -323,24 +324,35 @@ In this process, it takes time for the command of
|
||||
Don't just wait, but do some other works on your PC.
|
||||
/dev/random needs entropy to finish.
|
||||
|
||||
(2) Stop the pcsc daemon.
|
||||
|
||||
(2) [pyscard] Stop scdaemon
|
||||
[PyUSB] Stop the pcsc daemon.
|
||||
|
||||
If scdaemon is running, please kill it, or you will get "Smartcard
|
||||
Exception" by "Sharing violation".
|
||||
|
||||
$ killall -9 scdaemon
|
||||
|
||||
In case of PyUSB tool, you need to stop pcscd.
|
||||
|
||||
# /etc/init.d/pcscd stop
|
||||
|
||||
|
||||
(3) Write the random bits to the device
|
||||
|
||||
Connect your board to USB port of your PC. And invoke gnuk_put_binary.py:
|
||||
|
||||
# ../tool/gnuk_put_binary.py -r random_bits
|
||||
$ ../tool/gnuk_put_binary.py -r random_bits
|
||||
random_bits: 1024
|
||||
Updating random bits
|
||||
...
|
||||
|
||||
|
||||
(4) [Optional] Write fixed serial number
|
||||
|
||||
If you use fixed serial number in the file 'GNUK_SERIAL_NUMBER', you can do:
|
||||
|
||||
# EMAIL=<YOUR-EMAIL-ADDRESS> ../tool/gnuk_put_binary.py -s ../GNUK_SERIAL_NUMBER
|
||||
$ EMAIL=<YOUR-EMAIL-ADDRESS> ../tool/gnuk_put_binary.py -s ../GNUK_SERIAL_NUMBER
|
||||
Writing serial number
|
||||
...
|
||||
|
||||
@ -348,7 +360,7 @@ If you use fixed serial number in the file 'GNUK_SERIAL_NUMBER', you can do:
|
||||
|
||||
If you have card holder certificate binary file, you can do:
|
||||
|
||||
# ../tool/gnuk_put_binary.py ../../<YOUR-CERTIFICATE>.bin
|
||||
$ ../tool/gnuk_put_binary.py ../../<YOUR-CERTIFICATE>.bin
|
||||
../../<YOUR-CERTIFICATE>.bin: <LENGTH-OF-YOUR-CERTIFICATE>
|
||||
Updating card holder certificate
|
||||
...
|
||||
@ -443,11 +455,18 @@ linux/Documentation/usb/usbmon.txt
|
||||
Read-only Git Repository
|
||||
========================
|
||||
|
||||
You can browse at http://www.gniibe.org/gitweb/gnuk.git/
|
||||
|
||||
You can get it by:
|
||||
|
||||
$ git clone git://www.gniibe.org/gnuk.git/
|
||||
|
||||
or
|
||||
|
||||
$ git clone http://www.gniibe.org/git/gnuk.git/
|
||||
|
||||
|
||||
|
||||
Information on the Web
|
||||
======================
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user