NIIBE Yutaka
967b949967
Tweak process size of gpg.
2017-08-11 22:00:01 +09:00
NIIBE Yutaka
11afbdde14
src/config.mk generation.
2017-08-11 21:06:59 +09:00
NIIBE Yutaka
2b340ee1c5
Fix factory-reset for admin-less mode.
...
Reported-by: Stanislas Bach <sbach@0g.re>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-08-04 08:32:39 +09:00
Jeremy Drake
eea011fe70
Allow compile-time override of detected flash size.
...
On the STM32F103C8, as used in the "blue pill" boards, it has been
determined that, despite these only officially having 64KiB flash, it is
possible to actually use 128KiB of flash.
This commit allows for a preprocessor define
STM32F103_OVERRIDE_FLASH_SIZE which, when set, is used as the size of
flash in KiB instead of reading it from the FLASH_SIZE_REG.
2017-08-03 21:20:47 +09:00
Jeremy Drake
e736227de7
Erase CERTDO on terminate.
...
When both certdo and lifecycle support are enabled, flash_terminate
neglected to erase the certdo pages. It now does so.
2017-08-02 11:13:02 +09:00
NIIBE Yutaka
22156ea7f9
Fix factory-reset.
2017-08-01 13:30:02 +09:00
NIIBE Yutaka
e4e72a29ae
Initialize TMP to avoid confusion by static analysis.
...
--
The computation using TMP is keeping it constant-time only, but
it is better not to confuse static analysis.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-07-19 11:55:20 +09:00
NIIBE Yutaka
25d3f021c1
Support no git situation.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-07-19 11:25:38 +09:00
NIIBE Yutaka
ae76d66d53
Fix accessing garbage on error path.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Reported-by: Anthony Romano <anthony.romano@coreos.com>
2017-07-19 10:48:16 +09:00
NIIBE Yutaka
10c5010141
Git is assumed for the source with .git.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-07-18 14:12:20 +09:00
Anthony Romano
d12483c3c9
Support building with docker.
...
Signed-off-by: Anthony Romano <anthony.romano@coreos.com>
2017-07-18 13:38:46 +09:00
Anthony Romano
67acb670d1
call fatal if mem_head size is corrupted.
...
Signed-off-by: Anthony Romano <anthony.romano@coreos.com>
2017-07-18 13:31:06 +09:00
Anthony Romano
a44244b27e
avoid null dereference when openpgp algo goes from !rsa2k to rsa2k.
...
Detected with scan-build.
Signed-off-by: Anthony Romano <anthony.romano@coreos.com>
2017-07-18 13:27:12 +09:00
Anthony Romano
2622840e27
remove unused calculations from mod_reduce.
...
Detected with scan-build.
Signed-off-by: Anthony Romano <anthony.romano@coreos.com>
2017-07-18 13:19:42 +09:00
Anthony Romano
a51ac8593b
call-rsa: free modulus buffers on error paths.
...
* MPI_CHK jumps to cleanup on ret != 0, so p_q_modulus is never freed if
rsa_gen_key fails (detected via scan-build).
* modulus_calc never freed its modulus buffer on error.
Signed-off-by: Anthony Romano <anthony.romano@coreos.com>
2017-07-18 13:15:42 +09:00
NIIBE Yutaka
de81caba3e
Update Chopstx.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-07-18 12:58:23 +09:00
NIIBE Yutaka
fa69a85826
Version 1.2.4.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-12 17:22:20 +09:00
NIIBE Yutaka
4c2294ea6c
Portability change.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 16:14:30 +09:00
NIIBE Yutaka
86eaa26d32
New: src/mcu-stm32f103.c.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 15:49:38 +09:00
NIIBE Yutaka
9e52789203
Fix long standing buf of digital signature counter.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 14:54:15 +09:00
NIIBE Yutaka
702bc8cbde
Move data objects at the end of flash.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-27 15:23:25 +09:00
NIIBE Yutaka
2cfce76d91
[SECURITY] Flash memory usage change.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-27 14:36:32 +09:00
NIIBE Yutaka
32779b6f96
Version 1.2.3.
2017-02-02 16:33:30 +09:00
NIIBE Yutaka
55c1015faa
Increase CCID thread stack size by 0x20 for newer GCC.
2017-02-02 14:11:11 +09:00
NIIBE Yutaka
0932465f0b
Update Chopstx to 1.3.
2017-02-02 13:07:35 +09:00
NIIBE Yutaka
4417799a51
Update README
2017-02-01 17:16:54 +09:00
Szczepan Zalega
b424cecf1e
Regnual update tool: do not allow other than binary formats (upgrade_by_passwd)
...
Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
2017-02-01 15:40:56 +09:00
NIIBE Yutaka
7ef417ae36
tool: Improve tool/*.py.
...
--
Szczepan Zalega's idea of using the file GNUK_USB_DEVICE_ID would
good, but not merged yet. Because it makes difficult to distribute
the scripts. We need to consider installing tools and the file
like GNUK_USB_DEVICE_ID altogether.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-02-01 12:34:35 +09:00
NIIBE Yutaka
d4469c24ec
fix NIST P-256 / secp256k1 key generation.
2016-10-21 15:30:07 +09:00
NIIBE Yutaka
e4333c6580
Version 1.2.2
2016-10-15 20:18:20 +09:00
NIIBE Yutaka
d2261d53e3
fix scripts
2016-10-15 20:14:18 +09:00
NIIBE Yutaka
27bd37781a
Fix flash initialization
2016-10-15 19:29:23 +09:00
NIIBE Yutaka
f7d857b527
fix stack usage of CCID
2016-10-15 18:37:22 +09:00
NIIBE Yutaka
ffa9bf1f94
support factory_reset.
2016-10-14 08:45:01 +09:00
NIIBE Yutaka
5795dc9877
rename status-code.h
2016-10-13 11:03:50 +09:00
NIIBE Yutaka
c8b17a8759
Update to Chopstx 1.2
2016-10-13 10:35:22 +09:00
NIIBE Yutaka
38d70e277b
Fix difference between original OpenPGP card
2016-10-13 10:33:02 +09:00
NIIBE Yutaka
f1773c146b
fix test/
2016-10-12 15:32:51 +09:00
NIIBE Yutaka
47150b5c98
minor fix for configure
2016-09-30 16:20:19 +09:00
NIIBE Yutaka
23bbc9c755
Fix test setup
2016-08-24 10:39:27 +09:00
NIIBE Yutaka
2b784cb3b9
Upgrade tool/hub_ctrl.py
2016-08-03 21:19:34 +09:00
NIIBE Yutaka
452c15c908
Version 1.2.1
2016-07-11 16:20:55 +09:00
NIIBE Yutaka
dc568422b1
Cleanup openpgp_thread.
2016-07-11 13:06:30 +09:00
NIIBE Yutaka
9697694e45
pin CIR fixes
2016-07-11 11:32:14 +09:00
NIIBE Yutaka
f5cbc71a54
doc fix
2016-07-11 11:28:08 +09:00
NIIBE Yutaka
5099bfee88
Update chopstx to 1.1
2016-07-01 13:09:42 +09:00
NIIBE Yutaka
691e16c605
doc update
2016-06-21 14:44:51 +09:00
Niibe Yutaka
eabcec107e
Update to Chopstx 1.0
2016-06-17 14:54:52 +09:00
Niibe Yutaka
73c698c67e
tweak thread size
2016-06-15 15:14:03 +09:00
Niibe Yutaka
a96a3eefe6
Update Chopstx, follow the change of USB API
2016-06-14 14:29:17 +09:00