mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 02:40:08 +00:00
c7a98b7d13
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
384 lines
13 KiB
Plaintext
384 lines
13 KiB
Plaintext
2023-09-05 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* VERSION: 2.1.
|
|
|
|
* tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Don't
|
|
use command chaining.
|
|
|
|
2023-09-05 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* chopstx: Update to Chopstx 2.5.
|
|
* src/Makefile (CSRC): Add gd32vf103 case.
|
|
|
|
2022-10-25 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/neug.c [!__ARM_ARCH] (rbit): Support generic case.
|
|
|
|
2022-10-25 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/usb-cdc.h: Remove.
|
|
* src/debug.c: Remove.
|
|
* src/debug.h: Remove.
|
|
|
|
* src/usb_ctrl.c [ENABLE_VIRTUAL_COM_PORT]: Remove.
|
|
* src/usb_desc.c [ENABLE_VIRTUAL_COM_PORT]: Remove.
|
|
* src/usb_conf.h [ENABLE_VIRTUAL_COM_PORT]: Remove.
|
|
|
|
* src/gnuk.h [DEBUG]: Remove debug functions and macros.
|
|
|
|
* src/usb-ccid.c (ccid_prepare_receive): Remove DEBUG_* output.
|
|
(ccid_power_on, ccid_send_status, ccid_power_off)
|
|
(ccid_send_data_block_internal, ccid_send_data_block_0x9000)
|
|
(ccid_send_data_block_gr, ccid_send_params, ccid_handle_data)
|
|
(ccid_thread): Likewise.
|
|
(usb_rx_ready, usb_tx_done): Remove debug support.
|
|
(stdout_init, _write): Remove.
|
|
|
|
* src/main.c [DEBUG] (main): Remove debug init.
|
|
(fatal): Don't use debug feature.
|
|
|
|
* src/ac.c (verify_pso_cds): Remove DEBUG_* output.
|
|
(verify_other): Likewise.
|
|
* src/flash.c (flash_do_write): Likewise.
|
|
(flash_warning, flash_put_data, flash_bool_write)
|
|
(flash_enum_write, flash_cnt123_increment): Likewise.
|
|
* src/openpgp-do.c (proc_resetting_code): Likewise.
|
|
(gpg_do_load_prvkey, gpg_do_write_prvkey, proc_key_import)
|
|
(gpg_data_scan, gpg_do_get_data, gpg_do_put_data)
|
|
(gpg_do_public_key, gpg_do_keygen): Likewise.
|
|
* src/openpgp.c (cmd_verify, cmd_change_password)
|
|
(cmd_reset_user_password, cmd_put_data, cmd_pgp_gakp)
|
|
(cmd_read_binary, cmd_select_file, cmd_get_data, cmd_pso)
|
|
(cmd_internal_authenticate, modify_binary, cmd_update_binary)
|
|
(cmd_write_binary, cmd_external_authenticate, cmd_get_challenge)
|
|
(process_command_apdu, openpgp_card_thread): Likewise.
|
|
|
|
* src/configure (debug): Remove.
|
|
(--enable-debug, --disable-debug): Remove.
|
|
|
|
* src/config.h.in: Remove DEBUG support.
|
|
|
|
* src/Makefile [ENABLE_DEBUG] (CSRC): Remove debug.c.
|
|
|
|
2022-07-18 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tool/hub_ctrl.py (find_hubs): Catch the exception.
|
|
Change the interpreter path to Python3.
|
|
|
|
2022-07-18 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* chopstx: Update to Chopstx 2.4.
|
|
* Makefile: Fix for picolibc.
|
|
* regnual/Makefile: Fix for picolibc.
|
|
|
|
2022-07-12 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* test/*: Remove.
|
|
|
|
2022-07-11 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tests/*: Fix tests for token with KDO required setup.
|
|
|
|
2022-07-07 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/aes.c (FT0, FT1, FT2): Fix for table in ROM.
|
|
|
|
2022-06-29 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/configure (kdf_do): Fix.
|
|
|
|
2022-06-28 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Remove Data Object definition for internal NR_DO_PRVKEY_*.
|
|
* src/gnuk.h (NR_DO_PRVKEY_*): Remove.
|
|
* src/openpgp-do.c (gpg_pw_get_err_counter): Lookup num_prv_keys.
|
|
(gpg_do_delete_prvkey): Use flash_key_addr, instead of DOs.
|
|
* src/openpgp.c (gpg_init): Call gpg_data_scan after
|
|
flash_key_storage_init.
|
|
|
|
2022-06-20 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/flash.c (flash_key_write): Fix for odd size data.
|
|
|
|
2022-06-17 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/flash.c (flash_key_write): Put tag, nonce and DEKs in key
|
|
store, instead of Data Object. Fix for odd size.
|
|
* misc/t-gcm-siv.c: New.
|
|
* src/openpgp-do.c (gpg_get_algo_key_size): Exact size, no round
|
|
up to order of two.
|
|
(gpg_do_load_prvkey): Fix for key store.
|
|
(gpg_do_write_prvkey): Likewise.
|
|
(gpg_do_chks_prvkey): Likewise.
|
|
(gpg_do_pubkey_addr): Likewise.
|
|
(gpg_do_delete_prvkey: Likewise.
|
|
(get_do_ptr_nr_for_kk): Remove.
|
|
|
|
2022-06-17 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/gnuk.h (gcm_siv_encrypt, gcm_siv_decrypt): New.
|
|
* src/gcm-siv.c (gcm_siv_encrypt, gcm_siv_decrypt): New.
|
|
* src/openpgp-do.c (compute_key_data_checksum): Remove.
|
|
(crypt0, derive_keys, encrypt, decrypt): Remove.
|
|
(gpg_do_load_prvkey): Use gcm_siv_decrypt. Use pubkey as
|
|
additional data.
|
|
(gpg_do_write_prvkey): Use gcm_siv_encrypt. Likewise.
|
|
|
|
2022-06-17 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Change key store layout in Flash memory. Only a single key in a
|
|
page at a fixed area.
|
|
* src/gnuk.h (gpg_get_algo_key_size): New.
|
|
* src/openpgp-do.c (gpg_get_algo_key_size): New.
|
|
(gpg_do_pubkey_addr): New.
|
|
(gpg_do_delete_prvkey): Change the API.
|
|
* src/flash.c (flash_key_addr): New.
|
|
(flash_key_release, flash_key_write): Change the API.
|
|
* src/openpgp.c (cmd_pso): Use gpg_do_pubkey_addr.
|
|
|
|
2022-06-09 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/openpgp-do.c (compute_key_data_checksum): Use POLYVAL.
|
|
(encrypt, decrypt): Use AEAD by AES-GCM-SIV.
|
|
|
|
2022-06-08 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/gcm-siv.c: New.
|
|
|
|
2022-06-08 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/Makefile: Remove pinpad support.
|
|
* src/configure (pinpad, hid_card_change): Remove.
|
|
* src/config.h.in (@PINPAD_DEFINE@, @PINPAD_MORE_DEFINE@)
|
|
(@HID_CARD_CHANGE_DEFINE@): Remove.
|
|
* src/gnuk.h (EV_PINPAD_INPUT_DONE): Remove.
|
|
* src/main.c [PINPAD_CIR_SUPPORT, PINPAD_DND_SUPPORT] (main):
|
|
Remove pinpad support.
|
|
* src/openpgp.c [PINPAD_SUPPORT] (get_pinpad_input): Remove.
|
|
(openpgp_card_thread): Remove pinpad support.
|
|
* src/pin-cir.c: Remove.
|
|
* src/pin-dnd.c: Remove.
|
|
* src/usb-msc.c, src/usb-msc.h: Remove.
|
|
* src/usb-ccid.c (usb_tx_done): Remove pinpad support.
|
|
* src/usb_conf.h: Remove pinpad support.
|
|
* src/usb_ctrl.c: Remove pinpad support.
|
|
* src/usb_desc.c: Remove pinpad support.
|
|
|
|
2022-06-08 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* polarssl/*: Remove.
|
|
|
|
2022-06-08 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/aes.c (aes_encrypt): Change the API.
|
|
(aes_crypt_ctr): New.
|
|
* src/openpgp-do.c: Use internal AES, instead of PolarSSL.
|
|
|
|
2022-06-08 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Add an AES 256 implementation.
|
|
* misc/gen_rijndael_t_table.py: New.
|
|
* src/Makefile (CSRC): Add aes.c. No add of CRYPTSRC.
|
|
(INCDIR): No add of CRYPTINCDIR.
|
|
(CRYPTDIR, CRYPTSRCDIR, CRYPTINCDIR, CRYPTSRC): Remove.
|
|
* src/aes-t-table.c.in: New.
|
|
* src/aes.h, src/aes.c: New.
|
|
|
|
2022-06-08 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tests/openpgp_card.py: Fix card type detection.
|
|
|
|
2022-06-07 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Use CTR mode for private key encryption/decryption.
|
|
* src/openpgp-do.c (crypt): New.
|
|
|
|
2022-06-07 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Fix tests for selecting key algo for a token.
|
|
* tests/pubkey_crypto.py (get_PK_Crypto): New.
|
|
(get_key, get_test_vector): New.
|
|
* tests/card_test_keygen.py: Update.
|
|
* tests/card_test_personalize_admin_less_1.py: Update.
|
|
* tests/card_test_personalize_admin_less_2.py: Update.
|
|
* tests/card_test_personalize_card_2.py: Update.
|
|
* tests/card_test_public_key_operations.py: Update.
|
|
* tests/card_test_public_key_operations_alt.py: Update.
|
|
* tests/card_test_public_key_operations_kg.py: Update.
|
|
|
|
2022-05-20 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Fix tests for RSA removal.
|
|
* tests/pubkey_crypto.py: Load Curve25519.
|
|
* tests/card_const.py (default_key): Default is Curve25519.
|
|
|
|
2022-04-25 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Remove RSA support.
|
|
* src/Makefile (CSRC): Remove call-rsa.c, bignum.c and rsa.c.
|
|
* src/crypt.mk (CRYPTSRC): Remove rsa.c, bugnum.c and call-rsa.c.
|
|
* src/call-rsa.c: Remove.
|
|
* src/flash.c [FLASH_UPGRADE_SUPPORT] (flash_terminate): Remove
|
|
update key support.
|
|
[FLASH_UPGRADE_SUPPORT] (flash_write_binary): Remove
|
|
FILEID_UPDATE_KEY_* support.
|
|
* src/gnuk-malloc.h: Remove.
|
|
* src/gnuk.h: Remove FILEID_UPDATE_KEY_*.
|
|
(rsa_sign, modulus_calc, rsa_decrypt, rsa_verify, rsa_genkey):
|
|
Remove.
|
|
* src/gnuk.ld.in (_updatekey_store): Remove.
|
|
* src/main.c (main): Remove malloc initialization.
|
|
(gnuk_malloc_init, gnuk_sbrk, remove_from_free_list)
|
|
(gnuk_malloc, gnuk_free): Remove.
|
|
* src/openpgp-do.c (OPENPGP_ALGO_RSA): Remove.
|
|
(algorithm_attr_rsa2k, algorithm_attr_rsa4k): Remove.
|
|
(gpg_get_algo_attr): Remove RSA support.
|
|
(get_algo_attr_data_object, gpg_get_algo_attr_key_size): Likewise.
|
|
(do_alg_info, rw_algorithm_attr, gpg_do_write_prvkey): Likewise.
|
|
(proc_key_import, gpg_do_public_key, gpg_do_keygen): Likewise.
|
|
* src/openpgp.c (challenge): Remove.
|
|
(gpg_get_firmware_update_key): Remove.
|
|
(cmd_read_binary, modify_binary): Remove FILEID_UPDATE_KEY_* support.
|
|
(cmd_pso): Remove RSA support.
|
|
(cmd_internal_authenticate): Remove RSA support.
|
|
(cmd_external_authenticate): Remove RSA authentication.
|
|
(cmd_get_challenge): Work independently not related to
|
|
EXTERNAL_AUTHENTICATE.
|
|
* tests/rsa-aut.key, tests/rsa-dec.key, tests/rsa-sig.key: Remove.
|
|
* tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Now,
|
|
it does no authentication with FILEID_UPDATE_KEY_*.
|
|
* tool/gnuk_upgrade.py (gpg_sign): Remove.
|
|
(main): Remove support of specifying FILEID_UPDATE_KEY_*.
|
|
* tool/upgrade_by_passwd.py (main): Remove support of specifying
|
|
FILEID_UPDATE_KEY_*.
|
|
|
|
2022-04-22 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/gnuk.h (_regnual_start): Fix type.
|
|
* src/main.c (main): Fix address for _regnual_start.
|
|
* src/usb_ctrl.c (mem_info, usb_setup): Follow the change.
|
|
* src/flash.c (_keystore_pool, _data_pool): Fix type.
|
|
(FLASH_ADDR_KEY_STORAGE_START, FLASH_ADDR_DATA_STORAGE_START):
|
|
Follow the change.
|
|
|
|
2022-03-26 Bertrand Jacquin <bertrand@jacquin.bzh>
|
|
|
|
* regnual/regnual.c (memset): Remove declaration.
|
|
* regnual/types.h (NULL): Remove.
|
|
(size_t): Remove.
|
|
|
|
2021-11-02 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/ecc-mont.c (ecdh_compute_public_25519): Fix alignment
|
|
problem.
|
|
|
|
2021-11-02 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tests/: Add tests for ECC curves. Support Yubikey.
|
|
|
|
2021-10-12 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
Add Ed448 and X448 support, removing NIST P-256 support.
|
|
* src/gnuk.h (ALGO_X448, ALGO_ED448): New.
|
|
(ecdsa_sign_p256r1, ecc_compute_public_p256r1): Remove.
|
|
(ecc_check_secret_p256r1, ecdh_decrypt_p256r1): Remove.
|
|
(ecdh_compute_public_x448, ecdh_decrypt_x448): New.
|
|
(ed448_sign, ed448_compute_public): New.
|
|
|
|
* src/openpgp-do.c (algorithm_attr_ed448): New.
|
|
(algorithm_attr_x448): New.
|
|
(algorithm_attr_p256r1): Remove.
|
|
(get_algo_attr_data_object): Remove for ALGO_NISTP256R1.
|
|
Add for ALGO_ED448 and ALGO_X448.
|
|
(gpg_get_algo_attr_key_size): Likewise.
|
|
(do_alg_info): Support Ed448 and X448 too.
|
|
(rw_algorithm_attr): Support Ed448 and X448 too.
|
|
Remove for NIST P-256.
|
|
(gpg_do_write_prvkey): Remove for NIST P-256.
|
|
Add for Ed448 and X448.
|
|
(proc_key_import): Likewise.
|
|
(gpg_do_public_key): Likewise.
|
|
(gpg_do_keygen): Likewise.
|
|
|
|
* src/openpgp.c (ED25519_SIGNATURE_LENGTH): Rename from
|
|
EDDSA_SIGNATURE_LENGTH.
|
|
(cmd_pso): Remove for ALGO_NISTP256R1.
|
|
Add for ALGO_ED448 and ALGO_X448.
|
|
(cmd_internal_authenticate): Likewise.
|
|
|
|
* src/p448.c, ecc-x448.c, ecc-ed448.c, shake256.c: New.
|
|
|
|
* src/ecc-ed25519.c: Move from ecc-edwards.c.
|
|
* misc/t-ed25519.c: Move from t-edwards.c.
|
|
|
|
2021-10-12 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* chopstx: Update to 2.3.
|
|
|
|
2021-10-11 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/configure (kdf_do): It can be overridden, now.
|
|
|
|
2021-07-01 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/configure (CONFIG): Add KDF configuration.
|
|
|
|
2021-06-10 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tool/stlinkv2.py: Switch to Python3.
|
|
|
|
* tool/upgrade_by_passwd.py: Fix option handling.
|
|
|
|
2021-04-30 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/openpgp-do.c (rw_algorithm_attr): Fix writing algorithm
|
|
attribute, which may cause GC. Note that flash_enum_write needs
|
|
to call flash_enum_clear beforehand.
|
|
|
|
2021-04-28 Bertrand Jacquin <bertrand@jacquin.bzh>
|
|
|
|
* regnual/regnual.c: Include <string.h>.
|
|
|
|
2021-04-01 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tool/upgrade_by_passwd.py: Check configure target and
|
|
the config if the device are same target.
|
|
|
|
2021-03-19 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* tests/openpgp_card.py (is_emulated_gnuk): Add.
|
|
* tests/skip_if_emulation.py: New.
|
|
* tests/skip_if_gnuk.py: New.
|
|
* tests/test_001_personalize_card.py: Skip if emulation.
|
|
* tests/test_002_personalize_reset.py: Skip if emulation.
|
|
* tests/test_003_remove_keys.py: Skip if emulation.
|
|
* tests/test_004_reset_pw3.py: Skip if emulation.
|
|
* tests/test_005_personalize_admin_less.py: Skip if emulation.
|
|
* tests/test_006_pso.py: Skip if Gnuk.
|
|
* tests/test_009_keygen.py: Skip if emulation.
|
|
* tests/test_021_personalize_admin_less.py: Rewrite.
|
|
|
|
2021-03-12 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/openpgp.c (cmd_pgp_gakp): Fix patch mistake.
|
|
|
|
2021-03-01 Vincent Pelletier <plr.vincent@gmail.com>
|
|
|
|
* tests/card_const.py: Add attributes for more algos.
|
|
* tests/card_test_ansix9p256r1.py: New.
|
|
* tests/card_test_ansix9p384r1.py: New.
|
|
* tests/card_test_ansix9p512r1.py: New.
|
|
* tests/card_test_brainpoolp256r1.py: New.
|
|
* tests/card_test_brainpoolp384r1.py: New.
|
|
* tests/card_test_brainpoolp512r1.py: New.
|
|
* tests/card_test_ed25519.py: New.
|
|
* tests/card_test_x25519.py: New.
|
|
* tests/func_pso_auth.py: New.
|
|
* tests/test_006_pso.py: New.
|
|
|
|
2021-02-26 NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
* src/configure (kdf_do_required): Fix typo.
|
|
|
|
* chopstx: Update to 2.2.
|