Thank you for the merge! Also, thank you for these information Frédéric: Following your comments, we can agree that my contribution should be updated to take into account the different variants of the "BP+": C6T6, CBT6 ... ?
Is there somewhere in documentation we can keep track of the available and tested features of each board/token ? In order to generate the board ID, i run this command: ``` $ echo -n "Blue Pill Plus" | shasum -a 256 | sed -e 's/^.*\(........\) -$/\1/' ``` Which gave me: 0x49403d56 I will try to get into key generation and neug next and keep you up to date if I get anything relevant. Regards, Alexandre On Fri, 14 Mar 2025 at 17:42, Frédéric SUEL <[email protected]> wrote: > Hello, > > A lot of thanks for your work. > > See my observations *infra*. I hope it can help you. > > Best regards > Le 13/03/2025 à 19:52, Alexandre Esse a écrit : > > Hello Frédéric, > > Great, I didn't see you already did some integration developments on this > board, I just joined the mailing list and didn't look extensively into the > history. For now I only pushed the chopstx part but indeed, gnuk itself > should also be updated. > > I also have the STM32F103CBT6 version of the board. (marked as v1.1 on > the PCB: not sure what it means: I opened an Issue on github and send an > email to WeAct support to get some info: > https://github.com/WeActStudio/BluePill-Plus/issues/19) > > You can find the difference between V1.0 et V1.1 here : > https://github.com/WeActStudio/WeActStudio.BluePill-Plus-CH32/tree/master/HDK > It's for CH32 processor but the design of the boards are all the same. > > > I have been testing both on the 1.2.20 branch and 2.2. But I guess I will > stay on v2.2 for the rest of my tests. > > Here are the remaining tweaks I did on v2.2 ( > de9652726b1ce52b21e939c6989dda0268b5c640) of gnuk to make it work: > > diff --git a/src/configure b/src/configure > index 1188a72..4ff7d1a 100755 > --- a/src/configure > +++ b/src/configure > @@ -130,6 +130,7 @@ Configuration: > ST_NUCLEO_F103 > NITROKEY_START > BLUE_PILL > + BLUE_PILL_PLUS > STM8S_DISCOVERY > CQ_STARM > STM32_PRIMER2 > @@ -164,7 +165,7 @@ MEMORY_SIZE=20 > > # Settings for TARGET > case $target in > -BLUE_PILL|STM8S_DISCOVERY) > +BLUE_PILL|BLUE_PILL_PLUS|STM8S_DISCOVERY) > # It's 64KB version of STM32F103, but actually has 128KB > flash_override="-DSTM32F103_OVERRIDE_FLASH_SIZE_KB=128" > ;; > > There is STM32F103C6T6 (64K) and CBT6 (128K), so i think your add > relative to : # setting to target, is not necessary for CBT6 processor > which have 128K memory. That's why i suggested to have multiple definition > board to take care of different processor (arm and riscv) and different > amount of memory > > I haven't been testing "on-the-token" key generation. I only transferred > to it from a host PC. I always had KDF-DO activated. > The main issue I get is when I try to "reset" the token, it simply doesn't > work but I haven't been investigating it. > Also some PIN management's actions seem shaky (but there is a possibility > that this is due to my lack of experience on gnuk tokens too). > So for now, I tested the key with this kind of secret keys I get with > 'gpg --list-secret-keys': > sec> ed25519 2025-03-13 [SC] > XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX > Card serial no. = FFFF 00000000 > uid [ultimate] Tmp Tmp <[email protected]> <[email protected]> > ssb> cv25519 2025-03-13 [E] > ssb> ed25519 2025-03-13 [A] > I managed to sign, decrypt data and authenticate through ssh sessions with > it. > PB2 as LED is working and PA0 as ACK button is also working fine, I > haven't seen any issue for these use-case in a week. > > About ack button, it is on PA0 and PA0 is used for it's ADC function and > entropy generation, so i think you have to modifiy > /gnuk/chopstx/contrib/adc-stm32ff103.c > in order to use an other pin for ADC than PA0 > > Entropy generation graph is explain on Niibe site here : > https://www.gniibe.org/memo/development/gnuk/rng/neug.html > > You can see that PA0 and PA1 are used for their ADC. It's also indicate > for example in board-fst-01-00.h file > > * PA0 - input with pull-up. AN0 > * PA1 - input with pull-up. AN1 > > For Blue-Pill-Plus, button is connect to 3.3V ( > https://github.com/WeActStudio/BluePill-Plus/blob/master/HDK/BluePillPlus_V10_SchDoc.pdf) > so i think you configure PA0 as input pull-down. I think all this change > can interfere with good entropy generation. I see different cases of board > in /gnuk/chopstx/contrib/adc-stm32ff103.c which seem to use different ADC > pins but i don't really understand how. It's for that, i didn't take care > of ackbutton to day. > > --------------------------------------------------------------- > > In your board file, you indicate id board : 0x49403d56. In mine, i > indicate 0x1ba01477. I get this id with stlink program as core id. Can your > tell me how you get your board id ? > > Frédéric SUEL > > > Regards, > Alexandre > > > > On Fri, 7 Mar 2025 at 10:00, Frédéric SUEL <[email protected]> wrote: > >> Ref : Post on the gnuk list : Frédéric SUEL frederic.suel at free.fr Mon >> Feb 17 11:13:25 CET 2025 >> >> Hi, >> >> Thank you for your interest for this board. >> >> When i asked help about this board, i proposed a file >> board-blue-pill-plus-cb.h because this board exist with 4 arm processor and >> two riscv processors. I indicated cd because there is STM32F103C8T6 (64k) >> and CBT6 (128k). To take care of 64K version, you have to add code in >> /gnuk/src/.configure. (see my post) >> >> For my blue-pilll-board stm32F103CB, i have #define BOARD_ID >> 0x1ba01477 (see my post). Perhaps your board is a STM32F103C6T6 board, i >> don't know why IDs are different >> >> For instance, i doesn't take care of ackbutton because there is a >> supplementary problem as PA0 is used for it's ADC and for entropy >> generation. I think you have to modify >> /gnuk/chopstx/contrib/adc-stm32ff103.c but i doesn't know how. >> >> ---- >> >> So i just created /gnuk/board/board-blue-pill-plus-cb.h, modified >> /gnuk/src/.configure to add definition of BLUE-PILL-PLLUS-CB and >> chopstx/mcu/sys-stm31f103.h >> for my first tests and doesn't take care of ackbutton on PA0 >> >> I get : >> >> -- works fine with curve25519 : generation on the board and import on the >> board. >> >> -- impossibility to generate secp256k1 on the board even with KDF-DO >> activate as Niibe suggested (msg : used conditions not satisfied) >> >> -- impossibility to generate X448 on the board even with Niibe patch (msg >> : board error) >> >> -- impossibility to import X448 on the board. It seems to work but only >> encrypt key is on the board and works. The other keys are marked as # . I >> get with gpg --list-secret-keys >> >> sec# ed448/0xAA988F88C70C3DEE 2025-02-23 [SC] [expire : 2075-02-11] >> >> Empreinte de la clef = AA988 F88C7 0C3DE E74BE DFF48 D127D 4BA4E CAEB3 >> 685B3 575E7 >> >> uid [ ultime ] tmp >> >> ssb> cv448/0x406CC6562774BC84 2025-02-23 [E] [expire : 2075-02-11] >> >> ssb# ed448/0x02BB1F8E7A2B268A 2025-02-23 [A] [expire : 2075-02-11] >> >> ---- >> >> Can you precise what's work with your board ? >> >> Best regards >> >> >> >> Le 06/03/2025 à 23:47, Alexandre Esse a écrit : >> >> Hello, >> >> Here is a short message to notify the mailing list that I proposed a >> merge request on chopstx: >> https://salsa.debian.org/gnuk-team/chopstx/chopstx/-/merge_requests/1 >> >> This is the first step to add gnuk support for Blue Pill Plus boards >> <https://github.com/WeActStudio/BluePill-Plus/>. >> >> Not sure if this is the way to contribute: looking forward to your >> feedback. >> >> Regards, >> Alexandre >> >> _______________________________________________ >> Gnuk-users mailing >> [email protected]https://lists.gnupg.org/mailman/listinfo/gnuk-users >> >>
_______________________________________________ Gnuk-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnuk-users
