{"id":22253529,"url":"https://github.com/nitrokey/nitrokey-start-firmware","last_synced_at":"2025-07-28T05:32:39.279Z","repository":{"id":36325505,"uuid":"40630184","full_name":"Nitrokey/nitrokey-start-firmware","owner":"Nitrokey","description":"A mirror of Gnuk's 1.0.x and 1.2.x branches.","archived":false,"fork":false,"pushed_at":"2023-10-17T20:50:11.000Z","size":19151,"stargazers_count":56,"open_issues_count":34,"forks_count":15,"subscribers_count":14,"default_branch":"gnuk1.2-regnual-fix","last_synced_at":"2025-07-18T07:42:24.127Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Nitrokey.png","metadata":{"files":{"readme":"README","changelog":"ChangeLog","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-08-13T00:04:09.000Z","updated_at":"2025-02-24T08:18:48.000Z","dependencies_parsed_at":"2024-01-16T05:37:07.711Z","dependency_job_id":"a255bd7e-a5f8-4432-8daa-a61c1e8807d0","html_url":"https://github.com/Nitrokey/nitrokey-start-firmware","commit_stats":null,"previous_names":[],"tags_count":38,"template":false,"template_full_name":null,"purl":"pkg:github/Nitrokey/nitrokey-start-firmware","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitrokey%2Fnitrokey-start-firmware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitrokey%2Fnitrokey-start-firmware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitrokey%2Fnitrokey-start-firmware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitrokey%2Fnitrokey-start-firmware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Nitrokey","download_url":"https://codeload.github.com/Nitrokey/nitrokey-start-firmware/tar.gz/refs/heads/gnuk1.2-regnual-fix","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitrokey%2Fnitrokey-start-firmware/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267468334,"owners_count":24092323,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-28T02:00:09.689Z","response_time":68,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-03T07:18:47.904Z","updated_at":"2025-07-28T05:32:38.511Z","avatar_url":"https://github.com/Nitrokey.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"Gnuk - An Implementation of USB Cryptographic Token for GnuPG\n\n\t\t\t\t\t\t\t Version 1.2.19\n\t\t\t\t\t\t\t     2021-10-12\n\t\t\t\t\t\t\t   Niibe Yutaka\n\t\t\t\t      Free Software Initiative of Japan\n\nRelease Notes\n=============\n\nThis is the release of Gnuk, version 1.2.19, which has major\nincompatible changes to Gnuk 1.0.x.  Specifically, it now supports\noverriding key import, but importing keys (or generating keys) results\npassword reset.  Also, you need to import private keys before changing\nyour password.  Please update your documentation for Gnuk Token, so\nthat the instruction of importing keys won't cause any confusion.\n\nIt has supports of Ed25519 and X25519 (ECDH on Curve25519).  It also\nhas experimental support of ECDSA (on NIST P256 and secp256k1) and\nECDH (on NIST P256 and secp256k1).\n\nIt also supports RSA-4096, but users should know that it takes more\nthan 8 seconds to sign/decrypt.  Key generation of RSA-4096 just fails,\nbecause the device doesn't have enough memory.\n\nIt supports new KDF-DO feature.  Please note that this is\nexperimental.  To use the feature, you need to use newer GnuPG (2.2.6\nor later).  You need to prepare the KDF-DO on your token by the\ncard-edit/kdf-setup command.\n\nWith FST-01SZ and GNU/Linux emulation, experimental ack button support\nis available for test.\n\n\nWhat's Gnuk?\n============\n\nGnuk is an implementation of USB cryptographic token for GNU Privacy\nGuard.  Gnuk supports OpenPGP card protocol version 3, and it runs on\nSTM32F103 processor (and its compatible).\n\nI wish that Gnuk will be a developer's soother who uses GnuPG.  I have\nbeen nervous of storing secret key(s) on usual secondary storage.\nThere is a solution with OpenPGP card, but it is not the choice for\nme, as card reader is not common device.  With Gnuk, this issue will\nbe solved by a USB token.\n\nPlease look at the graphics of \"gnuk.svg\" for the software name.  My\nson used to be with his NUK(R), always, everywhere.  Now, I am with a\nUSB Cryptographic Token by \"Gnuk\", always, everywhere.\n\n\nFAQ\n===\n\nQ0: How Gnuk USB Token is superior than other solutions (OpenPGP\n    card 2.0/3.3/3.4, YubiKey, etc.) ?\n    https://www.g10code.de/p-card.html\n    https://www.yubico.com/\nA0: Good points of Gnuk are:\n    * If you have skill of electronics and like DIY, you can build\n      Gnuk Token cheaper (see Q8-A8).\n    * You can study Gnuk to modify and to enhance.  For example, you\n      can implement your own authentication method with some sensor\n      such as an acceleration sensor.\n    * It is \"of Free Software\"; Gnuk is distributed under GPLv3+,\n\t    \"by Free Software\"; Gnuk development requires only Free Software\n\t\t\t\t(GNU Toolchain, Python, etc.), \n\t    \"for Free Software\"; Gnuk supports GnuPG.\n\nQ1: What kind of key algorithm is supported?\nA1: Gnuk version 1.0 only supports RSA-2048.\n    Gnuk version 1.2.x supports 255-bit EdDSA, as well as RSA-4096.\n    (Note that it takes long time to sign with RSA-4096.)\n\nQ2: How long does it take for digital signing?\nA2: It takes a second and a half or so for RSA-2048. \n    It takes more than 8 seconds for RSA-4096.\n\nQ3: What's your recommendation for target board?\nA3: Orthodox choice is Olimex STM32-H103.\n    FST-01SZ (Flying Stone Tiny 01 SZ) is available for sale, and it\n    is a kind of the best choice, hopefully.  If you have a skill of\n    electronics, STM32 Nucleo F103 is the best choice for experiment.\n\nQ4: What's version of GnuPG are you using?\nA4: In Debian GNU/Linux system, I use GnuPG modern 2.2.23.\n\nQ5: What's version of pcscd and libccid are you using?\nA5: I don't use them, pcscd and libccid are optional, you can use Gnuk\n    Token without them.\n    I tested pcscd 1.5.5-4 and libccid 1.3.11-2 which were in Debian\n    squeeze.\n\nQ6: What kinds of hardware is required for development?\nA6: You need a target board plus a JTAG/SWD debugger.  If you just\n    want to test Gnuk for target boards with DfuSe, JTAG debugger is\n    not the requirement.  Note that for real use, you need JTAG/SWD\n    debugger to enable flash ROM protection.\n\nQ7: How much does it cost?\nA7: Olimex STM32-H103 plus ARM-USB-TINY-H cost 70 Euro or so.\n\nQ8: How much does it cost for DIY version?\nA8: STM32 Nucleo F103 costs about $10 USD.\n\nQ9: I got an error like \"gpg: selecting openpgp failed: ec=6.108\", what's up?\nA9: Older GnuPG's SCDaemon has problems for handling insertion/removal of\n    card/reader.  When your newly inserted token is not found by\n    GnuPG, try killing scdaemon and let it to be invoked again.  I do:\n\n\t $ gpg-connect-agent \"SCD KILLSCD\" \"SCD BYE\" /bye\n\n    and confirm scdaemon doesn't exist, then,\n\n\t $ gpg-connect-agent learn /bye\n\nQa: With GNOME 2, I can't use Gnuk Token for SSH.  How can we use it for SSH?\nAa: You need to deactivate seahorse-agent and gnome-keyring, but use\n    gpg-agant for the role of ssh-agent.  For gnome-keyring please do:\n\n      $ gconftool-2 --type bool --set /apps/gnome-keyring/daemon-components/ssh false\n\nQb: With GNOME 3.0, I can't use Gnuk Token at all.  Why?\nAb: That's because gnome-keyring-daemon interferes GnuPG.  Type:\n\n      $ gnome-session-properties\n\n    and at the tab of \"Startup Programs\", disable check buttons for\n    \"GPG Password Agent\" and \"SSH Key Agent\".\n\nQc: With GNOME 3.x (x \u003e= 8?), I can't use Gnuk Token at all.  Why?\nAc: That's because gnome-keyring-daemon interferes GnuPG.  Please\n    disable the invocation of gnome-keyring-daemon.  In Debian\n    wheezy, it's in the files /etc/xdg/autostart/gnome-keyring-ssh.desktop\n    and /etc/xdg/autostart/gnome-keyring-gpg.desktop.\n    We have a line something like:\n\n        OnlyShowIn=GNOME;Unity;MATE;\n\n    Please edit this line to:\n\n        OnlyShowIn=\n\nQd: Do you know a good SWD debugger to connect FST-01 or something?\nAd: ST-Link/V2 is cheap one.  We have a tool/stlinkv2.py as flash ROM\n    writer program.  STM32 Nucleo F103 comes with the valiant of\n    ST-Link/V2.  Note that the firmware of ST-Link/V2 is proprietary.\n    So, in case of transparency matters, ST-Link/V2 would not be your\n    choice.\n    I care transparency for our process of manufacturing FST-01SZ (and\n    better control by Free Software, in general), thus, I develop\n    BBG-SWD, SWD debugger by BeagleBone Green.\n    I use ST-Link/V2 for daily development.  For serious task like\n    flashing product, I use BBG-SWD.\n\n\nTested features\n===============\n\nGnuk is tested by test suite.  Please see the \"tests\" directory.\n\n\t* Personalization of the card\n\t  * Changing Login name, URL, Name, Sex, Language, etc.\n\t* Password handling (PW1, RC, PW3)\n\t* Key import for three types:\n\t  * key for digital signing\n\t  * key for decryption\n\t  * key for authentication\n\t* PSO: Digital Signature\n\t* PSO: Decipher\n\t* INTERNAL AUTHENTICATE\n\t* Changing value of password status bytes (0x00C4): forcesig\n\t* Verify with pin pad\n\t* Modify with pin pad\n\t* Card holder certificate (read)\n\t* Removal of keys\n\t* Key generation on device side for RSA-2048\n\t* Overriding key import\n\nOriginal features of Gnuk, tested manually lightly:\n\n\t* OpenPGP card serial number setup\n\t* Card holder certificate (write by UPDATE BINARY)\n\t* Upgrading with \"EXTERNAL AUTHENTICATE\" by reGNUal\n\n\nTargets\n=======\n\nWe use Olimex STM32-H103 board and Flying Stone Tiny 01 (FST-01).\n\nWith DfuSe support, STBee is also our targets.  But this target with\nDfuSe is for experiment only, because it is impossible for DfuSe to\ndisable read from flash.  For real use, please consider killing DfuSe\nand enabling read protection using JTAG debugger.\n\n\nBuild system and Host system\n============================\n\nMakefile is written for GNU make.  You need Bash 4.x for configure.\n\nIf your bash is not installed as /bin/bash, you need to run configure\nscript prepending 'bash' before './configure'.\n\nSome tools are written in Python.  If your Python is not installed as\n/usr/bin/python, please prepend 'python' or 'python3' for your command\ninvocation.  I use Python 3.8 and PyUSB 1.0.2.\n\n\nSource code\n===========\n\nGnuk source code is under src/ directory.\n\nNote that SHA-2 hash function implementation, src/sha256.c, is based\non the original implementation by Dr. Brian Gladman.  See:\n\n  http://brg.a2hosted.com//oldsite/cryptography_technology/sha/index.php\n(was at:\n http://gladman.plushost.co.uk/oldsite/cryptography_technology/sha/index.php)\n\n\nLicense\n=======\n\nIt is distributed under GNU General Public Licence version 3 or later\n(GPLv3+).  Please see src/COPYING.\n\nPlease note that it is distributed with external source code too.\nPlease read relevant licenses for external source code as well.\n\nThe author(s) of Gnuk expect users of Gnuk will be able to access the\nsource code of Gnuk, so that users can study the code and can modify\nif needed.  This doesn't mean person who has a Gnuk Token should be\nable to access everything on the Token, regardless of its protections.\nPrivate keys, and other information should be protected properly.\n\n\nExternal source code\n====================\n\nGnuk is distributed with external source code.\n\n* chopstx/  -- Chopstx 1.20\n\n  We use Chopstx as the kernel for Gnuk.\n\n  Chopstx is distributed under GPLv3+ (with a special exception).\n\n\n* polarssl/  -- based on PolarSSL 1.2.10 (now mbedTLS)\n\n  Souce code taken from: http://polarssl.org/\n\n  We use PolarSSL for RSA computation, and AES encryption/decryption.\n\n  PolarSSL is distributed under GPLv2+.  We use PolarSSL under GPLv3\n  as our options.\n\n  The file include/polarssl/bn_mul.h is heavily modified for ARM\n  Cortex-M3.\n\n  The function rsa_private in polarssl/library/rsa.c is modified so\n  that it doesn't check T against N.  The function rsa_pkcs1_sign is\n  modified to avoid warnings in case of !POLARSSL_PKCS1_V21.\n\n  The functions rsa_pkcs1_verify and rsa_rsassa_pkcs1_v15_verify in\n  include/polarssl/rsa.h and polarssl/library/rsa.c are modified\n  (fixed) for last argument SIG, as the memory at SIG aren't modified\n  by those routines.\n\n  The constant POLARSSL_MPI_MAX_SIZE in include/polarssl/bignum.h is\n  modified for 2048-bit keys only Gnuk.\n\n  The function mpi_mul_hlp in library/bignum.c is modified for more\n  optimization for ARM Cortex-M3.  Functions mpi_montred, mpi_sub_hlp,\n  mpi_sub_abs, mpi_mul_mpi, mpi_montmul, and mpi_exp_mod are modified\n  to avoid side channel attacks.  Note that we don't use RSA-blinding\n  technique for Gnuk.  Function mpi_gen_prime and mpi_is_prime are\n  modified to use Fouque-Tibouchi method.  Function mpi_exp_mod is\n  modified to use new function mpi_montsqr for speed up.\n\n  The file library/aes.c is modified so that some constants can\n  go to .sys section.\n\n  The file include/polarssl/config.h are modified not to define\n  POLARSSL_HAVE_LONGLONG to avoid linking libgcc, to define\n  POLARSSL_AES_ROM_TABLES to have AES tables, not to define\n  POLARSSL_CIPHER_MODE_CTR, POLARSSL_FS_IO, POLARSSL_PKCS1_V21,\n  POLARSSL_SELF_TEST, and POLARSSL_PADLOCK_C, and only define\n  POLARSSL_GENPRIME when defined KEYGEN_SUPPORT.\n\n  And polarssl/library/bignum.c is modified to work on 64-bit machine.\n\n  Aurelien Jarno also modified:\n\n\tpolarssl/include/polarssl/bn_mul.h\n\tpolarssl/library/bignum.c\n\n  See ChangeLog (and/or history of git) for detail.\n\n\nUSB vendor ID and product ID (USB device ID)\n============================================\n\nWhen you have a vendor ID and assign a product ID for Gnuk, edit the\nfile GNUK_USB_DEVICE_ID and add an entry for yours.  In this case,\nplease contact Niibe, so that it is listed to the file in the official\nrelease of the source code.\n\nWhen you are modifing Gnuk and installing the binary to device, you\nshould replace the vendor string and serial number to yours (in the\nfile GNUK_USB_DEVICE_ID and SERIALNO of the script of src/configure),\nso that users can see it's not by original vendor, and it is modified\nversion.\n\nFSIJ allows you to use USB device ID of FSIJ (234b:0000) for devices\nwith Gnuk under one of following conditions:\n\n  * For everyone for experimental purpose:\n\n    - You must not distribute a binary with FSIJ's USB device ID, but\n      must use the binary by yourself only for your experiment.  Note\n      that \"Distributing binary\" includes distributing a device which\n      holds the binary.\n\n  * For general individuals:\n\n    - You must use your Gnuk device with a card serial number which is\n      *not* by FSIJ.  Easy one would be a card serial number generated\n      by chip unique ID.\n\n  * For individuals with explicit permission from FSIJ.\n\n    - You should have an assigned card serial number by FSIJ,\n      please use that number for your device.\n      (There a file 'GNUK_SERIAL_NUMBER' in the official release.)\n\nFSIJ could give companies or business entities \"second source\nmanufacturer\" license to use USB device ID of FSIJ for devices with\nunmodified version of Gnuk, provided they support Free Software and\nrespect users' freedom for computing.  Please ask FSIJ for the\nlicense.\n\nOtherwise, companies which want to distribute Gnuk devices, please use\nyour own USB vendor ID and product ID.  Please replace vendor string\nand possibly product string to yours, when you modify Gnuk.\n\n\nHost Requirements\n=================\n\nFor GNU/Linux, PC/SC service is an option, you can use GnuPG's\ninternal CCID driver instead.  If you chose using PC/SC service,\nlibccid version \u003e= 1.3.11 is recommended for GNU/Linux.\n\n\nHow to compile\n==============\n\nYou need GNU toolchain and newlib for 'arm-none-eabi' target.\n\nOn Debian we can install the packages of gcc-arm-none-eabi\nand its friends.  I'm using:\n\n\tbinutils-arm-none-eabi\t2.35.2-2+14+b2\n\tgcc-arm-none-eabi \t15:8-2019-q3-1+b1\n\tlibnewlib-arm-none-eabi\t3.3.0-1\n\tgdb-multiarch \t\t10.1-2\n\nOr else, see https://launchpad.net/gcc-arm-embedded for preparation of\nGNU Toolchain for 'arm-none-eabi' target.\n\nChange directory to `src':\n\n  $ cd gnuk-VERSION/src\n\nThen, run `configure':\n\n  $ ./configure --vidpid=\u003cVID:PID\u003e\n\nHere, you need to specify USB vendor ID and product ID.  For FSIJ's,\nit's: --vidpid=234b:0000 .  Please read section 'USB vendor ID and\nproduct ID' above.\n\n\nThen, type:\n\n  $ make\n\nThen, we will have \"gnuk.elf\" under src/build directory.\n\nIf you are not the authorized vendor, please never distribute this\nfile of \"gnuk.elf\", which includes VID:PID in the image.  If you would\nlike to distribute the image (for example, to check if it's\nreproducible or not), the file \"gnuk-no-vidpid.elf\" is the one with no\nVID:PID.\n\n\nHow to install\n==============\n\nOlimex STM32-H103 board\n-----------------------\n\nIf you are using Olimex JTAG-Tiny, type following to invoke OpenOCD\nand write \"gnuk.elf\" to Flash ROM:\n\n  $ openocd -f interface/ftdi/olimex-jtag-tiny.cfg \\\n            -f board/olimex_stm32_h103.cfg \\\n            -c \"program build/gnuk.elf verify reset exit\"\n\nCommand invocation is assumed in src/ directory.\n\n\nFlying Stone Tiny 01\n--------------------\n\nIf you are using Flying Stone Tiny 01, you need a SWD writer.\n\nOpenOCD 0.9.0 now supports ST-Link/V2.  We can use it like:\n\n  $ openocd -f interface/stlink-v2.cfg -f target/stm32f1x.cfg \\\n            -c \"program build/gnuk.elf verify reset exit\"\n\n\nSTBee\n-----\n\nNote that this is only for your experiment; Your private key materials\non the board can be accessed by DfuSe.\n\nReset the board with \"USER\" switch pushed.  Type following to write\nto flash:\n\n  # cd ../tool\n  # ./dfuse.py ../src/build/gnuk.hex\n\nThen, reset the board.\n\n\nHow to protect flash ROM\n========================\n\nTo protect, invoke OpenOCD like (for FST-01):\n\n  $ openocd -f interface/stlink-v2.cfg -f target/stm32f1x.cfg \\\n            -c init -c \"reset halt\" -c \"stm32f1x lock 0\" -c reset -c exit\n\nAfter power-off / power-on sequence, the contents of flash ROM cannot\nbe accessible from JTAG debugger.\n\nUnprotecting is:\n\n  $ openocd -f interface/stlink-v2.cfg -f target/stm32f1x.cfg \\\n            -c init -c \"reset halt\" -c \"stm32f1x unlock 0\" -c reset -c exit\n\nUpon unprotection, flash is erased.\n\nNote that it would be still possible for some implementation of DfuSe\nto access the contents, even if it's protected.  If you really want to\nprotect, killing DfuSe and accessing by JTAG debugger is recommended.\n\n\n(Optional) Configure serial number and X.509 certificate\n========================================================\n\nThis is completely optional.\n\nFor this procedure, you need python and pyscard (python-pyscard\npackage in Debian) or PyUSB (python-usb package in Debian).\n\n(1) [pyscard] Stop scdaemon\n    [PyUSB] Stop the pcsc daemon.\n\nIf scdaemon is running, please kill it, or you will get \"Smartcard\nException\" by \"Sharing violation\".\n\n  $ gpg-connect-agent \"SCD KILLSCD\" \"SCD BYE\" /bye\n\nIn case of PyUSB tool, you need to stop pcscd.\n\n  # systemctl stop pcscd\n\n\n(2) [Optional] Write fixed serial number\n\nIf you use fixed serial number in the file 'GNUK_SERIAL_NUMBER', you can do:\n\n  $ EMAIL=\u003cYOUR-EMAIL-ADDRESS\u003e ../tool/gnuk_put_binary_usb.py -s ../GNUK_SERIAL_NUMBER\n  Writing serial number\n  ...\n\n(3) [Optional] Write card holder certificate\n\nIf you have card holder certificate binary file, you can do:\n\n  $ ../tool/gnuk_put_binary_usb.py ../../\u003cYOUR-CERTIFICATE\u003e.bin\n  ../../\u003cYOUR-CERTIFICATE\u003e.bin: \u003cLENGTH-OF-YOUR-CERTIFICATE\u003e\n  Updating card holder certificate\n  ...\n\n\nHow to run\n==========\n\nDebug enabled\n-------------\n\nIf you compiled with --enable-debug option, Gnuk has two interfaces\n(one is CCID/ICCD device and another is virtual COM port).  Open\nvirtual COM port by:\n\n  $ cu -l /dev/ttyACM0\n\nand you will see debug output of Gnuk.\n\n\nTesting Gnuk\n------------\n\nType following command to see Gnuk runs:\n\n  $ gpg --card-status\n\n\nBesides, there is a functionality test under tests/ directory.  See\ntests/README.\n\n\nPersonalize the Token, import keys, and change the password\n-----------------------------------------------------------\n\nYou can personalize the token, putting your information like: Name,\nLogin name, Sex, Languages, URL.  To do so, GnuPG command is:\n\n  $ gpg --card-edit\n\nNote that the factory setting of user password is \"123456\" and admin\npassword is \"12345678\" as the specification.\n\nIt is recommended to create your keys on your computer, and import\nthem to Gnuk Token.  After you create your keys (they must be 2048-bit\nRSA), you can import them.\n\nGnuk supports key generation, but this feature is young and should be\nconsidered experimental.\n\nFor detail, please see documentation under doc/.  You can see the HTML\nversion at: https://www.fsij.org/doc-gnuk/\n\n\nHow to debug\n============\n\nWe can use GDB.\n\n  $ arm-none-eabi-gdb gnuk.elf\n\n\nInside GDB, we can connect OpenOCD by:\n\n  (gdb) target remote localhost:3333\n\nor\n\n  (gdb) target extended-remote localhost:3333\n\n\nYou can see the output of PCSCD:\n\n  # /etc/init.d/pcscd stop\n  # LIBCCID_ifdLogLevel=7 /usr/sbin/pcscd --debug --foreground\n\n\nYou can observe the traffic of USB using \"usbmon\".  See the file:\nlinux/Documentation/usb/usbmon.txt\n\n\nFirmware update\n===============\n\nSee doc/note/firmware-update.\n\n\nGit Repositories\n================\n\nPlease use: https://salsa.debian.org/gnuk-team/gnuk/\n\nYou can get it by:\n \n    $ git clone https://salsa.debian.org/gnuk-team/gnuk/gnuk.git\n\nIt's also available at: www.gniibe.org\nYou can browse at: https://git.gniibe.org/cgit/gnuk/gnuk.git/\n\nI put Chopstx as a submodule of Git.  Please do this:\n\n    $ git submodule update --init\n\n\nInformation on the Web\n======================\n\nFor more information, please visit: https://www.fsij.org/gnuk/\n\nPlease see the FST-01 support pages:\n\n    https://www.gniibe.org/category/fst-01.html\n\nPlease consider to join Gnuk-users mailing list:\n\n    https://lists.gnupg.org/mailman/listinfo/gnuk-users\n\n\n\nYour Contributions\n==================\n\nFSIJ welcomes your contributions.  Please assign your copyright\nto FSIJ (if possible), as I do.\n\n\nFoot note\n==========\n\n* NUK(R) is a registered trademark owend by MAPA GmbH, Germany.\n-- \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnitrokey%2Fnitrokey-start-firmware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnitrokey%2Fnitrokey-start-firmware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnitrokey%2Fnitrokey-start-firmware/lists"}