Skip to content

yfe404/how-to-diy-openpgp-card

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 

Repository files navigation

DIY OpenPGP Card

Introduction

This repository provides instructions and resources for building your own OpenPGP card using open-source hardware and software. The OpenPGP card is a smart card integrated with many OpenPGP functions, enabling cryptographic tasks like encryption, decryption, digital signing, verification, and authentication.

What is an OpenPGP Card?

From Wikipedia:

In cryptography, the OpenPGP card is an ISO/IEC 7816-4, -8 compatible smart card integrated with many OpenPGP functions. It allows secure storage of secret key material and supports various cryptographic tasks. Private keys and passwords cannot be read from the card with any command or function, ensuring security.

Purpose of this Repository

This project guides you through the steps to create your own OpenPGP card. The total cost was approximately 25 euros, but with careful sourcing from Aliexpress or eBay, the cost can potentially be reduced to under 9 euros.

Materials Needed

Background Tutorial

For more context, visit The Static Turtle Blog.

Instructions

Setting Up the Environment

Clone the repository and set up the environment:

git clone https://github.com/TheStaticTurtle/gnuk
cd gnuk
git pull
git submodule update --init
git submodule sync
git submodule update --remote
cd chopstx
git pull origin master
cd ..
cd src
./configure --vidpid=234b:0000 --target=TURTLE_AUTH --enable-confirm-button
make clean
make

Flashing the Firmware

Connect the Blue Pill using the St-Link and run the following commands:

sudo /usr/local/bin/openocd -f /usr/local/share/openocd/scripts/interface/stlink-v2.cfg -f /usr/local/share/openocd/scripts/target/stm32f1x.cfg

In another terminal, execute:

# Commands to unlock and flash the STM32
echo 'stm32f1x unlock 0' > tmp.network
echo 'reset halt' >> tmp.network
echo 'stm32f1x unlock 0' >> tmp.network
echo 'reset halt' >> tmp.network
echo 'flash erase_sector 0 0 127' >> tmp.network
echo 'flash write_bank 0 ./gnuk/src/build/gnuk.bin 0' >> tmp.network
echo 'reset' >> tmp.network
echo 'exit' >> tmp.network

cat tmp.network | netcat 127.0.0.1 4444
rm tmp.network

Verifying the Installation

After flashing, verify the installation with:

dmesg
gpg --card-status

Troubleshooting

Connection Failure with STLink-V2 Using OpenOCD

In case of connection failure, press and hold the reset button while OpenOCD is trying to connect. More Info

Flashing STM32

Refer to this guide for detailed instructions.

Card Not Available Error

If encountering 'No such device' errors, try:

gpgconf --kill gpg-agent

Source

Enabling SSH Access

For SSH access configuration, refer to these resources:

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published