Tool to configure Gnuk Token

2011-05-12

In Gnuk source distribution, there is a script with file name gnuk_put_binary.py which is written in Python.

Until version 0.11, it directly communicates USB layer with PyUSB. It requires root privilege to stop PC/SC daemon and run the script.

On 2011-05-11, it is rewritten with pyscard. Pyscard is Python binding of PC/SC. Now, there is no requirement for root.

This tool supports three things.

  • Update the page of random bytes Gnuk doesn't have random number generater. It use random bytes page instead. This page should be initialized before use of the OpenPGP application.
  • Update card holder certificate Gnuk supports the data object named 'card holder certificate', but it is read-only object (it is read-write DO by the definition of OpenPGP card specification). It is read-only, because of the size. The tool supports writing card holder certificate to the card.
  • Write serial number of the card (one time) Serial number can be write (once). If not, it will be generated by first four bytes of STM32F103's unique ID.