This is equivalent of passing debug on kernel command line from coreboot config, even is enabled through config options and saved back in CBFS.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
I give up trying to make Nitrokey do the right thing. They will propose PR to Heads next to fix their own fixes for their own caused regressions and security vulns.
I just stopped caring for sanity reasons, i'm making quiet+eom/user-reownership fixes for feature freeze. If nitrokey pays, there is gonna be future collaboration, if they don't, they will do Heads related stuff themselves.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Insights:
- We should use oem generated pubkey naming to distinguish between oem/user generated keys and try to use default PINs also for GPG User to sign with default PIN and warn even if it works/doesn't, urging users to do reownership
- Point is that oem factory reset does in the direction of using randomized PINs, while continuing to use those for a user should be strongly discouraged
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
(PR 43 not in which fixes hotp_verification info, needed to reuse default PINs under seal-hotp if pubkey age <1 month and if Secret app PIN/GPG Admin PIN count >=3 )
Repro:
mkdir patches/hotp-verification-e9050e0c914e7a8ffef5d1c82a014e0e2bf79346
wget https://patch-diff.githubusercontent.com/raw/Nitrokey/nitrokey-hotp-verification/pull/46.patch -O patches/hotp-verification-e9050e0c914e7a8ffef5d1c82a014e0e2bf79346/46.patch
sudo rm -rf build/x86/hotp-verification-e9050e0c914e7a8ffef5d1c82a014e0e2bf79346/
./docker_repro.sh make BOARD=qemu-coreboot-whiptail-tpm2-hotp USB_TOKEN=Nitrokey3NFC PUBKEY_ASC=pubkey.asc inject_gpg run
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
We're adding leading blank lines, which makes the prompt look odd and
now have to be removed later. Just stop adding the leading blank
lines.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
The dice-rolls method was relatively complex and somewhat biased
(~2.4% biased toward 1-4 on each roll due to modulo bias).
Just pick a line from the dictionary at random. Using all 32 bits of
entropy to pick a line once distributes the modulo bias so it is only
0.000003% biased toward the first 1263 words.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
TODO: further specialize warning prompt to tell what is going to happen (randomized PIN, signle custom randomized PIN etc)
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
works:
- oem and user mode passphrase generation
- qrcode
missing:
- unattended
- luks reencryption + passphrase change for OEM mode (only input to be provided) with SINGLE passphrase when in unattended mode
- same for user reownership when previously OEM reset unattended
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Nothing uses it for the moment, needs to be called from recovery shell: bash, source /etc/functions. generate_passphrase
- parses dictionary to check how many dice rolls needed on first entry, defaults to EFF short list v2 (bigger words easier to remember, 4 dices roll instead of 5)
- defaults to using initrd/etc/diceware_dictionnaries/eff_short_wordlist_2_0.txt, parametrable
- make sure format of dictionary is 'digit word' and fail early otherwise: we expect EFF diceware format dictionaries
- enforces max length of 256 chars, parametrable, reduces number of words to fit if not override
- enforces default 3 words passphrase, parametrable
- enforces captialization of first letter, lowercase parametrable
- read multiple bytes from /dev/urandom to fit number of dice rolls
Unrelated: uniformize format of file
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Mitigate misunderstands and show GPG User/Admin PIN counts until proper output exists under hotp_verification info to reduce global confusion
Add TODO under initrd/bin/seal-hotpkey to not foget to fix output since now outputting counter of 8 for Admin PIN which makes no sense at all under hotp_verification 1.6 https://github.com/Nitrokey/nitrokey-hotp-verification/issues/38
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
