Commit a9a4d4d5 authored by Angus Ainslie's avatar Angus Ainslie

PURISM.md : add instructions for Purism

Librem5 setup instructions
Signed-off-by: default avatarAngus Ainslie <angus@akkea.ca>
parent 03bdbc4b
Pipeline #63849 passed with stage
in 56 seconds
Flashing the firmware
=====================
Install the Pre-requisistes
---------------------------
```
$ sudo apt install stm32flash
```
Flash the Firmware
------------------
This only works after a reboot of the phone
```
$ scripts/stm_reflash.sh
```
Smartcard daemons setup
=======================
Automatic setup
---------------
Run the smat card setup script
```
$ scripts/smartcard_setup.sh
```
Manual setup
------------
This just details the setup steps performed by the setup script
Install the Pre-requisistes
---------------------------
```
$ sudo apt install pcscd pcsc_tools stm32flash
```
For the Purism Librem5 (Dogwood and newer)
------------------------------------------
Serial line configuration for Librem5:
/etc/reader.conf.d/libccidtwin
```
DEVICENAME /dev/ttymxc2:SEC1210
FRIENDLYNAME "TTXS serial"
LIBPATH /usr/lib/pcsc/drivers/serial/libccidtwin.so
```
Edit ~/.gnupg/scdaemon.conf
```
disable-ccid
```
Edit /lib/systemd/system/pcscd.service and add this line under [Service]
```
ExecStartPre=/bin/bash -c "echo 1 > /sys/class/leds/smc_en/brightness && sleep 2"
```
Testing the smartcard
---------------------
pcsc tools can be used to test the smartcard reader firmware and pcscd. Reader 1 will always show an error as it is a non existant interface.
```
$ pcsc_scan
Using reader plug'n play mechanism
Scanning present readers...
0: TTXS serial 00 00
1: TTXS serial 00 01
Fri Jan 29 15:52:26 2021
Reader 0: TTXS serial 00 00
Event number:
Card state: Card inserted, Exclusive Mode,
ATR: 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 F5 73 C0 01 60 00 90 00 1C
ATR: 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 F5 73 C0 01 60 00 90 00 1C
+ TS = 3B --> Direct Convention
+ T0 = DA, Y(1): 1101, K: 10 (historical bytes)
TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU
129032 bits/s at 4 MHz, fMax for Fi = 5 MHz => 161290 bits/s
TC(1) = FF --> Extra guard time: 255 (special value)
TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1
-----
TD(2) = B1 --> Y(i+1) = 1011, Protocol T = 1
-----
TA(3) = FE --> IFSC: 254
TB(3) = 75 --> Block Waiting Integer: 7 - Character Waiting Integer: 5
TD(3) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following
-----
TA(4) = 03 --> Clock stop: not supported - Class accepted by the card: (3G) A 5V B 3V
+ Historical bytes: 00 31 F5 73 C0 01 60 00 90 00
Category indicator byte: 00 (compact TLV data object)
Tag: 3, len: 1 (card service data byte)
Card service data byte: F5
- Application selection: by full DF name
- Application selection: by partial DF name
- BER-TLV data objects available in EF.DIR
- BER-TLV data objects available in EF.ATR
- EF.DIR and EF.ATR access services: by GET DATA command
- Card without MF
Tag: 7, len: 3 (card capabilities)
Selection methods: C0
- DF selection by full DF name
- DF selection by partial DF name
Data coding byte: 01
- Behaviour of write functions: one-time write
- Value 'FF' for the first byte of BER-TLV tag fields: invalid
- Data unit in quartets: 2
Command chaining, length fields and logical channels: 60
- Extended Lc and Le fields
- RFU (should not happen)
- Logical channel number assignment: No logical channel
- Maximum number of logical channels: 1
Mandatory status indicator (3 last bytes)
LCS (life card cycle): 00 (No information given)
SW: 9000 (Normal processing.)
+ TCK = 1C (correct checksum)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B DA 18 FF 81 B1 FE 75 1F 03 00 31 F5 73 C0 01 60 00 90 00 1C
OpenPGP Card V3
Reader 1: TTXS serial 00 01
Event number:
Card state: Card inserted, Unresponsive card,
```
gnupg will also test the scdaemon configuration
```
$ gpg --card-status
Reader ...........: TTXS serial 00 00
Application ID ...: D276000124010303000500008FF10000
Version ..........: 3.3
Manufacturer .....: ZeitControl
Serial number ....: 00008FF1
Name of cardholder: [not set]
Language prefs ...: de
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
KDF setting ......: on
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]
```
Debugging
---------
Debugging with pcscd:
```
$ killall pcscd
$ LIBCCID_ifdLogLevel=0xffff pcscd -f --debug
```
TODO
====
Turn the stm micro off when ttymxc2 gets closed
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment