search

Nitrokey / nitrokey-start-firmware

A mirror of Gnuk's 1.0.x and 1.2.x branches.
56 stars 15 forks source link

Multiple identity support #33

Closed kliment closed 4 years ago

kliment commented 4 years ago

This PR implements multiple identity support for the NK Start. Identities are changed with ccid command 0x85 (or tool/set_identity.py). The card serial number is different for each identity, each identity has its own keys, data objects, and cert-DOs. All identities are identical in functionality, with the exception of identity 2, where the cert-DO is limited in size to 1 page (1kb) rather than 2kb like in identities 0 and 1. Factory reset currently resets the current identity only. The firmware update key is global to all identities. Changing identity resets the device and causes a USB re-enumeration.

szszszsz commented 4 years ago

Will be merged and signed manually.