From a22166f6e0750fbddf564f244bb96d94524296d4 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sun, 17 Jan 2021 15:26:04 -0300 Subject: Fix: cleanup and refactor --- research/token.md | 57 ------------------------------------------------------- 1 file changed, 57 deletions(-) delete mode 100644 research/token.md (limited to 'research/token.md') diff --git a/research/token.md b/research/token.md deleted file mode 100644 index 36610ac..0000000 --- a/research/token.md +++ /dev/null @@ -1,57 +0,0 @@ -[[!meta title="Tokens USB"]] - -## Gnuk - -* [Free Software Initiative of Japan - gnuk](http://www.fsij.org/category/gnuk.html) -* [Gnuk Documentation — Gnuk Documentation 1.0 documentation](http://www.fsij.org/doc-gnuk/) -* [Gnuk - Noisebridge](https://noisebridge.net/wiki/Gnuk). -* [FST-01 - Seeed Wiki](http://wiki.seeed.cc/FST-01/). -* [Questions - FST-01 Q&A Forum](http://no-passwd.net/askbot/questions/). -* [Programming the FST-01 (gnuk) with a Bus Pirate + OpenOCD](https://www.earth.li/~noodles/blog/2015/08/program-fst01-with-buspirate.html). -* [Gnuk Token and GnuPG scdaemon](https://fosdem.org/2018/schedule/event/hwenablement_gnuk_token_and_gnupg_scdaemon/). -* [FST-01 gnuk firmware update via USB](https://raymii.org/s/tutorials/FST-01_firmware_upgrade_via_usb.html). -* [Gnuk source code](https://salsa.debian.org/gnuk-team/gnuk/gnuk). -* Threat modeling: - * [How safe is Gnuk against side channel attacks, USB sniffer, or electron/tunneling microscope? - FST-01 Q&A Forum](http://no-passwd.net/askbot/question/33/how-safe-is-gnuk-against-side-channel-attacks-usb/). - * [How does Gnuk protect against attacks to extract private keys? - FST-01 Q&A Forum](http://no-passwd.net/askbot/question/32/how-does-gnuk-protect-against-attacks-to-extract/). - * [What types of risk are more likely? What's "best practice" against that? - FST-01 Q&A Forum](http://no-passwd.net/askbot/question/68/what-types-of-risk-are-more-likely-whats-best/). - -## Safenet eToken E5110 - -No Debian, instale o [MUSCLE](https://pcsclite.alioth.debian.org/): - - sudo apt install libccid pcsc-tools pcscd pcscd libpcsclite1 - -Plugue a parada e execute: - - opensc-tool --list-readers - -## SafeNet Authentication Client - -Para uso no mundo corporativo e institucional, como OAB e afins. Você não vai -querer usar os drivers proprietários a não ser que seja forçado, certo? - -Curioso que no fim das contas a OAB conseguiu seu lugar ao sol no mercado -da certificação digital apesar da implantação do modelo governamental escolhido -para o certificado raíz brasileiro, história contada no livro -[Leviatã Eletrônico](http://www.scielo.br/scielo.php?script=sci_arttext&pid=S1517-45222010000300013). - -Enfim, pra usar o eToken E5110 pra assinar documentos no navegador você -precisará de drivers específicos e proprietários. - -Aparentemente a [Gemalto comprou a SafeNet](http://www.gemalto.com/press/Pages/Gemalto-to-acquire-SafeNet,the-worldwide-leader-in-data-and-software-protection.aspx) -e depois ficou muito mais difícil para baixar o driver do eToken E5110, que além de ser proprietário ainda ficou privativo! -Maluco fez [até script](https://gist.github.com/dex4er/1354710) pra automatizar essa zica. -[Aqui](https://site.solutinet.com.br/2015/manuais/instaladores/) há versões recentes das bibliotecas e do cliente de autenticação -proprietário (dica [daqui](https://diadialinux.wordpress.com/2017/03/02/instalar-etoken-alladin-usar-sites-do-governo-com-certificado-digital-e-assinar-documentos-pdf/)). - -Referêcias: - -* [Token-Based Authentication | SafeNet eToken 5110 USB Authenticator](https://safenet.gemalto.com/multi-factor-authentication/authenticators/pki-usb-authentication/etoken-5110-usb-token/) -* [Guia](http://poddarprofessional.com/demo/DIGITAL%20SIGNATURE/UTILITIES/E-token%20Drivers%20For%20LINUX/eToken_PKI_Client_Linux_4_55_Reference_Guide.pdf). -* [eToken Pro 72k and Linux - r3blog](https://r3blog.nl/index.php/etoken-pro-72k/). -* [Install SafeNet eToken PRO on Ubuntu 14.04 LTS](https://www.vleeuwen.net/2015/05/install-safenet-etoken-pro-on-ubuntu-14-04-lts). - -## Misc - -* [ImperialViolet - Security Keys](https://www.imperialviolet.org/2017/08/13/securitykeys.html). -- cgit v1.2.3