2.4.1 Maintenance release - smaller MCU flash support

Maintenance release done to support smaller MCU flash #67 #68 . No functional changes.
No need to update for the regular users.

Manual updating process:

wget https://github.com/Nitrokey/nitrokey-fido2-firmware/releases/download/2.4.1.nitrokey/nitrokey-fido2-firmware-2.4.1-128kB-app-signed.zip 
unzip nitrokey-fido2-firmware-2.4.1-128kB-app-signed.zip  
nitropy fido2 util program bootloader nitrokey-fido2-firmware-2.4.1-128kB-app-signed.json  

Edit: reuploaded the signed Nitrokey FIDO2 firmware from the previous release for pynitrokey. See:

• https://github.com/Nitrokey/nitrokey-fido2-firmware/releases/tag/2.4.0.nitrokey

@szszszsz 2-2-2022 : Adding 2.4.1 firmware signed.

2.4 FIDO2 improvements

Add FIDO2 fields order correction and related fixes

2.3 Correct FIDO2 feature

Correct FIDO2 communication, specifically FIDO2 INFO command result's correction.
Fixes: #61

2.2 Small FIDO2 update

Small update to FIDO2 INFO command #54.

Since this is only a small correction, no additional tests besides #54 were executed.

2.1 Windows 10 FIDO U2F improvement

Note: While FIDO U2F and FIDO2 registrations were tested to work after the update, please make sure you have alternative way of confirming identity on all registered services before making the update.

Changes:

• active mode after the first touch is accepted and while the button is pressed, but not longer than for 10 seconds;
• LED colors update - factory reset has red light, and configuration requests are yellow;
• button handling correction;
• Windows 10 FIDO U2F correction for the latest release.

Detailed list below.

Changelog

2.1.0.nitrokey (2020-09-02)

Full Changelog

Implemented enhancements:

• Show LED blink on auto-confirmation #48
• Guard reboot command with UP #47
• Stay active after touch press is recognized for 10 seconds #44
• Resident Key data migration #34
• Differentiate LED colors #24

Fixed bugs:

• Spontanious touch button state change #50
• Improve UX for update on Windows 10 #49
• FIDO2 timeout is wrong #46
• Do not allow for long extended touches charging #45
• Failing Windows 10 reset #43
• W10: FIDO U2F not working fully #42
• Reset operation can be confirmed with simple touch #41
• Allows reset after more than 10 seconds #38
• Limit CBOR nesting #36
• Merge HID cancel quickfix from upstream #27
• Blinks too long on FIDO U2F request cancel #25

Closed issues:

• Unexpected 0x13 status error code #37
• FIDO2 certificate update - AAGUID field #28

2.0 Upstream update

Note: this update clears all the resident keys saved on the device. While FIDO U2F and FIDO2 registrations were tested to work after the update, please make sure you have alternative way of confirming identity on all registered services before making the update.

This release contains fixes for the RK handling, as well as featuring RK management (e.g. through Chrome) and OpenSSH integration. Update method will be specified in the coming days.

Other changes:

• Update to upstream 4.0.0+
• Update certificate to include AAGUID
• Set RK 'icon' field back to 128, and 'display name' to 32
• Docker-based manual OpenSSH test
• Fix web update for Chrome by not ignoring the WINK command in the bootloader
• Make hmac-secret depend on the UV value

Edit: Update available with:

• https://update.nitrokey.com/ (using Firefox); or
• https://github.com/Nitrokey/pynitrokey#firmware-update (using Python CLI tool)

Bootloader downgrade protection fix

• Bootloader downgrade protection fix #33. Update in the field requires #9 (WIP).
• Status command update (quickfix)

Certificate update

This release brings updated certificate, and the debug wires disconnection.

First release

This is a first release of the firmware.

0.4.0.nitrokey

test release