This update requires pynitrokey v0.4.35 or newer. You can install it with:
$ nitropy nk3 update --version v1.6.0-test.20231218
Changes
(since v1.6.0-test.20231206)
Opcard (OpenPGP): Add experimental configuration option to enable the SE050 secure element backend. This can be done, with pynitrokey v0.4.44: nitropy nk3 set-config opcard.use_se050_backend true
.
This will cause a factory-reset of opcard data. On older versions of nitropy, the command may work but will require a power cycle of the device before opcard is functional.
This new backend will increase the security of PIN protected operations. It will also improve the performance of cryptographic operation, especially RSA. This means that when the secure element backend is enabled, RSA 4096 bit keys can now be generated on-device.
Fixed
- Piv: Fixed generation of RSA keys.
Functions
Stable
- admin-app v0.1.0-nitrokey.9
- fido-authenticator v0.1.1-nitrokey.10 (FIDO2)
- secrets v0.13.0-rc2 (OTP and Passwords)
- opcard v1.3.0 (OpenPGP)
Unstable
- piv-authenticator v0.3.3
- websmartcard v0.8.0-rc5