Features
- piv: Enable the use of the SE050 backend (#534)
- Add
opcard.disabled
andpiv.disabled
configuration options, allowing to selectively disable PIV or OpenPGP, in case the software you rely on leads to conflicts between the two applications. (#539) - fido: Fix an incompatibility with Firefox in v1.7.2-test.20240813 that was caused by an additional field in the response to Get Assertion requests (fido-authenticator#98)
Known issues - Read before updating
-
This firmware update changes the data storage backend of the PIV application.Updating will lead to an incompatible state and PIV will fail to start. You must factory reset the PIV application prior to updating, otherwise it will not work . This can be done through
nitropy nk3 piv --experimental factory-reset
after having made 3 wrong attempts with a PIN-protected operation.
(if you update prior to factory-resetting, you can still rollback tov1.7.2-test.20240813
to get it working again). -
This firmware version updates the format of the FIDO2 state stored on the device. If a device is reverted to v1.7.2 or a previous test release after running this version, the FIDO2 state can be reset and all credentials can be invalidated.
-
This firmware seems to have issues with authenticating FIDO2 credentials, while registering works we currently analyze an issue during authentication.