v0.12 Adjust for the new hardware

Adjust for the new firmware platform, and remove obsolete code for it.
Boot to bootloader if the used firmware does not suit the hardware revision.

There is no need to update for a regular user.

Note: builds not tested yet against update issues, hence marking as pre-release for the time-being.

HSM-3 RC1

Nitrokey HSM supporting HW4 (BGA) - test firmware

v0.11 Bootloader

Add DFU bootloader support for field update #69.
Devices with firmware v0.10 and lower can be updated only through a debug adapter/SWD.

Documentation update.

• all.hex contains full flash image, with bootloader and firmware merged.
  SHA sum GPG signed with 868184069239FF65DE0BCD7DD9BAE35991DE5B22.
• bootloader.hex - built with arm-none-eabi-gcc (GNU Tools for Arm Embedded Processors 8-2018-q4-major) 8.2.1 20181213 (release) [gcc-8-branch revision 267074]
• firmware.hex built with arm-none-eabi-gcc (15:4.9.3+svn231177-1) 4.9.3 20150529

HSM2 release

Support HSM v3.1 smart card.

v0.10

This update fixes Nitrokey App communication issue under Windows 10 1809: NitrokeyApp#392. It is optional for users not using this operating system, or not using the Nitrokey App there. The only change is redefining the HID descriptor, which will make the device to not be identified as a virtual keyboard and allow to connect by non-system applications. As a consequence of removing the virtual keyboard, the 'special key double press OTP insertion' feature will now not work (it might be restored in the future firmware versions).

Issue affects only communication with the Nitrokey App. Smart card communication should not be affected.

Firmware is signed with szczepan@nitrokey.com, key id: 868184069239FF65DE0BCD7D D9BAE35991DE5B22 (valid until 2019-01-10). ID can be confirmed with the one on the main download site.

Update instructions

If you require an update, please send us the device in an air cushion envelope, and we will update the firmware or replace the device. For details please contact with the support.
Please remember to backup your data.

hsm-1

Original HSM firmware release.

v0.9

Changes same as v0.9-RC1.
Blink 'infinitely' after the invalid HOTP code was detected.

Tested against:

• nitrokey-hotp-verification v1.0-2-g7fbc4a1 (master branch)
• libnitrokey v3.3-19-gaee920b (master branch)

v0.9 RC1

• HOTP validation command added.
• Removed most of the build warnings.
• Minor authorization command bug (details will be published in a separate issue)

Test release.
Remove most of the build warnings. src/Library files are not impacted.
Warnings generated with -Wall. Some of the -Wextra were solved too.
Now any warning in our codebase (not src/Library; using -Wall switch)
would make a compilation error.
Compilation made on GCC 6.3.1 and 4.9.3. The latter build used for
testing.

Tested against:

libnitrokey v3.3-12-g391a276 (pytest -sv test_pro.py --count 3)
nitrokey-hotp-verification v1.0 (./test_hotp)

v0.8

v0.8 (2016-11-19)

Full Changelog

Implemented enhancements:

• Support 3rd HOTP slot for special key double press #30
• Can't add AWS MFA secret #22
• Handle bigger OTP secrets up to 40 bytes, 320 bits #29 (szszszsz)

Fixed bugs:

• OTP SECRETs begining with 0x00 are not stored in the slots #19
• Leaking pins: memcpy != memset #13
• Buggy OTP slot range check #4
• Use memset when clearing buffers #13 #21 (szszszsz)

Closed issues:

• Remove Landscape code quality analysis #11
• Unlocking password safe fails when compiling with recent gcc versions #9
• Authorization mechanism is vulnerable to CRC32 collisions #8
• User command authorization works only once #7

Merged pull requests:

• Check whole secret to be null instead of only first char #28 (szszszsz)
• Refactoring - code reformat #26 (szszszsz)
• Add license copy to repository - GPLv3 #16 (szszszsz)
• Fix warnings (2) / code cleanup #31 (szszszsz)
• Add temporary passwords to commands instead of AUTHORIZE #25 (szszszsz)
• Fix off by one error in OTP slot range checks. #17 (MaVo159)