This is a minor release that fixes an issue where the User ID for a given credential wasn't being returned where it should be. This is when a RK credential is being used as specified from the allowList in a getAssertion request.
Minor change, please check notes in 4.1.0 release.
This update fixes the initialization order of the device so that some devices no longer run into a boot issue (#516).
- Add Ed255 support for FIDO2 #478.
- Adjustments to make fault injection attacks more difficult #504.
- Fix incorrect logic and memmove that caused UV not to get set #493.
- Fix incorrect cbor ordering regarding credProtect and hmac-secret extension #508 (thanks @aseigler, @timcappalli for finding & reporting).
- Build & documentation improvements #509, #495, #490, #485, #482
Note there was an initial 4.1.0 release for a few hours which contained a build issue, and has been updated.
After discussion with @nickray, I'm making this a major version release and deleting the old
3.2.0, because it will likely void any existing RK credentials on your solo device when updating from <
Warning: After this update, any existing RK's on your device will likely not work anymore. If you're not sure about what RK/resident-key is, then you probably do not have any and do not need to worry.
Additional improvements from (now defunct)
Two big features added in this release:
- Credential management (able to enumerate and delete resident key credentials).
- credProtect extension (able to enforce UV on specific credentials)
- add cred protect extension
- Fix issues with RK buffer handling
- Fix issue with credentials being ordered incorrectly for getAssertion's
- Fix issue with extensions not being applied to getNextAssertion assertions.
- Fix issue with some getNextAssertions not signing correct rpIdHash.
- Refactor + bugfix credential management
- Add delete command for credential management
- Add user presence check if a credential is excluded during makeCredential step
- Add custom vendor command for rebooting device to allow easier testing.
- Fix regression with user presence being collected twice in some cases.
This has been successfully tested for Microsoft / Azure AD compatibility.
Public tests have been added to fido2-tests.
Thank you to @My1 for help testing and providing logs.
The last 3.1.2 could not be updated on most authenticators with version checking due to an error in the build not putting the version in correctly. This corrects the issue.
Thank you to @schwarzeh for mailing me a key to reproduce the issue.
As discovered in our security audit by DoyenSec, there were some potential cbor safety issues, the largest being there wasn't a proper recursion limit to one of the methods we were using from
tinycbor. Now that has been fixed.
- Initialize variable to avoid potential version bypass in bootloader
- Add a command to support users locking flash that have been locked out from the normal process.
This fixes in issue in the Solo bootloader that allows an old signed-firmware version to be programmed on secured solo builds.
- Refactor to allow building Solo as lib
- Secure version of Solo will have different certs for Solo, Solo Tap, and Somu now.
- Additionally, the first byte of the AAGUID for each model is different.