Skip to content

@conorpp conorpp released this May 13, 2019 · 7 commits to master since this release

This adds capacitive touch sensing support to Solo if a touch-sensing-capable device is detected. At time of this release, only our "Somu" model supports capacitive touch. More info can be found here: https://www.crowdsupply.com/solokeys/somu

Additionally, a behavior with U2F and user presence (UP) test was improved. Previously, U2F would block on waiting for user presence, and not return a response to the platform until UP was received or timed out. Most platforms expect to get a response immediately and poll until UP is given. U2F was changed to return immediately, which makes better behavior on some platforms.

Assets 12

@conorpp conorpp released this Apr 25, 2019 · 28 commits to master since this release

Solo leverages custom KEYID parameters to create "custom" commands, for checking firmware version, and adding a firmware update mechanism. The get_assertion response returned was invalid and was getting rejected by browsers.

Also:

  • reduce stack usage by about 3-4k bytes
  • update tinycbor submodule
  • rebooted cryptocurrency demo extension.

A future improvement would be to use the extension part of webauthn/fido2, but that is pending on browser support.

Assets 13

@conorpp conorpp released this Apr 18, 2019 · 63 commits to master since this release

This release fixes the ordering of keys encoded in CBOR maps to be canonical ordering. They previously were not ordered in any particular way and caused issues for Chrome. #170

Also fixes CTAP2 implementation to accept credential IDs created by the CTAP1 implementation. So registering with U2F and later authenticating with FIDO2 should work.

Assets 15

@conorpp conorpp released this Apr 1, 2019 · 97 commits to master since this release

WARNING: This update may break previous registrations! This is because we fixed the U2F counter for good (rather than arbitrarily set the upper byte high for backwards-compatibility reasons, which ends up causing other issues).

  • Adds hmac-secret extension support. This extension is used for generating 32 or 64 byte symmetric keys using parameters from the platform and secrets on the authenticator. It's used by Windows Hello for offline authentication.
  • Fix bug in FIDO auth, where setting the pin requires all previous registrations to use pin. Only UV bit needs to be cleared.
  • Slightly change serial emulation USB descriptor to make it less abused by Linux Modem Manager.
Assets 19

@conorpp conorpp released this Mar 8, 2019 · 169 commits to master since this release

This update includes 100+ commits, mostly related to NFC functionality. Note for NFC to work, it requires new hardware (Solo Tap) which is going through production still.

There are also some bug fixes:

  • Buffer over-run when the USB device name is too long.
  • Set upper byte of counter to 0x7f instead of 0xff. Some websites (gitlab) have issues with the upper bit of a uint32 being set.

Note if you're upgrading from 1.1.0 or 1.1.1, AND you've used your key to authenticate to an services, then those services may need to be re-registered. This is due to the counter decreasing.

pip install -U solo-python
# update for Solo
solo key update --secure

# update for solo hacker
solo key update --hacker
Assets 12

@conorpp conorpp released this Mar 1, 2019 · 318 commits to master since this release

This version fixes an incorrect error code returned in U2F.

This was causing issues for some browsers (Chrome and Firefox) where multiple keys were already registered. It's recommended to update to this version.

This update won't cause any registrations to be lost.

pip install -U solo-python
# update for Solo
solo key update --secure

# update for solo hacker
solo key update --hacker
Assets 13

@conorpp conorpp released this Feb 18, 2019 · 324 commits to master since this release

This contains firmware that can update any (secure) Solo produced by SoloKeys. Also contains Hacker build firmware. These files are easily reproducible using Docker.

  • Code cleanup
  • Buffer over-read bug fix
  • U2F counter endianness bug fix
  • More testing
  • Extension interface to U2F and FIDO2
    • Read firmware version
    • Read RNG bytes

To update a secure solo, use firmware-secure-1.1.0.json, which is the same as firmware-secure-1.1.0.hex, but with some formatting and the signature added.

Assets 13
Feb 13, 2019
v1.0.2
Feb 12, 2019
v1.0.1
You can’t perform that action at this time.