v1.5.0-test.20230704
Pre-release
szszszsz
Szczepan Zalega
This update requires pynitrokey v0.4.35 or newer. Once binaries are available you can install it with:
$ nitropy nk3 update --version v1.5.0-test.20230704
Fixed:
- Luks with systemd-cryptenroll now does not panic after a reboot #286
- All secrets within the Secrets App can now be listed #300
- Secrets App entries can not be removed without touch button press now
- NFC interface is completely blocked now for applications not supporting it #301
This release adds a new application, Nitrokey Webcrypt, which is aimed at integrating hardware security key features into web applications. Check it out at:
Nitrokey is an open source hardware USB key for data encryption and two-factor authentication with FIDO. While FIDO is supported by web browsers, using Nitrokey as a secure key store for email and (arbitrary) data encryption requires native software. Therefore email encryption in webmail has not been possible with the Nitrokey until now. At the same time strong end-to-end encryption in web applications all share the same challenge: To store users’ private keys securely and conveniently. Therefore secure end-to-end encryption usually requires native software as well (e.g. instant messenger app) or – less secure – store the user keys password-encrypted on servers. Nitrokey aims to solve these issues by developing a way to use Nitrokey with web applications. To avoid the necessity of device drivers, browser add-on or separate software this project is going to utilize the FIDO (CTAP) protocol. As a result the solution will work with any modern browser (which all support WebAuthn), on any operating system even on Android. This will give any web application the option to store a users’ private keys locally on a Nitrokey they control.
Note: Nitrokey WebCrypt is under process of renaming to Nitrokey WebSmartCard.
Functions
Stable
- admin-app v0.1.0-nitrokey.2
- fido-authenticator v0.1.1-nitrokey.4 (FIDO2)
- secrets v0.12.0 (OTP and Passwords)
- opcard v1.1.1 (OpenPGP)