Hi,
Today, I tried to update my Nitrokey FIDO2 from firmware version 2.2.0 to the latest 2.4, but the online update failed both on macOS 11.2 and Debian stable using Firefox, in both cases already during the running bootlader stage. I also tried nitropy on macOS, but this also failed with something like this:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/pynitrokey/cli/update.py", line 146, in update
client.enter_bootloader_or_die()
File "/usr/local/lib/python3.9/site-packages/pynitrokey/fido2/client.py", line 220, in enter_bootloader_or_die
self.enter_solo_bootloader()
File "/usr/local/lib/python3.9/site-packages/pynitrokey/fido2/client.py", line 216, in enter_solo_bootloader
self.send_data_hid(SoloBootloader.HIDCommandEnterBoot, "")
File "/usr/local/lib/python3.9/site-packages/pynitrokey/fido2/client.py", line 103, in send_data_hid
return self.dev.call(cmd, data, event)
File "/usr/local/lib/python3.9/site-packages/fido2/hid.py", line 89, in call
status, resp = self._dev.InternalRecv()
File "/usr/local/lib/python3.9/site-packages/fido2/_pyu2f/hidtransport.py", line 308, in InternalRecv
first_read = self.InternalReadFrame()
File "/usr/local/lib/python3.9/site-packages/fido2/_pyu2f/hidtransport.py", line 300, in InternalReadFrame
frame = self.hid_device.Read()
File "/usr/local/lib/python3.9/site-packages/fido2/_pyu2f/macos.py", line 453, in Read
raise OSError('Failed reading a response')
OSError: Failed reading a response
The key I tried to update still works without problems (e.g. as a second factor for my GitHub login), so the hardware cannot be completely broken. Luckily back in the days, I had bought four of those devices so I checked with another one to see whether my computer setup was the reason, but I was able to update one of the other sticks from firmware version 2.0.0 to 2.4 without issues.
I tried to monitor the process closely to see any differences. One was that the working stick was blinking white during the update, while the failing was was blinking blue/purple. During the failing update, the green progress bar of the online update disappeared after some time and never came back, instead an error was shown. This was not the case for the working update, where the progress bar was shown all the time. I created a screen capture of the failing online update which I can share in case of need.
Now I wonder whether this is related to the 2.2 Firmware version (couldn’t find anything here in the forum though) or whether there could be an issue with the hardware.
Thanks,
Martin