search

Nitrokey / nitrokey-webupdate

Website to easily update firmware on Nitrokey devices.
https://update.nitrokey.com
Apache License 2.0
2 stars 1 forks source link

Can't update Nitrokey FIDO2 to 2.2 from 2.1 #15

Closed beerisgood closed 3 years ago

beerisgood commented 4 years ago

My LED never go white (only once if i connect the stick to PC).

here the logs: image

failed: image

I also try pressing it at start but nothing happens. The LED looks also like red & blue at flashing progress.

szszszsz commented 4 years ago

Hi!

Your device seem to be in the bootloader mode due to incomplete firmware write. I had not a chance yet to look into Chrome-familly browsers' support yet. Could you run it on the Mozilla Firefox?

Browser console (Ctrl+Shift+I on Chrome) should show the error message, which could perhaps pinpoint the problem.

beerisgood commented 4 years ago

Here are the Edge logs (flashing):

main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null

Re-Check:

main.js?version=1:304 app.solo_version 2.1.0
main.js?version=1:305 PRE-CHECKING IF IN BOOTLOADER
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:174 check-version RESPONSE Uint8Array(71) [2, 1, 0, 217, 208, 137, 192, 209, 245, 110, 139, 158, 158, 225, 33, 83, 146, 112, 228, 115, 244, 27, 148, 194, 240, 68, 241, 20, 182, 103, 142, 196, 166, 47, 165, 32, 198, 9, 50, 16, 138, 153, 204, 203, 100, 245, 52, 244, 172, 0, 32, 192, 70, 0, 32, 40, 79, 0, 32, 1, 0, 0, 0, 40, 79, 0, 32, 105, 1, 0, 0]
main.js?version=1:353 NEED Uint8Array(4) [2, 2, 0, 0]
main.js?version=1:354 HAVE Uint8Array(3) [2, 1, 0]
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null
main.js?version=1:404 Boot check null
main.js?version=1:412 IS BOOTLOADER false
main.js?version=1:145 bootloader RESPONSE null

test with Firefox (update check):

STABLE_VERSION GITHUB 2.2.0.nitrokey main.js:196:11
STABLE_VERSION FETCHED 2.2.0.nitrokey main.js:203:11
app.solo_version null main.js:304:11
PRE-CHECKING IF IN BOOTLOADER main.js:305:11
Boot check null main.js:404:11
IS BOOTLOADER false main.js:412:11
check-version RESPONSE 
Uint8Array(71) [ 2, 1, 0, 217, 208, 137, 192, 209, 245, 110, … ]
main.js:174:13
NEED 
Uint8Array(4) [ 2, 2, 0, 0 ]
main.js:353:11
HAVE 
Uint8Array(3) [ 2, 1, 0 ]
main.js:354:11

test with Firefox (flashing):

Boot check null main.js:404:11
IS BOOTLOADER false main.js:412:11
bootloader RESPONSE null main.js:145:13
Boot check null main.js:404:11
IS BOOTLOADER false main.js:412:11
bootloader RESPONSE null main.js:145:13
Boot check null main.js:404:11
IS BOOTLOADER false main.js:412:11
bootloader RESPONSE null main.js:145:13
Boot check null main.js:404:11
IS BOOTLOADER false main.js:412:11
bootloader RESPONSE null main.js:145:13
Boot check null main.js:404:11
IS BOOTLOADER false main.js:412:11
bootloader RESPONSE null main.js:145:13

also no white LED. Only red + blue the whole time, same like with Edge.

andyrtr commented 4 years ago

Looks similar here:

Firefox 78.0 on Linux 64-bit (WebAuthn supported)
Connected Nitrokey FIDO2 firmware version: 2.1.0
Latest Nitrokey FIDO2 firmware version: 2.2.0.nitrokey
Device state: normal mode
Connected device: Nitrokey FIDO2
Update application status: (9) Update failed
szszszsz commented 4 years ago

Tested firmware updates:

  1. Windows 10 2004 1904, Firefox 80.0.1, Nitrokey FIDO2 2.1 -> 2.2 (production firmware) - passed, but required additional popup cancellation on switching to bootloader, and longer touch on switching to bootloader as well (8 seconds instead of regular 5 seconds) - to describe in the UI;
  2. Linux Fedora 31, Firefox 83.0a1, Nitrokey FIDO2 2.2 -> 2.2 (production firmware) - passed, required longer touch on switching to bootloader (again not mentioned in the UI).

@beerisgood @andyrtr This looks like an UI issue, I am sorry about that. Since v2.1 the switching to bootloader has to be confirmed by the user with a touch, and that was not described in the UI of the Web Update application. @beerisgood The log you have pasted mentions, that application is waiting for the bootloader to activate, and it timeouts.

Detailed guide for Nitrokey FIDO2 2.1+ firmware update:

  1. When the bootloader execution is requested, the device will start blinking in purple. It awaits for 7-8 seconds long confirmation for switching to the bootloader. Please touch it for at least that period. After that it will be flashing constantly with all colors, meaning it has switched to bootloader, and touch could be released. On Windows the current popup has to be cancelled to continue (new behavior, not noted earlier during v2.1 tests).
  2. After that the update process will continue normally, like for the previous release.
szszszsz commented 4 years ago

Transferring ticket to proper project. Recognized as an UI issue of Web Update application.

szszszsz commented 4 years ago

Connected https://github.com/Nitrokey/nitrokey-fido2-firmware/issues/57

szszszsz commented 4 years ago

@beerisgood @andyrtr Could you confirm please that suggestion in https://github.com/Nitrokey/nitrokey-webupdate/issues/15#issuecomment-699899029works for you? (in a forced update mode: Show information about environment (advanced) -> Advanced Mode).

edit: corrected link

andyrtr commented 4 years ago

Yes, I could update my two Fido2 tokens using that long press, Thanks for your help.

beerisgood commented 4 years ago

@szszszsz I can confirm that this solution works in Microsoft (Chromium-)Edge.

i press the key until the process start and then follow cancelling the first Windows popup from next instructions.

Here also the log:

update.log

After browser restart & key replug: successfull.log

So i close this issue as solved and hope your solution get pinned somewhere :) Thanks also for testing @andyrtr

szszszsz commented 3 years ago

Added description regarding the additional popup needed to be cancelled. Retested on:

beerisgood commented 3 years ago

Added description regarding the additional popup needed to be cancelled. Retested on:

  • Firefox 81.0.1
  • Windows 10 2004

Huh? I test it on Edge so why still not list it ?

szszszsz commented 3 years ago

@beerisgood I wanted to run tests separately, so that the service will be opened asap. Will keep in mind to test Edge and other browsers under Windows.