CBOR eror with embedded token and solo key firmware 4.1.2

[aacebedo]

Hi

I just updated my solo key to firmware 4.1.2.
I don't exactly know what was changed but my LUKS volume containing embedded token was working perfectly before and now I am unable to unlock it.
Using open instead of open-token command works but I have to provide the credential id.
I tried to re-add a key with credential Id as a token but it didn't worked.
When trying to open the LUKS volume I receive the following error:

AuthenticatorError { cause: FidoError(FidoError(

Device returned error: CborError: 0x10: unknown)

Error while decoding CBOR from device.) }

[aacebedo]

I noticed that fields of luksDump changed, the PBKDF field changed from argon2i to argon2id and the memory field changed to

[shimunn]

That's strange, does your header contain entries such as this:

cryptsetup token export /dev/nvme1n1p1 --token-id 2
{"credential":["64f04c01beecf2bcca7554e8f5590fd54d246e75ac35fac2e592372b70703466c5d352dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec014463f0000"],"keyslots":["1"],"type":"fido2luks\u0000"}

and is the credential exactly the same as the one that works with open?

[aacebedo]

Yep they are the same.
I tried to delete and readd the key with embedded credentials to make the key 0 and token 0 filled correctly.
If I use open it works, if I use open-token it does not and fails with the CBOR error.

[shimunn]

I've updated my Solo to that same version but cannot reproduce your issue, what distro are you using?

[aacebedo]

A derivative of arch.
I can try to create another dummy luks volume and readd my key to sort it out.