From 4200af146a17398dc7050c92e1f861f2066debec Mon Sep 17 00:00:00 2001
From: Amit Aronovitch <amit@satellogic.com>
Date: Wed, 2 Oct 2019 00:01:48 +0300
Subject: Identify Librem Key, behaving like Nitrokey Pro device

---
 NK_C_API.h | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'NK_C_API.h')

diff --git a/NK_C_API.h b/NK_C_API.h
index d5c54a3..5b93f08 100644
--- a/NK_C_API.h
+++ b/NK_C_API.h
@@ -67,6 +67,9 @@
  *         case NK_STORAGE:
  *                 printf("a Nitrokey Storage");
  *                 break;
+ *         case NK_LIBREM:
+ *                 printf("a Librem Key");
+ *                 break;
  *         default:
  *                 printf("an unsupported Nitrokey");
  *                 break;
@@ -111,7 +114,11 @@ extern "C" {
             /**
              * Nitrokey Storage.
              */
-            NK_STORAGE = 2
+            NK_STORAGE = 2,
+            /**
+             * Librem Key.
+             */
+            NK_LIBREM = 3
         };
 
         /**
@@ -327,7 +334,7 @@ extern "C" {
 
 	/**
 	 * Connect to device of given model. Currently library can be connected only to one device at once.
-	 * @param device_model NK_device_model: NK_PRO: Nitrokey Pro, NK_STORAGE: Nitrokey Storage
+	 * @param device_model NK_device_model: NK_PRO: Nitrokey Pro, NK_STORAGE: Nitrokey Storage, NK_LIBREM: Librem Key
 	 * @return 1 if connected, 0 if wrong model or cannot connect
 	 */
         NK_C_API int NK_login_enum(enum NK_device_model device_model);
-- 
cgit v1.2.1


From fedf828e394938fb6f84407b4de7412a3fb6ec40 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Thu, 2 Apr 2020 15:19:00 +0200
Subject: Return serial number as uint32_t from C API

This patch adds the function NK_device_serial_number_as_u32 to the C
API.  It is similar to NK_device_serial_number but returns the raw
unsigned integer instead of a formatted string.  This patch also adds a
simple test case that ensures that the number is not zero.

Fixes #172.
---
 NK_C_API.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'NK_C_API.h')

diff --git a/NK_C_API.h b/NK_C_API.h
index d5c54a3..df3e992 100644
--- a/NK_C_API.h
+++ b/NK_C_API.h
@@ -385,6 +385,14 @@ extern "C" {
 	 */
 	NK_C_API char * NK_device_serial_number();
 
+	/**
+	 * Return the device's serial number string as an integer.  Use
+         * NK_last_command_status to check for an error if this function
+         * returns zero.
+	 * @return device's serial number as an integer
+	 */
+	NK_C_API uint32_t NK_device_serial_number_as_u32();
+
 	/**
 	 * Get last command processing status. Useful for commands which returns the results of their own and could not return
 	 * an error code.
-- 
cgit v1.2.1


From 2a7b3f4e2ae09d665f9783030323dfb1a4c5ee9f Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Thu, 2 Apr 2020 15:51:25 +0200
Subject: Add missing free functions to C API

This patch adds two missing free functions, NK_free_config and
NK_free_password_safe_slot_status, to enable memory-safe use of the C
API.

Fixes #173.
---
 NK_C_API.h | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'NK_C_API.h')

diff --git a/NK_C_API.h b/NK_C_API.h
index d5c54a3..c4cb448 100644
--- a/NK_C_API.h
+++ b/NK_C_API.h
@@ -451,6 +451,7 @@ extern "C" {
 
 	/**
 	 * Get currently set config - status of function Numlock/Capslock/Scrollock OTP sending and is enabled PIN protected OTP
+         * The return value must be freed using NK_free_config.
 	 * @see NK_write_config
 	 * @return  uint8_t general_config[5]:
 	 *            uint8_t numlock;
@@ -462,6 +463,12 @@ extern "C" {
 	 */
 	NK_C_API uint8_t* NK_read_config();
 
+        /**
+         * Free a value returned by NK_read_config.  May be called with a NULL
+         * argument.
+         */
+        NK_C_API void NK_free_config(uint8_t* config);
+
 	//OTP
 
 	/**
@@ -634,10 +641,17 @@ extern "C" {
 
 	/**
 	 * Get password safe slots' status
+         * The return value must be freed using NK_free_password_safe_slot_status.
 	 * @return uint8_t[16] slot statuses - each byte represents one slot with 0 (not programmed) and 1 (programmed)
 	 */
 	NK_C_API uint8_t * NK_get_password_safe_slot_status();
 
+        /**
+         * Free a value returned by NK_get_password_safe_slot_status.  May be
+         * called with a NULL argument.
+         */
+        NK_C_API void NK_free_password_safe_slot_status(uint8_t* status);
+
 	/**
 	 * Get password safe slot name
 	 * @param slot_number password safe slot number, slot_number<16
-- 
cgit v1.2.1


From 0270a9b3de4b45fcfcb83f8e20a78702811d4192 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Thu, 2 Apr 2020 16:29:27 +0200
Subject: Add NK_config struct and read/write functions

This patch adds the NK_config struct to the C API that stores the
general configuration of a Nitrokey device.  It also adds the
NK_read_config_struct and NK_write_config_struct functions to make the
API easier to use.  While NK_write_config_struct is only a convenience
method, NK_read_config_struct makes the API more safe as the user no
longer has to read the data from a pointer to an array.

This patch also extends the test_read_write_config test case with the
two new functions.
---
 NK_C_API.h | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

(limited to 'NK_C_API.h')

diff --git a/NK_C_API.h b/NK_C_API.h
index d5c54a3..6aab7ca 100644
--- a/NK_C_API.h
+++ b/NK_C_API.h
@@ -265,6 +265,32 @@ extern "C" {
 		uint8_t write_level_max;
 	};
 
+        /**
+         * The general configuration of a Nitrokey device.
+         */
+        struct NK_config {
+            /**
+             * value in range [0-1] to send HOTP code from slot 'numlock' after double pressing numlock
+             * or outside the range to disable this function
+             */
+            uint8_t numlock;
+            /**
+	     * similar to numlock but with capslock
+             */
+            uint8_t capslock;
+            /**
+	     * similar to numlock but with scrolllock
+             */
+            uint8_t scrolllock;
+            /**
+             * True to enable OTP PIN protection (require PIN each OTP code request)
+             */
+            bool enable_user_password;
+            /**
+             * Unused.
+             */
+            bool disable_user_password;
+        };
 
    struct NK_storage_ProductionTest{
     uint8_t FirmwareVersion_au8[2];
@@ -449,6 +475,14 @@ extern "C" {
 	NK_C_API int NK_write_config(uint8_t numlock, uint8_t capslock, uint8_t scrolllock,
 		bool enable_user_password, bool delete_user_password, const char *admin_temporary_password);
 
+	/**
+	 * Write general config to the device
+	 * @param config the configuration data
+	 * @param admin_temporary_password current admin temporary password
+	 * @return command processing error code
+	 */
+	NK_C_API int NK_write_config_struct(struct NK_config config, const char *admin_temporary_password);
+
 	/**
 	 * Get currently set config - status of function Numlock/Capslock/Scrollock OTP sending and is enabled PIN protected OTP
 	 * @see NK_write_config
@@ -462,6 +496,15 @@ extern "C" {
 	 */
 	NK_C_API uint8_t* NK_read_config();
 
+	/**
+	 * Get currently set config and write it to the given pointer.
+         * @see NK_read_config
+	 * @see NK_write_config_struct
+         * @param out a pointer to the struct that should be written to
+	 * @return command processing error code
+	 */
+	NK_C_API int NK_read_config_struct(struct NK_config* out);
+
 	//OTP
 
 	/**
-- 
cgit v1.2.1