A command line tool for interacting with Nitrokey devices (GitHub mirror) https://git.ireas.org/mirrors/nitrocli/atom?h=v0.1.0 2017-05-29T22:48:40Z 2017-05-29T22:48:40Z Daniel Mueller deso@posteo.net 2017-05-29T22:48:40Z urn:sha1:ac29709a644682c61a5a28d2a23f8887174fcc31 Although the version information for all the local dependencies can be inferred from various locations, cargo requires an explicit mentioning of the version of each dependency for the 'package' command to be successful. This change adds explicit versions. 2017-05-29T21:07:12Z Daniel Mueller deso@posteo.net 2017-05-29T21:07:12Z urn:sha1:684c4574c09a6f2cc5a208e4505e9306602b4abc The 'libc' create got a couple of updates. This change imports the new code and bumps the version to use. Import subrepo libc/:libc at 7db3fd570dfb41a38fb17116e93679307178103a 2017-05-29T20:58:05Z Daniel Mueller deso@posteo.net 2017-05-29T20:58:05Z urn:sha1:436915453f7474117234aa0cedab6f97b3b3575f The 'gcc' create got a couple of updates. This change imports the new code and bumps the version to use. Import subrepo gcc/:gcc at 6b41873be3172415efcadbff1187a3ff42428943 2017-04-10T04:24:38Z Daniel Mueller deso@posteo.net 2017-04-10T04:24:38Z urn:sha1:5744889d0d3a9c033913bdce499064a4760a1249 When closing the encrypted volume we could potentially cause the volume to be in an inconsistent state if writes to it were cached by the operating system. To mitigate this case this patch causes an invocation to the sync(2) system call to flush outstanding writes to disk. 2017-04-10T03:53:54Z Daniel Mueller deso@posteo.net 2017-04-10T03:53:54Z urn:sha1:3ce72e0ce1a0442786bc2600a7f276ae1994d90e Until now we treated any response but "ok" and "idle" to the encrypted volume opening command as an error and reported it. However, the opening process is a potentially long running and it is very likely that the nitrokey reports a couple of "busy" messages. This change implements the logic to wait until the nitrokey either reports an error or a successful open. 2017-04-10T03:32:31Z Daniel Mueller deso@posteo.net 2017-04-10T03:32:31Z urn:sha1:1e4a359f42e081851b98a12511ffe24968bfc6da We currently unconditionally use gpg-agent to enter the PIN to use when opening the encrypted volume. The agent has the advantage of caching the password for us so that subsequent invocations against the same cache entry can be served without user interaction. For various reasons, however, it can be desirable to have the ability to remove this entry from the cache. This change introduces a new command 'clear' that achieves precisely this task. 2017-04-10T03:21:39Z Daniel Mueller deso@posteo.net 2017-04-10T03:21:39Z urn:sha1:a23c692dc38fe95b1a584663166fd3c9ed251326 When a wrong password is entered when attempting to open the encrypted volume the nitrokey will report that in the form of an error. In such a case we should retry the operation after asking the user for the corrected password. This change implements this logic. Note that because we use gpg-agent for the PIN inquiry and because it caches passwords by default we must make sure to clear the cache before retrying. 2017-04-10T02:36:35Z Daniel Mueller deso@posteo.net 2017-04-10T02:36:35Z urn:sha1:f94d04578f44fc79212550203838f7c78e1ac414 The nitrokey supports a status command that instructs it to report details about itself. This data includes general useful information such as the current version of the firmware being installed along with more contextual bits such as the number of remaining retries for the user and admin PINs or whether the different volumes (unencrypted, encrypted, hidden) are writable. This change introduces the 'status' command line option that can be used to retrieve this information from the nitrokey and to display it. 2017-04-09T03:24:27Z Daniel Mueller deso@posteo.net 2017-04-09T03:24:27Z urn:sha1:c441df2c153c811af19f37bdfdc45a13c36e8f14 The nitrokey embeds a wrong CRC code into the response for certain commands. When closing the encrypted volume, for example, the CRC code never matches the actual report data. This problem is tracked by issue 32: https://github.com/Nitrokey/nitrokey-storage-firmware/issues/32 To work around this problem for now we unfortunately have to ignore the result of the CRC check. This change adjusts the code to do that. 2017-04-09T01:23:25Z Daniel Mueller deso@posteo.net 2017-04-09T01:23:25Z urn:sha1:f1fe434d1487fad624b0574955c3af0cfd75e674 The send a report, wait for some time, and receive a response pattern is used in many places already and more are to come. In fact, no send should ever happen without the wait for a response. To that end, this change introduces a new 'transmit' function that performs the exactly this task: send a report and return the response to it.