| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces support for discovering and executing
user-provided extensions to the program. Extensions are useful for
allowing users to provide additional functionality on top of the
nitrocli proper. Implementation wise we stick to an approach similar to
git or cargo subcommands in nature: we search the directories listed in
the PATH environment variable for a file that starts with "nitrocli-",
followed by the extension name. This file is then executed. It is
assumed that the extension recognizes (or at least not prohibits) the
following arguments: --nitrocli (providing the path to the nitrocli
binary), --model (with the model passed to the main program), and
--verbosity (the verbosity level).
|
|
|
|
|
|
|
|
|
|
| |
This change reorders and subdivides the Environment section we have in
the manual. The first subsection in it is about variables pertaining the
program configuration and the second one about those influencing
password & PIN entry. Having these dedicated subsections will
subsequently allow us to reference them in follow up changes. The
reordering is meant to reflect the more general applicability that
configuration variables have.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch renames the options for the config set command:
--numlock ==> --num-lock
--capslock ==> --caps-lock
--scrolllock ==> --scroll-lock
--no-numlock ==> --no-num-lock
--no-capslock ==> --no-caps-lock
--no-scrolllock ==> --no-scroll-lock
The original naming was based on a typo in nitrokey-rs (scrollock vs.
scrolllock). Also, the typical spelling for the keys is Num Lock, Caps
Lock and Scroll Lock, so using a hyphen is a more natural.
|
|
|
|
|
|
|
| |
This patch removes the unused DeviceModel::as_user_facing_str method.
The device model is only used for the argument handling. When printing
messages for the user, we always use nitrokey::Model. Its Display
implementation already prints the model in an appropriate format.
|
|
|
|
| |
This patch adds the librem device model for the Librem Key.
|
|
|
|
|
|
| |
This patch updates the nitrokey dependency to version 0.8.0 and applies
all breaking changes (Config fields renaming, DeviceWrapper and Model
non-exhaustiveness, changed Display implementation for Model).
|
|
|
|
|
|
|
|
|
|
| |
When we switched the default OTP format from hexadecimal to base32 we
missed that the manual was providing examples of the otp set command
that were implicitly making use of the default format -- leading to a
mismatch between what the example is meant to do and what it actually
does.
This change fixes this oversight in the manual by adjusting the examples
accordingly.
|
|
|
|
|
|
|
|
|
| |
When we originally switched over to using anyhow for error handling, we
evidently missed to take advantage of its context support in a couple of
error paths. The result was that we ended up with rather long winded
> result.ok_or_else(|| anyhow::anyhow!(...))
constructs.
This change shortens them, making use of the anyhow::Context trait.
|
|
|
|
|
|
|
|
| |
The man page mentions a password safe slot count of 20 for both the
Nitrokey Pro and the Nitrokey Storage devices. This count is incorrect,
as both devices can store only 16 entries each, as is evident from the
corresponding technical details for each device. With this change we
correct said number.
|
| |
|
| |
|
| |
|
|
|
|
| |
Update company name to Nitrokey GmbH
|
| |
|
|
|
|
|
|
|
| |
The fill command starts a background operation on a Nitrokey Storage
device that fills the SD card with random data. This patch adds a new
option, --progress, to the fill command that checks if a fill operation
is already running on the device and shows its progress.
|
|
|
|
|
| |
This patch uses the progressing crate to display a progress bar for the
fill command if the output is printed to a TTY.
|
|
|
|
|
|
| |
This patch adds the is_tty field to the Context struct that indicates
whether stdout is a TTY. This allows us to use TTY features like moving
the cursor in our output.
|
|
|
|
|
|
| |
This patch adds the fill command that overwrites the SD card with random
data. Similar to the reset command, we always require the user to enter
the admin PIN even if is cached.
|
|
|
|
|
|
|
|
|
|
| |
The Storage device keeps track of the areas of the SD card that have
been written to during this power cycle. This data can be accessed using
the NK_get_SD_usage_data function that returns a range of the SD card
that has not been written. This data can be used as a guide line when
creating new hidden volumes.
This patch adds the SD card usage data to the output of the status
command for Nitrokey Storage devices.
|
|
|
|
|
| |
For consistency with the --usb-path option, this path renames the device
path column in the output of the list command to USB path.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the --usb-path option as an additional way to filter the
Nitrokey device to connect to. While the serial number is a better
identifier in theory, the Nitrokey Storage devices do not send their
serial number in the USB device descriptor. Having the --usb-path
options allows users to select one of multiple Nitrokey Storage devices.
While we could directly call the nitrokey::Manager::connect_path
function with the specified path, we integrate the --usb-path option
into the existing find_device function for consistent error messages and
to avoid having to duplicate the --model and --serial-number checks.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds test cases for the new connection logic:
- connect_multiple checks that nitrocli aborts if more than one Nitrokey
device is connected and no filter is set.
- connect_serial_number checks that we can use the --serial-number
option to connect to all supported Nitrokey devices.
- connect_wrong_serial_number checks that nitrocli aborts if it can’t
find a device with the requested serial number.
- connect_model checks that we can use the --model option to select the
Nitrokey device to connect to, and that nitrocli aborts if it finds no
matching device or multiple matching devices.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This change updates the structopt crate to version 0.3.13. We need this
version as it fixes a compilation error [0] when using the
external_subcommand enum variant annotation provided by the crate. This
functionality will be used in a follow up change that enables usage of
user provided extensions.
[0]: https://github.com/TeXitoi/structopt/issues/424
|
|
|
|
|
|
|
|
| |
This patch adds the --serial-number option that allows the user to
filter the attached Nitrokey devices by serial number. As the Nitrokey
Storage does not include its serial number in the USB device descriptor
and as we don't want to connect to it just to query the serial number,
this option only works for Nitrokey Storage devices.
|
|
|
|
|
|
|
|
| |
Previously, we just applied our filter (if any) to all attached Nitrokey
devices and selected the first match when connection to a Nitrokey
device. This may lead to unexpected behavior if multiple devices are
attached. This patch changes the find_device function to return an
error if multiple matching devices are found.
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces two new functions, find_device and connect, to
connect to a Nitrokey device. find_device queries the attached Nitrokey
devices, applies the filters (currently only the --model option) and
returns the first match. connect calls find_device and connects to the
returned device.
This refactoring allows us to add more device filters, for example a
--serial-number option, without code duplication.
|
|
|
|
|
|
|
|
| |
In the future we would like to provide more ways for tests to create a
Nitrocli instance. In order to prevent explosion of with_XXX methods for
each possible combination of arguments, this change allows for an easier
configuration of an existing object with builder-pattern-inspired
modifier methods.
|
|
|
|
|
|
|
|
| |
While the Nitrocli::model() method was well intentioned, we do not
actually need it because we create a Nitrocli instance from the model
passed to the individual test. We can just reuse this model instead.
With this patch we do exactly that, allowing us to get rid of
Nitrocli::model() all together.
|
|
|
|
|
|
| |
This patch adds a new section to the README that declares that we follow
the Semantic Versioning specification and that the public API of our
crate is defined by the man page.
|
|
|
|
|
|
|
|
| |
With this change we switch to using a REUSE compliant way of specifying
the copyright & license of the program. To be fully in conformance we
also add additional license specifications for the remaining files in
the project. Lastly, a new CI pipeline rule takes care of verifying
compliance on an ongoing basis.
|
|
|
|
|
| |
This change adjusts the copyright header in all files to no longer
mention individuals but refer to The Nitrocli Developers in general.
|
|
|
|
|
| |
This patch adds the from_env constructor to Context to make the main
function easier to read.
|
|
|
|
|
|
|
| |
Since we moved the model, no_cache and verbosity fields from ExecCtx
into Config and added a Config field to both ExecCtx and RunCtx, RunCtx
and ExecCtx are identical. Therefore this patch merges the ExecCtx and
RunCtx structs into the new Context struct.
|
|
|
|
|
|
|
| |
With the switch from argparse over to structopt a while back the need
for the Stdio trait that we used for abstracting over the different
contexts vanished. With this change we remove the trait and its various
implementations.
|
|
|
|
|
|
|
| |
This patch updates the man page for the last changes:
- new option --no-cache
- changes to the environment variables
- configuration files
|
|
|
|
|
|
|
|
| |
This patch adds a new --no-cache option that corresponds to the
NITROCLI_NO_CACHE environment variable and the no_cache configuration.
This makes the user interface more consistent as all configuration items
are now backed by both an environment variable and a command-line
option.
|
|
|
|
|
|
|
|
| |
This patch adds a simple configuration file that demonstrates the syntax
and contains some documentation. We suggest to ship this file together
with nitrocli and to install it e.g., in the /usr/share/doc/nitrocli
directory. This patch also adds a simple test case that makes sure that
the example file is parsed correctly.
|
|
|
|
|
|
|
|
|
| |
This patch uses the directories crate to query the appropriate path for
the configuration files. For Linux, paths according to the XDG Base
Directory Specification are used.
Note that directories does not yet support the XDG_CONFIG_DIRS variable
for system-wide configuration files. Therefore we only use a user
configuration file.
|
|
|
|
|
|
|
|
| |
This patch uses the envy crate to parse the environment. A variable
NITROCLI_KEY can be used to overwrite the configuration for *key*. This
has the side effect that the NITROCLI_NO_CACHE variable is evaluated as
a boolean variable (instead of only checking whether it is set). We
also accept two new variables, NITROCLI_MODEL and NITROCLI_VERBOSITY.
|
|
|
|
|
|
|
|
|
| |
This patch implements basic configuration handling that reads a
configuration file and stores the parsed data in the ExecCtx and RunCtx
structs. It supports three configuration items:
- model (previously only --model)
- no_cache (previously only NITROCLI_NO_CACHE)
- verbosity (previously only --verbose)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.3.4. The following
notable changes have been made since 0.3.3:
- Changed default OTP format from hex to base32
- Improved error reporting format and fidelity
- Added anyhow dependency in version 1.0.32
- Updated minimum required Rust version to 1.42.0
- Bumped nitrokey dependency to 0.7.1
- Bumped proc-macro2 dependency to 1.0.19
- Bumped syn dependency to 1.0.36
|
|
|
|
|
|
|
| |
The missing_copy_implementations lint is arguably not super useful in an
application crate, where no third party is consuming the type
definitions. As such, this change removes it from the list of lints
causing warnings.
|
|
|
|
|
| |
This change updates the syn dependency we consume to 1.0.36 and
proc-macro2 to 1.0.19.
|
|
|
|
|
|
|
| |
In the past we were using an application global custom Result type
definition. This makes less sense now that we switched over to using
anyhow's Error and Result types. We kept that for the time being, but
with this change we remove the type and use anyhow::Result instead.
|
|
|
|
|
|
| |
This change removes the error module. This module, and the Error type it
homes, are no longer used by the application, as everything has been
transitioned over to using anyhow's Error type.
|
|
|
|
|
|
|
|
|
| |
With the move to using anyhow's Error type and adding contextual
information at the point where we bubble up errors, we no longer require
the 'msg' argument that is passed to the try_with_pin_* and authenticate
functions.
To that end, this change removes this parameter, concluding the switch
to using anyhow.
|