| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
As we no longer have to implement the Display and AsRef traits for the
enums generated with the Command! macro, we don’t have to set a string
representation either. So we can drop this argument from the Command!
macro.
|
|
|
|
|
|
| |
In the previous patches, we replaced argparse with structopt and removed
the argparse dependency. This patch removes the code that was only
needed for argparse.
|
|
|
|
|
|
| |
As we have replaced argparse with structopt, we no longer need it as a
dependency. This patch removes the dependency from Cargo.toml and
deletes the included copy.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes the argument handling code to use structopt instead
of argparse using the data structures we introduced in the last patch.
As part of that transition we replace the old Error::ArgparseError
variant with ClapError that stores a structopt::clap::Error.
Because of that replacement, the format of the help messages changed,
breaking some of the tests. Hence, this change adapts them accordingly.
Also clap currently prints the version output to stdout, so we ignore
the version_option test case for now.
|
|
|
|
|
|
| |
This patch introduces new structs that can be used with structopt to
store the options and arguments parsed from the command line. These
structs use the existing enums and command structs.
|
|
|
|
|
|
| |
As a preparation for the structopt transition, we derive StructOpt for
the enums generated by Command! so that they can be used as a
subcommand.
|
|
|
|
|
|
|
| |
For the transition to structopt, we have to be able to easily construct
enum variants once we have added fields to them. Therefore we implement
the Default trait in the generated macros by choosing the first variant
as the default.
|
|
|
|
|
|
| |
To be able to use the enums generated by Command! with structopt, we
have to be able to add fields to them. This patch adds a new variant to
the Command! macro that supports fields.
|
|
|
|
|
| |
For easier refactoring, we remove the internal enum_int! macro and
instead copy its code to the Enum! and Command! macros.
|
|
|
|
|
|
|
|
|
| |
In one of the next patches, we will add fields to some Command variants
to be able to use them with structopt. Then we will no longer be able
to instantiate them directly, so we replace these instances for the
transition.
This patch also removes the cmd_help! macro that is no longer needed.
|
|
|
|
|
| |
structopt requires that FromStr::Err implements std::fmt::Display.
Therefore we now return a String that contains a list of allowed values.
|
|
|
|
|
|
| |
For an easier transition to structopt, this patch splits the two cases
of the Enum! macro into two separate macros (that internally both call
the new enum_int! macro).
|
|
|
|
|
| |
This patch series replaces argparse with structopt in the argument
handling code. As a first step, we need structopt as a dependency.
|
|
|
|
|
|
| |
Now that all vendored dependencies have been removed, this change moves
the program's source code from the nitrocli/ directory into the root of
the repository.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While it appears that by now we actually can get successful builds
without Cargo insisting on Internet access by virtue of using the
--frozen flag, maintaining vendored dependencies is somewhat of a pain
point. This state will also get worse with upcoming changes that replace
argparse in favor of structopt and pull in a slew of new dependencies by
doing so. Then there is also the repository structure aspect, which is
non-standard due to the way we vendor dependencies and a potential
source of confusion.
In order to fix these problems, this change removes all the vendored
dependencies we have.
Delete subrepo argparse/:argparse
Delete subrepo base32/:base32
Delete subrepo cc/:cc
Delete subrepo cfg-if/:cfg-if
Delete subrepo getrandom/:getrandom
Delete subrepo lazy-static/:lazy-static
Delete subrepo libc/:libc
Delete subrepo nitrokey-sys/:nitrokey-sys
Delete subrepo nitrokey/:nitrokey
Delete subrepo rand/:rand
|
|
|
|
|
|
|
|
|
| |
This patch updates the packaging instruction for Debian: Instead of
updating the TODO.rst file, we now have to create a RFS file in the
source directory.
This patch also adds links to the trackers for the Debian and Ubuntu
packages.
|
|
|
|
|
|
|
|
|
|
| |
This change updates the links to the Debian & Ubuntu packages in the
README. The previously used links were release-specific, which makes
them prone to becoming outdated over time.
The new Debian link now is to "stable", which is updated automatically
as time goes on and new releases are made. For Ubuntu, there is no such
meta release and so we link the search results instead, which fulfill a
similar purpose.
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.3.1. The following
notable changes have been made since 0.3.0:
- Added note about interaction with GnuPG to README file
- Bumped nitrokey dependency to 0.4.0
- Bumped nitrokey-sys dependency to 3.5.0
- Added lazy_static dependency in version 1.4.0
- Added cfg-if dependency in version 0.1.10
- Added getrandom dependency in version 0.1.13
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change finally updates the version of the nitrokey crate that we
consume to 0.4.0. Along with that we update rand_core, one of its
dependencies, to 0.5.1. Further more we add cfg-if in version 0.1.10 and
getrandom in version 0.1.13, both of which are now new (non-development)
dependencies.
Import subrepo nitrokey/:nitrokey at e81057037e9b4f370b64c0a030a725bc6bdfb870
Import subrepo cfg-if/:cfg-if at 4484a6faf816ff8058088ad857b0c6bb2f4b02b2
Import subrepo getrandom/:getrandom at d661aa7e1b8cc80b47dabe3d2135b3b47d2858af
Import subrepo rand/:rand at d877ed528248b52d947e0484364a4e1ae59ca502
|
|
|
|
|
|
|
| |
This change updates two development-only crates that have received
upstream updates:
- nitrokey-test is updated to 0.3.2
- regex is updated to 1.3.1
|
|
|
|
|
|
|
|
|
| |
This change updates the minimum required version of Rust to 1.35.0. The
motivation for doing so is at least two fold. First, next we want to
bump the nitrokey crate to version 0.4.0 and it requires Rust 1.34.0 as
a minimum. Second, and perhaps more importantly, though, in 1.34.0 a
clippy lint regressed, breaking our pipeline. That is the reason why we
are going to 1.35.0 instead.
|
|
|
|
|
| |
With Rust 1.40 the unions_with_drop_fields lint has been removed. This
change removes it from our list of lints as well.
|
|
|
|
|
|
| |
This change updates the lazy_static crate version to 1.4.0.
Import subrepo lazy-static/:lazy-static at 421669662b35fcb455f2902daed2e20bbbba79b6
|
|
|
|
|
|
|
|
|
|
|
|
| |
Applications accessing the Nitrokey device through libnitrokey
apparently lock the device. This lock may not be released in time,
causing GnuPG operations performed shortly afterwards to fail (or, the
other way around, when accessing the GPG smart card through GnuPG and
then using nitrocli, the latter program may fail the interaction).
Unfortunately there is nothing we can do directly about this problem on
the nitrocli side of things, as the problem seemingly needs to be fixed
in the firmware. Hence, with this change we add a note about this
problem including a reference to the upstream issue to the README.
|
|
|
|
|
|
|
| |
For a while now the program has not only supported Nitrokey Storage but
also Nitrokey Pro devices. Back when we added support for the latter we
missed updating the program's description inside Cargo.toml. This change
takes care of this oversight.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change updates the version of the nitrokey crate that we use to
0.4.0-alpha.3. This version is the supposedly last pre-release before
0.4.0, with no further major anticipated changes.
In order to integrate with this new version we have to adjust the way we
connect to a Nitrokey device by funneling those connection requests
through a global manager object. The rationale behind that step being
that the underlying libnitrokey actually cannot handle access of
multiple devices at the same time, and so the manager object is used to
prevent accidental wrong concurrent usage.
Because a device object now effectively keeps a reference to the
manager, we need to provide an additional lifetime to that and derived
objects.
Lastly, the use of a manager is also the reason why the tests had to be
adjusted to no longer accept device objects in their signatures, but
only the respective model for which to invoke the test. That is required
because, as elaborated earlier on, having a device object implies having
taken a reference to a manager (in that case owned by nitrokey-test),
and that reference clashes with the nitrocli code itself attempting to
take the manager. We side step this problem by merely accepting a Model
object, which can be passed around independently of the manager itself,
meaning that nitrokey-test does not need to hold such a reference while
the test is run.
Import subrepo nitrokey/:nitrokey at f150d59410eefdec2ae69b2422906a3d1d88aa07
Import subrepo nitrokey-sys/:nitrokey-sys at 8695e2c762807e033a86c8d03974b686d20cdd72
Import subrepo lazy-static/:lazy-static at b4b2b16aaa79dd7548e288455a0dbe4065bf4e1a
|
|
|
|
|
|
|
|
|
|
| |
This change updates the dependency to nitrokey to version 0.4.0-alpha.2.
In addition to minor interface changes for the get_*_firmware_version
and get_*_retry_count functions, several functions that change the
device state now require a mutable handle to the nitrokey. Hence, this
patch a number of function signatures to accept mutable device objects.
Import subrepo nitrokey/:nitrokey at 34efcfadf1436102e42144f710edabaa2c4b55cd
|
|
|
|
|
|
| |
Since version 0.4.0, nitrokey provides the default admin and user PIN as
constants. This patch removes the constants from nitrocli and uses
nitrokey's constant instead.
|
|
|
|
|
|
|
|
| |
With nitrokey-test up to version 0.2.0 we required a work around to make
device tests work across different modules.
With this patch we bump the consumed version of the crate to 0.2.1, as
part which the underlying problem got fixed. Hence, with this change we
remove this hack as it is no longer needed.
|
|
|
|
|
|
|
|
|
|
|
| |
This is patch marks the first step in the process of updating the
nitrokey dependency to version 0.4. In particular, it integrates with
the first alpha version.
The main change on the nitrocli side accompanying the version bump is
that the nitrokey::CommandError got replaced by a more general
nitrokey::Error which includes the former variant.
Import subrepo nitrokey/:nitrokey at d433189caefe6bd6c88da7fbb1d6e9304353eb83
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.3.0. The following
notable changes have been made since 0.2.4:
- Added unencrypted command with set subcommand for changing the
unencrypted volume's read-write mode
- Changed storage hidden subcommand to hidden top-level command
- Renamed storage command to encrypted
- Removed storage status subcommand
- Moved its output into status command
- Removed previously deprecated --ascii option from otp set command
- Fixed wrong hexadecimal conversion used in otp set command
- Bumped nitrokey dependency to 0.3.5
- Bumped libc dependency to 0.2.66
- Bumped cc dependency to 1.0.48
|
|
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.5. The main reason
for this new version of the crate is a build fix due to a backwards
compatibility breaking change in upstream libnitrokey. For that reason,
we also have to bump the minimum required version to avoid build
failures.
Import subrepo nitrokey/:nitrokey at f2cc7fdf081340b0b812f0b212537ba2b55d382e
|
|
|
|
|
|
| |
This change updates the cc crate to version 1.0.48.
Import subrepo cc/:cc at be9f2c1ae05b336aa3d07a4cbefdc1d88a3d8a91
|
|
|
|
|
|
| |
This change updates the libc crate to version 0.2.66.
Import subrepo libc/:libc at 4f11029a68040c90acf771976b019c1ef273a8cd
|
|
|
|
|
|
|
|
|
|
| |
The library ultimately taking care of communicating with the Nitrokey
device, libnitrokey, unconditionally expects hexadecimal strings
supplied as part of the configuration of an OTP slot to have an even
number of bytes.
Users should not be aware of this detail and so with this change we take
care of padding the supplied string with a leading zero to make such a
configuration go through without an error.
|
|
|
|
|
|
|
|
|
|
|
|
| |
When reading a secret in ascii or base32 format from the user, we
perform a conversion of the potentially decoded string into hexadecimal
bytes, because that is what libnitrokey expects.
The format string we used in the conversion, however, did not account
for padding with a leading zero for single digit results. E.g., the
newline/line feed symbol '\n', which has a decimal value of 10 would
result in the string 'a' being produced, whereas '0a' would be the
correct result.
This change corrects the format string to fix this problem.
|
|
|
|
|
|
|
|
|
| |
The otp set subcommand allows for three different formats in which the
user may pass in the secret, with the default being hexadecimal. By
convention we convey the default being used in the help text to the
respective command, but that default was missing here.
To that end, this change makes sure to include the default format being
used in corresponding help text.
|
|
|
|
|
|
| |
This change introduces a constant for the frequently used string
"nitrocli" to the program and replaces usages of those strings with
references to the constant.
|
|
|
|
|
|
|
|
|
|
|
| |
Subcommands of the encrypted and unencrypted commands were found to have
a wrong help text displayed. The reason for that behavior was that the
subargs were are constructing as part of the argument parsing process
were missing the command being requested and instead containing only the
subcommand.
This change fixes this deficiency. It also adds a test ensuring that the
"Usage" string displayed in the help text of each command and subcommand
contains the proper arguments.
|
|
|
|
|
|
| |
This change updates the cc crate to version 1.0.40.
Import subrepo cc/:cc at 6ad3da7558ec3ccb4dc9c2ed1487fc139469d41e
|
|
|
|
|
|
| |
This change updates the libc crate to version 0.2.62.
Import subrepo libc/:libc at 37f8f8dc233a79ea9cc89b102aa30ff6e402fe94
|
|
|
|
|
|
|
|
|
|
| |
Similar to the with_*device functions introduced in a previous change,
this change introduces a with_password_safe function that is a short
hand for opening the Nitrokey, retrieving a handle to the password safe,
and invoking a user-supplied function on it.
This function will allow us to prevent life time inference problems
caused by passing around a PasswordSafe object, which will contain an
additional reference (and with that, lifetime) in nitrokey version 0.4.
|
|
|
|
|
|
|
| |
With an upcoming change we will require an ExecCtx in one of the
op functions passed to the with_* and try_with_* functionality. To
allow for such cases, this change adjusts the signature of those
functions to provide a reference to such a context.
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces a new trait, TryInto, to the crate. In the future
this trait will allow us to keep a flexible set of error result types
from the various try_with_* functions, which use a certain nitrokey
error variant to check for the entry of a wrong secret.
Note that while a TryInto trait exists in Rust's standard library, that
was not found to be helpful because we have no way to define it for
nitrkey crate's error type. Because of that, we will always have a
mismatch between our internal error and std::convert::Infallible.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upcoming nitrokey 0.4 release changes the way a device handle can be
acquired, requiring a manager instance for doing so in an attempt to
prevent users from opening multiple sessions (which is not something
that libnitrokey supports).
A straight integration of the reworked API surface into our program
would severely complicate the architecture because of the additional
requirement of keeping a manager object around while a device is being
used.
To make the program more amenable to those changes in nitrokey, this
patch reworks the way we interact with a device handle: instead of
passing the device object around we pass in the functionality making use
of it in the form of a function. In more concrete terms, instead of
retrieving a device handle via get_device() we now have a with_device()
function that takes care of opening the device and then passing it to a
user-provided function.
|
|
|
|
|
|
|
|
|
| |
The try_with_* and authenticate functions accept a user-supplied
function to work with. Currently this function is declared as Fn. That,
however, is unnecessarily restrictive.
With this change we declare said function an FnMut instead, which allows
it to potentially capture variables from its environment in a mutable
manner.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We recently fixed a compilation failure in some test code caused by a
use declaration that was ultimately unused. To this point we were under
the impression that there was a set of lints that were known to be
potentially changing in backwards incompatible ways while others would
not. Discovery of unused use declarations or symbols was always assumed
to fall into the latter category.
Because such a build breakage due to semantic change in what a lint can
detect by now is a repeated pattern (with dire consequences), this
change downgrades all 'deny'-style lints to warnings in order to prevent
similar problems in the future.
|
|
|
|
|
|
|
|
| |
For functionality that explicitly works with the storage device we emit
an error message stating that a "Nitrokey Storage" device could not be
found. When the user chooses the model using the -m/--model argument
that is not the case.
With this patch we adjust the error message printed.
|
|
|
|
|
| |
This patch replaces two cases where we use Result::or_else over the more
idiomatic (and shorter) Result::map_err for converting errors.
|
|
|
|
|
|
|
|
|
|
| |
This change removes the explicit change of the global allocator to the
system allocator that we introduced a while back.
The reason this was needed in the past was due to Rust's use of jemalloc
in the default configuration, which increases binary size quite
significantly. However, with Rust issue #36963 fixed, jemalloc is now an
explicit opt-in and the system allocator is the default choice --
rendering our explicit change rather pointless.
|