| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces support for discovering and executing
user-provided extensions to the program. Extensions are useful for
allowing users to provide additional functionality on top of the
nitrocli proper. Implementation wise we stick to an approach similar to
git or cargo subcommands in nature: we search the directories listed in
the PATH environment variable for a file that starts with "nitrocli-",
followed by the extension name. This file is then executed. It is
assumed that the extension recognizes (or at least not prohibits) the
following arguments: --nitrocli (providing the path to the nitrocli
binary), --model (with the model passed to the main program), and
--verbosity (the verbosity level).
|
|
|
|
|
|
|
|
|
|
| |
This change reorders and subdivides the Environment section we have in
the manual. The first subsection in it is about variables pertaining the
program configuration and the second one about those influencing
password & PIN entry. Having these dedicated subsections will
subsequently allow us to reference them in follow up changes. The
reordering is meant to reflect the more general applicability that
configuration variables have.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch renames the options for the config set command:
--numlock ==> --num-lock
--capslock ==> --caps-lock
--scrolllock ==> --scroll-lock
--no-numlock ==> --no-num-lock
--no-capslock ==> --no-caps-lock
--no-scrolllock ==> --no-scroll-lock
The original naming was based on a typo in nitrokey-rs (scrollock vs.
scrolllock). Also, the typical spelling for the keys is Num Lock, Caps
Lock and Scroll Lock, so using a hyphen is a more natural.
|
|
|
|
| |
This patch adds the librem device model for the Librem Key.
|
|
|
|
|
|
|
| |
The fill command starts a background operation on a Nitrokey Storage
device that fills the SD card with random data. This patch adds a new
option, --progress, to the fill command that checks if a fill operation
is already running on the device and shows its progress.
|
|
|
|
|
|
| |
This patch adds the fill command that overwrites the SD card with random
data. Similar to the reset command, we always require the user to enter
the admin PIN even if is cached.
|
|
|
|
|
|
|
|
|
|
| |
The Storage device keeps track of the areas of the SD card that have
been written to during this power cycle. This data can be accessed using
the NK_get_SD_usage_data function that returns a range of the SD card
that has not been written. This data can be used as a guide line when
creating new hidden volumes.
This patch adds the SD card usage data to the output of the status
command for Nitrokey Storage devices.
|
|
|
|
|
|
|
|
|
|
| |
When we switched the default OTP format from hexadecimal to base32 we
missed that the manual was providing examples of the otp set command
that were implicitly making use of the default format -- leading to a
mismatch between what the example is meant to do and what it actually
does.
This change fixes this oversight in the manual by adjusting the examples
accordingly.
|
|
|
|
|
|
|
|
| |
The man page mentions a password safe slot count of 20 for both the
Nitrokey Pro and the Nitrokey Storage devices. This count is incorrect,
as both devices can store only 16 entries each, as is evident from the
corresponding technical details for each device. With this change we
correct said number.
|
|
|
|
|
| |
For consistency with the --usb-path option, this path renames the device
path column in the output of the list command to USB path.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the --usb-path option as an additional way to filter the
Nitrokey device to connect to. While the serial number is a better
identifier in theory, the Nitrokey Storage devices do not send their
serial number in the USB device descriptor. Having the --usb-path
options allows users to select one of multiple Nitrokey Storage devices.
While we could directly call the nitrokey::Manager::connect_path
function with the specified path, we integrate the --usb-path option
into the existing find_device function for consistent error messages and
to avoid having to duplicate the --model and --serial-number checks.
|
|
|
|
|
|
|
|
| |
This patch adds the --serial-number option that allows the user to
filter the attached Nitrokey devices by serial number. As the Nitrokey
Storage does not include its serial number in the USB device descriptor
and as we don't want to connect to it just to query the serial number,
this option only works for Nitrokey Storage devices.
|
|
|
|
|
|
|
|
| |
Previously, we just applied our filter (if any) to all attached Nitrokey
devices and selected the first match when connection to a Nitrokey
device. This may lead to unexpected behavior if multiple devices are
attached. This patch changes the find_device function to return an
error if multiple matching devices are found.
|
|
|
|
|
|
|
|
| |
With this change we switch to using a REUSE compliant way of specifying
the copyright & license of the program. To be fully in conformance we
also add additional license specifications for the remaining files in
the project. Lastly, a new CI pipeline rule takes care of verifying
compliance on an ongoing basis.
|
|
|
|
|
|
|
| |
This patch updates the man page for the last changes:
- new option --no-cache
- changes to the environment variables
- configuration files
|
|
|
|
|
|
|
|
| |
This patch adds a simple configuration file that demonstrates the syntax
and contains some documentation. We suggest to ship this file together
with nitrocli and to install it e.g., in the /usr/share/doc/nitrocli
directory. This patch also adds a simple test case that makes sure that
the example file is parsed correctly.
|
|
|
|
|
|
|
|
|
|
|
| |
An arguably unrepresentative survey of services (GitHub, Google
Authenticator, and Bitbucket) seems to suggests that the base32 format
is the de-facto standard format for OTP secrets. Given that it's not
necessarily obvious what format a secret is in and that most services
refrain from mentioning it explicitly, having the correct default format
is fairly important.
With this change we switch the default format from hexadecimal to
base32 to accommodate for this finding.
|
|
|
|
|
|
|
| |
As it is no longer required to set the global options before the command
and as we will probably introduce more global options with the next
releases, this patch removes the global options from the synopsis line
in the man page. See issue #102 for more details.
|
| |
|
|
Now that all vendored dependencies have been removed, this change moves
the program's source code from the nitrocli/ directory into the root of
the repository.
|