| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
| |
With recent changes we are able to execute user-provided extensions
through the program. However, discoverability is arguably lacking,
because nitrocli provides no insight into what extensions are available
to begin with.
This patch changes this state of affairs by listing available extensions
in the help text.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces support for discovering and executing
user-provided extensions to the program. Extensions are useful for
allowing users to provide additional functionality on top of the
nitrocli proper. Implementation wise we stick to an approach similar to
git or cargo subcommands in nature: we search the directories listed in
the PATH environment variable for a file that starts with "nitrocli-",
followed by the extension name. This file is then executed. It is
assumed that the extension recognizes (or at least not prohibits) the
following arguments: --nitrocli (providing the path to the nitrocli
binary), --model (with the model passed to the main program), and
--verbosity (the verbosity level).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch renames the options for the config set command:
--numlock ==> --num-lock
--capslock ==> --caps-lock
--scrolllock ==> --scroll-lock
--no-numlock ==> --no-num-lock
--no-capslock ==> --no-caps-lock
--no-scrolllock ==> --no-scroll-lock
The original naming was based on a typo in nitrokey-rs (scrollock vs.
scrolllock). Also, the typical spelling for the keys is Num Lock, Caps
Lock and Scroll Lock, so using a hyphen is a more natural.
|
|
|
|
|
|
| |
This patch updates the nitrokey dependency to version 0.8.0 and applies
all breaking changes (Config fields renaming, DeviceWrapper and Model
non-exhaustiveness, changed Display implementation for Model).
|
|
|
|
|
|
|
| |
The fill command starts a background operation on a Nitrokey Storage
device that fills the SD card with random data. This patch adds a new
option, --progress, to the fill command that checks if a fill operation
is already running on the device and shows its progress.
|
|
|
|
|
| |
This patch uses the progressing crate to display a progress bar for the
fill command if the output is printed to a TTY.
|
|
|
|
|
|
| |
This patch adds the fill command that overwrites the SD card with random
data. Similar to the reset command, we always require the user to enter
the admin PIN even if is cached.
|
|
|
|
|
|
|
|
|
|
| |
The Storage device keeps track of the areas of the SD card that have
been written to during this power cycle. This data can be accessed using
the NK_get_SD_usage_data function that returns a range of the SD card
that has not been written. This data can be used as a guide line when
creating new hidden volumes.
This patch adds the SD card usage data to the output of the status
command for Nitrokey Storage devices.
|
|
|
|
|
|
|
|
|
| |
When we originally switched over to using anyhow for error handling, we
evidently missed to take advantage of its context support in a couple of
error paths. The result was that we ended up with rather long winded
> result.ok_or_else(|| anyhow::anyhow!(...))
constructs.
This change shortens them, making use of the anyhow::Context trait.
|
|
|
|
|
| |
For consistency with the --usb-path option, this path renames the device
path column in the output of the list command to USB path.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the --usb-path option as an additional way to filter the
Nitrokey device to connect to. While the serial number is a better
identifier in theory, the Nitrokey Storage devices do not send their
serial number in the USB device descriptor. Having the --usb-path
options allows users to select one of multiple Nitrokey Storage devices.
While we could directly call the nitrokey::Manager::connect_path
function with the specified path, we integrate the --usb-path option
into the existing find_device function for consistent error messages and
to avoid having to duplicate the --model and --serial-number checks.
|
|
|
|
|
|
|
|
| |
This patch adds the --serial-number option that allows the user to
filter the attached Nitrokey devices by serial number. As the Nitrokey
Storage does not include its serial number in the USB device descriptor
and as we don't want to connect to it just to query the serial number,
this option only works for Nitrokey Storage devices.
|
|
|
|
|
|
|
|
| |
Previously, we just applied our filter (if any) to all attached Nitrokey
devices and selected the first match when connection to a Nitrokey
device. This may lead to unexpected behavior if multiple devices are
attached. This patch changes the find_device function to return an
error if multiple matching devices are found.
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces two new functions, find_device and connect, to
connect to a Nitrokey device. find_device queries the attached Nitrokey
devices, applies the filters (currently only the --model option) and
returns the first match. connect calls find_device and connects to the
returned device.
This refactoring allows us to add more device filters, for example a
--serial-number option, without code duplication.
|
|
|
|
|
|
|
|
| |
With this change we switch to using a REUSE compliant way of specifying
the copyright & license of the program. To be fully in conformance we
also add additional license specifications for the remaining files in
the project. Lastly, a new CI pipeline rule takes care of verifying
compliance on an ongoing basis.
|
|
|
|
|
| |
This change adjusts the copyright header in all files to no longer
mention individuals but refer to The Nitrocli Developers in general.
|
|
|
|
|
|
|
| |
Since we moved the model, no_cache and verbosity fields from ExecCtx
into Config and added a Config field to both ExecCtx and RunCtx, RunCtx
and ExecCtx are identical. Therefore this patch merges the ExecCtx and
RunCtx structs into the new Context struct.
|
|
|
|
|
|
|
|
|
| |
This patch implements basic configuration handling that reads a
configuration file and stores the parsed data in the ExecCtx and RunCtx
structs. It supports three configuration items:
- model (previously only --model)
- no_cache (previously only NITROCLI_NO_CACHE)
- verbosity (previously only --verbose)
|
|
|
|
|
|
|
|
|
| |
With the move to using anyhow's Error type and adding contextual
information at the point where we bubble up errors, we no longer require
the 'msg' argument that is passed to the try_with_pin_* and authenticate
functions.
To that end, this change removes this parameter, concluding the switch
to using anyhow.
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes our error handling approach from the ground up:
instead of having a globally used Error enum that contains variants for
all possible errors, we now use anyhow's Error type. This approach is
more dynamic (and not statically typed), but it allows for more fine
grained error messages and overall more user-friendly error reporting.
Overall it also is a net simplification. While we have one dynamic cast
now, in order to be able to handle erroneous password/PIN entries
correctly, that is considered a reasonable compromise.
|
|
|
|
|
|
| |
We have never been fully satisfied with the name arg_defs. Now that we
have gotten rid of the formerly used args module, this change renames
arg_defs to args.
|
|
|
|
|
|
| |
This change removes the args module by moving all remaining
functionality in it into main.rs. The result is arguably a nice
consolidation of all context related definitions in a single module.
|
|
|
|
|
|
| |
As a next step moving us closer towards removing the args module, this
change merges the config_set function into the existing function of the
same name in the commands module.
|
|
|
|
|
|
|
|
|
| |
Now that we have isolated and separated out structopt specific
definitions into a new module, arg_defs, args.rs is actually so small
that we do not want to keep it around any longer.
This change marks a first step moving us closer towards removing it.
Specifically, it merges the otp_set function from args.rs into the
function of the same name in commands.rs.
|
|
|
|
|
|
|
|
| |
The PinType struct, despite being intended for the pinentry module, is
ultimately part of the argument handling definitions. Because our goal
is to consolidate all of those in a single file, this change moves the
definition of this type from the pinentry module into the newly
introduced arg_defs.
|
|
|
|
|
|
|
|
| |
This change marks the first step in a restructuring of the argument
handling code, the ultimate goal of which is a separation of the type
definitions as used by structopt from the logic associated with it. This
change in particular introduces a new module, arg_defs, that contains
all those type definitions that previously resided in the args module.
|
|
|
|
|
|
| |
nitrokey 0.6.0 introduced the SerialNumber struct (instead of
representing serial numbers as strings). We no longer have to manually
format the serial number as SerialNumber implements Display.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the list command that lists all attached Nitrokey
devices. Currently the Nitrokey Storage does not report its serial
number during HID enumeration, see [0]. So if we detect a Nitrokey
Storage device, we connect to it and use the get_serial_number function
to query its serial number. This can be disabled using the --no-connect
option.
Note that even the get_serial_number function reports a wrong serial
number for the Nitrokey Storage, see [1].
[0] https://github.com/Nitrokey/nitrokey-storage-firmware/issues/88
[1] https://github.com/Nitrokey/nitrokey-storage-firmware/issues/76
|
|
|
|
|
| |
This patch adds the basic scaffolding for the list command which will
list all attached Nitrokey devices.
|
|
|
|
|
|
| |
This change updates the version of the nitrokey crate that we use to
0.5.1. As part of that, it replaces occurrences of Storage::get_status
with Storage::get_storage_status as the method has been renamed.
|
|
Now that all vendored dependencies have been removed, this change moves
the program's source code from the nitrocli/ directory into the root of
the repository.
|