From cce2ee3c72e680c14516979bfc0108ab2341141b Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Thu, 10 Sep 2020 11:01:18 +0200 Subject: Print SD card usage in Storage status The Storage device keeps track of the areas of the SD card that have been written to during this power cycle. This data can be accessed using the NK_get_SD_usage_data function that returns a range of the SD card that has not been written. This data can be used as a guide line when creating new hidden volumes. This patch adds the SD card usage data to the output of the status command for Nitrokey Storage devices. --- CHANGELOG.md | 2 ++ README.md | 3 ++- doc/nitrocli.1 | 7 ++++++- doc/nitrocli.1.pdf | Bin 42203 -> 42350 bytes src/commands.rs | 10 +++++++++- src/tests/status.rs | 1 + 6 files changed, 20 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 83fc8d9..6a7cd93 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,8 @@ Unreleased device to connect to - Added `--usb-path` option that restricts the USB path of the device to connect to +- Added SD card usage information to the output of the `status` command for + Storage devices - Bumped `structopt` dependency to `0.3.17` diff --git a/README.md b/README.md index e6500f0..39cfcf2 100644 --- a/README.md +++ b/README.md @@ -58,11 +58,12 @@ $ nitrocli status Status: model: Storage serial number: 0x00053141 - firmware version: 0.47 + firmware version: v0.54 user retry count: 3 admin retry count: 3 Storage: SD card ID: 0x05dcad1d + SD card usage: 24% .. 99% not written firmware: unlocked storage keys: created volumes: diff --git a/doc/nitrocli.1 b/doc/nitrocli.1 index 6fb1fd9..b07b36a 100644 --- a/doc/nitrocli.1 +++ b/doc/nitrocli.1 @@ -70,7 +70,8 @@ them, set the \fB\-\-no-connect\fR option. Print the status of the connected Nitrokey device, including the stick serial number, the firmware version, and the PIN retry count. If the device is a Nitrokey Storage, also print storage related information including the SD card -serial number, the encryption status, and the status of the volumes. +serial number, the SD card usage during this power cycle, the encryption +status, and the status of the volumes. .TP .B nitrocli lock Lock the Nitrokey. @@ -121,6 +122,10 @@ respectively, the start and end position of the hidden volume inside the encrypted volume, as a percentage of the encrypted volume's size. This command requires a password which is later used to look up the hidden volume to open. Unlike a PIN, this password is not cached by \fBgpg\-agent\fR(1). + +As a guide line for creating new hidden volumes, the \fBstatus\fR command +provides a range of the SD card that has not been written to during this power +cycle. .TP \fBnitrocli hidden open Open a hidden volume. The volume to open is determined based on the password diff --git a/doc/nitrocli.1.pdf b/doc/nitrocli.1.pdf index d98ab41..be86627 100644 Binary files a/doc/nitrocli.1.pdf and b/doc/nitrocli.1.pdf differ diff --git a/src/commands.rs b/src/commands.rs index ebb28ca..07ba652 100644 --- a/src/commands.rs +++ b/src/commands.rs @@ -6,6 +6,7 @@ use std::convert::TryFrom as _; use std::fmt; use std::mem; +use std::ops; use std::ops::Deref as _; use std::thread; use std::time; @@ -334,11 +335,13 @@ where fn print_storage_status( ctx: &mut Context<'_>, status: &nitrokey::StorageStatus, + sd_card_usage: &ops::Range, ) -> anyhow::Result<()> { println!( ctx, r#" Storage: SD card ID: {id:#x} + SD card usage: {usagestart}% .. {usageend}% not written firmware: {fw} storage keys: {sk} volumes: @@ -346,6 +349,8 @@ fn print_storage_status( encrypted: {ve} hidden: {vh}"#, id = status.serial_number_sd_card, + usagestart = sd_card_usage.start, + usageend = sd_card_usage.end, fw = if status.firmware_locked { "locked" } else { @@ -398,8 +403,11 @@ fn print_status( let status = device .get_storage_status() .context("Failed to retrieve storage status")?; + let sd_card_usage = device + .get_sd_card_usage() + .context("Failed to retrieve SD card usage")?; - print_storage_status(ctx, &status) + print_storage_status(ctx, &status, &sd_card_usage) } else { Ok(()) } diff --git a/src/tests/status.rs b/src/tests/status.rs index fe69d78..ca16121 100644 --- a/src/tests/status.rs +++ b/src/tests/status.rs @@ -50,6 +50,7 @@ fn output_storage(model: nitrokey::Model) -> anyhow::Result<()> { admin retry count: [0-3] Storage: SD card ID: 0x[[:xdigit:]]{8} + SD card usage: \d+% .. \d+% not written firmware: (un)?locked storage keys: (not )?created volumes: -- cgit v1.2.3