Mutability fixes

1 files changed, 38 insertions, 34 deletions

diff --git a/nitrocli/src/commands.rs b/nitrocli/src/commands.rs
index ffe4496..869e667 100644
--- a/nitrocli/src/commands.rs
+++ b/nitrocli/src/commands.rs
@@ -95,7 +95,7 @@ where
 /// Open the password safe on the given device.
 fn get_password_safe<'dev, D>(
   ctx: &mut args::ExecCtx<'_>,
-  device: &'dev D,
+  device: &'dev mut D,
 ) -> Result<nitrokey::PasswordSafe<'dev>>
 where
   D: Device,
@@ -111,7 +111,7 @@ where
   )
 }
 
-fn with_password_safe<D, F>(ctx: &mut args::ExecCtx<'_>, device: &D, op: F) -> Result<()>
+fn with_password_safe<D, F>(ctx: &mut args::ExecCtx<'_>, device: &mut D, op: F) -> Result<()>
 where
   D: Device,
   F: FnOnce(&mut args::ExecCtx<'_>, nitrokey::PasswordSafe<'_>) -> Result<()>,
@@ -199,10 +199,10 @@ fn try_with_pin_and_data_with_pinentry<D, F, R>(
   pin_entry: &pinentry::PinEntry,
   msg: &'static str,
   data: D,
-  op: F,
+  mut op: F,
 ) -> Result<R>
 where
-  F: Fn(D, &str) -> result::Result<R, (D, nitrokey::Error)>,
+  F: FnMut(D, &str) -> result::Result<R, (D, nitrokey::Error)>,
 {
   let mut data = data;
   let mut retry = 3;
@@ -235,10 +235,10 @@ fn try_with_pin_and_data<D, F, R>(
   pin_entry: &pinentry::PinEntry,
   msg: &'static str,
   data: D,
-  op: F,
+  mut op: F,
 ) -> Result<R>
 where
-  F: Fn(D, &str) -> result::Result<R, (D, nitrokey::Error)>,
+  F: FnMut(D, &str) -> result::Result<R, (D, nitrokey::Error)>,
 {
   let pin = match pin_entry.pin_type() {
     pinentry::PinType::Admin => &ctx.admin_pin,
@@ -266,10 +266,10 @@ fn try_with_pin<F>(
   ctx: &mut args::ExecCtx<'_>,
   pin_entry: &pinentry::PinEntry,
   msg: &'static str,
-  op: F,
+  mut op: F,
 ) -> Result<()>
 where
-  F: Fn(&str) -> result::Result<(), nitrokey::Error>,
+  F: FnMut(&str) -> result::Result<(), nitrokey::Error>,
 {
   try_with_pin_and_data(ctx, pin_entry, msg, (), |data, pin| {
     op(pin).map_err(|err| (data, err))
@@ -358,7 +358,7 @@ pub fn status(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
 
 /// Perform a factory reset.
 pub fn reset(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_device(ctx, |ctx, device| {
+  with_device(ctx, |ctx, mut device| {
     let pin_entry = pinentry::PinEntry::from(pinentry::PinType::Admin, &device)?;
 
     // To force the user to enter the admin PIN before performing a
@@ -385,7 +385,7 @@ pub fn unencrypted_set(
   ctx: &mut args::ExecCtx<'_>,
   mode: args::UnencryptedVolumeMode,
 ) -> Result<()> {
-  with_storage_device(ctx, |ctx, device| {
+  with_storage_device(ctx, |ctx, mut device| {
     let pin_entry = pinentry::PinEntry::from(pinentry::PinType::Admin, &device)?;
     let mode = match mode {
       args::UnencryptedVolumeMode::ReadWrite => nitrokey::VolumeMode::ReadWrite,
@@ -407,7 +407,7 @@ pub fn unencrypted_set(
 
 /// Open the encrypted volume on the Nitrokey.
 pub fn encrypted_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_storage_device(ctx, |ctx, device| {
+  with_storage_device(ctx, |ctx, mut device| {
     let pin_entry = pinentry::PinEntry::from(pinentry::PinType::User, &device)?;
 
     // We may forcefully close a hidden volume, if active, so be sure to
@@ -422,7 +422,7 @@ pub fn encrypted_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
 
 /// Close the previously opened encrypted volume.
 pub fn encrypted_close(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_storage_device(ctx, |_ctx, device| {
+  with_storage_device(ctx, |_ctx, mut device| {
     // Flush all filesystem caches to disk. We are mostly interested in
     // making sure that the encrypted volume on the Nitrokey we are
     // about to close is not closed while not all data was written to
@@ -437,7 +437,7 @@ pub fn encrypted_close(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
 
 /// Create a hidden volume.
 pub fn hidden_create(ctx: &mut args::ExecCtx<'_>, slot: u8, start: u8, end: u8) -> Result<()> {
-  with_storage_device(ctx, |ctx, device| {
+  with_storage_device(ctx, |ctx, mut device| {
     let pwd_entry = pinentry::PwdEntry::from(&device)?;
     let pwd = if let Some(pwd) = &ctx.password {
       pwd
@@ -456,7 +456,7 @@ pub fn hidden_create(ctx: &mut args::ExecCtx<'_>, slot: u8, start: u8, end: u8)
 
 /// Open a hidden volume.
 pub fn hidden_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_storage_device(ctx, |ctx, device| {
+  with_storage_device(ctx, |ctx, mut device| {
     let pwd_entry = pinentry::PwdEntry::from(&device)?;
     let pwd = if let Some(pwd) = &ctx.password {
       pwd
@@ -479,7 +479,7 @@ pub fn hidden_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
 
 /// Close a previously opened hidden volume.
 pub fn hidden_close(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_storage_device(ctx, |_ctx, device| {
+  with_storage_device(ctx, |_ctx, mut device| {
     unsafe { sync() };
 
     device
@@ -527,7 +527,7 @@ pub fn config_set(
   user_password: Option<bool>,
 ) -> Result<()> {
   with_device(ctx, |ctx, device| {
-    let device = authenticate_admin(ctx, device)?;
+    let mut device = authenticate_admin(ctx, device)?;
     let config = device
       .get_config()
       .map_err(|err| get_error("Could not get configuration", err))?;
@@ -545,14 +545,18 @@ pub fn config_set(
 
 /// Lock the Nitrokey device.
 pub fn lock(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_device(ctx, |_ctx, device| {
+  with_device(ctx, |_ctx, mut device| {
     device
       .lock()
       .map_err(|err| get_error("Could not lock the device", err))
   })
 }
 
-fn get_otp<T: GenerateOtp>(slot: u8, algorithm: args::OtpAlgorithm, device: &T) -> Result<String> {
+fn get_otp<T: GenerateOtp>(
+  slot: u8,
+  algorithm: args::OtpAlgorithm,
+  device: &mut T,
+) -> Result<String> {
   match algorithm {
     args::OtpAlgorithm::Hotp => device.get_hotp_code(slot),
     args::OtpAlgorithm::Totp => device.get_totp_code(slot),
@@ -574,7 +578,7 @@ pub fn otp_get(
   algorithm: args::OtpAlgorithm,
   time: Option<u64>,
 ) -> Result<()> {
-  with_device(ctx, |ctx, device| {
+  with_device(ctx, |ctx, mut device| {
     if algorithm == args::OtpAlgorithm::Totp {
       device
         .set_time(
@@ -590,10 +594,10 @@ pub fn otp_get(
       .get_config()
       .map_err(|err| get_error("Could not get device configuration", err))?;
     let otp = if config.user_password {
-      let user = authenticate_user(ctx, device)?;
-      get_otp(slot, algorithm, &user)
+      let mut user = authenticate_user(ctx, device)?;
+      get_otp(slot, algorithm, &mut user)
     } else {
-      get_otp(slot, algorithm, &device)
+      get_otp(slot, algorithm, &mut device)
     }?;
     println!(ctx, "{}", otp)?;
     Ok(())
@@ -647,7 +651,7 @@ pub fn otp_set(
       args::OtpSecretFormat::Hex => data.secret,
     };
     let data = nitrokey::OtpSlotData { secret, ..data };
-    let device = authenticate_admin(ctx, device)?;
+    let mut device = authenticate_admin(ctx, device)?;
     match algorithm {
       args::OtpAlgorithm::Hotp => device.write_hotp_slot(data, counter),
       args::OtpAlgorithm::Totp => device.write_totp_slot(data, time_window),
@@ -664,7 +668,7 @@ pub fn otp_clear(
   algorithm: args::OtpAlgorithm,
 ) -> Result<()> {
   with_device(ctx, |ctx, device| {
-    let device = authenticate_admin(ctx, device)?;
+    let mut device = authenticate_admin(ctx, device)?;
     match algorithm {
       args::OtpAlgorithm::Hotp => device.erase_hotp_slot(slot),
       args::OtpAlgorithm::Totp => device.erase_totp_slot(slot),
@@ -768,7 +772,7 @@ fn choose_pin(
 
 /// Change a PIN.
 pub fn pin_set(ctx: &mut args::ExecCtx<'_>, pin_type: pinentry::PinType) -> Result<()> {
-  with_device(ctx, |ctx, device| {
+  with_device(ctx, |ctx, mut device| {
     let pin_entry = pinentry::PinEntry::from(pin_type, &device)?;
     let new_pin = choose_pin(ctx, &pin_entry, true)?;
 
@@ -791,7 +795,7 @@ pub fn pin_set(ctx: &mut args::ExecCtx<'_>, pin_type: pinentry::PinType) -> Resu
 
 /// Unblock and reset the user PIN.
 pub fn pin_unblock(ctx: &mut args::ExecCtx<'_>) -> Result<()> {
-  with_device(ctx, |ctx, device| {
+  with_device(ctx, |ctx, mut device| {
     let pin_entry = pinentry::PinEntry::from(pinentry::PinType::User, &device)?;
     let user_pin = choose_pin(ctx, &pin_entry, false)?;
     let pin_entry = pinentry::PinEntry::from(pinentry::PinType::Admin, &device)?;
@@ -846,8 +850,8 @@ pub fn pws_get(
   show_password: bool,
   quiet: bool,
 ) -> Result<()> {
-  with_device(ctx, |ctx, device| {
-    with_password_safe(ctx, &device, |ctx, pws| {
+  with_device(ctx, |ctx, mut device| {
+    with_password_safe(ctx, &mut device, |ctx, pws| {
       check_slot(&pws, slot)?;
 
       let show_all = !show_name && !show_login && !show_password;
@@ -873,8 +877,8 @@ pub fn pws_set(
   login: &str,
   password: &str,
 ) -> Result<()> {
-  with_device(ctx, |ctx, device| {
-    with_password_safe(ctx, &device, |_ctx, pws| {
+  with_device(ctx, |ctx, mut device| {
+    with_password_safe(ctx, &mut device, |_ctx, mut pws| {
       pws
         .write_slot(slot, name, login, password)
         .map_err(|err| get_error("Could not write PWS slot", err))
@@ -884,8 +888,8 @@ pub fn pws_set(
 
 /// Clear a PWS slot.
 pub fn pws_clear(ctx: &mut args::ExecCtx<'_>, slot: u8) -> Result<()> {
-  with_device(ctx, |ctx, device| {
-    with_password_safe(ctx, &device, |_ctx, pws| {
+  with_device(ctx, |ctx, mut device| {
+    with_password_safe(ctx, &mut device, |_ctx, mut pws| {
       pws
         .erase_slot(slot)
         .map_err(|err| get_error("Could not clear PWS slot", err))
@@ -916,8 +920,8 @@ fn print_pws_slot(
 
 /// Print the status of all PWS slots.
 pub fn pws_status(ctx: &mut args::ExecCtx<'_>, all: bool) -> Result<()> {
-  with_device(ctx, |ctx, device| {
-    with_password_safe(ctx, &device, |ctx, pws| {
+  with_device(ctx, |ctx, mut device| {
+    with_password_safe(ctx, &mut device, |ctx, pws| {
       let slots = pws
         .get_slot_status()
         .map_err(|err| get_error("Could not read PWS slot status", err))?;