diff options
| author | Daniel Mueller <deso@posteo.net> | 2019-08-12 22:23:33 -0700 |
|---|---|---|
| committer | Daniel Mueller <deso@posteo.net> | 2019-08-12 22:23:33 -0700 |
| commit | 47ea358ddc1bc37b809f9f5b893a6b099cbb262b (patch) | |
| tree | 322f204230693883c1d9759cb2f88aaddc0e3b7a /nitrocli | |
| parent | 4dc73375e0364aea70b52682b916635b7b75a2eb (diff) | |
| download | nitrocli-47ea358ddc1bc37b809f9f5b893a6b099cbb262b.tar.gz nitrocli-47ea358ddc1bc37b809f9f5b893a6b099cbb262b.tar.bz2 | |
Update nitrokey crate to 0.4.0-alpha.3
This change updates the version of the nitrokey crate that we use to
0.4.0-alpha.3. This version is the supposedly last pre-release before
0.4.0, with no further major anticipated changes.
In order to integrate with this new version we have to adjust the way we
connect to a Nitrokey device by funneling those connection requests
through a global manager object. The rationale behind that step being
that the underlying libnitrokey actually cannot handle access of
multiple devices at the same time, and so the manager object is used to
prevent accidental wrong concurrent usage.
Because a device object now effectively keeps a reference to the
manager, we need to provide an additional lifetime to that and derived
objects.
Lastly, the use of a manager is also the reason why the tests had to be
adjusted to no longer accept device objects in their signatures, but
only the respective model for which to invoke the test. That is required
because, as elaborated earlier on, having a device object implies having
taken a reference to a manager (in that case owned by nitrokey-test),
and that reference clashes with the nitrocli code itself attempting to
take the manager. We side step this problem by merely accepting a Model
object, which can be passed around independently of the manager itself,
meaning that nitrokey-test does not need to hold such a reference while
the test is run.
Import subrepo nitrokey/:nitrokey at f150d59410eefdec2ae69b2422906a3d1d88aa07
Import subrepo nitrokey-sys/:nitrokey-sys at 8695e2c762807e033a86c8d03974b686d20cdd72
Import subrepo lazy-static/:lazy-static at b4b2b16aaa79dd7548e288455a0dbe4065bf4e1a
Diffstat (limited to 'nitrocli')
| -rw-r--r-- | nitrocli/CHANGELOG.md | 4 | ||||
| -rw-r--r-- | nitrocli/Cargo.lock | 19 | ||||
| -rw-r--r-- | nitrocli/Cargo.toml | 5 | ||||
| -rw-r--r-- | nitrocli/src/commands.rs | 45 | ||||
| -rw-r--r-- | nitrocli/src/pinentry.rs | 8 | ||||
| -rw-r--r-- | nitrocli/src/tests/config.rs | 12 | ||||
| -rw-r--r-- | nitrocli/src/tests/encrypted.rs | 37 | ||||
| -rw-r--r-- | nitrocli/src/tests/hidden.rs | 25 | ||||
| -rw-r--r-- | nitrocli/src/tests/lock.rs | 15 | ||||
| -rw-r--r-- | nitrocli/src/tests/mod.rs | 13 | ||||
| -rw-r--r-- | nitrocli/src/tests/otp.rs | 28 | ||||
| -rw-r--r-- | nitrocli/src/tests/pin.rs | 61 | ||||
| -rw-r--r-- | nitrocli/src/tests/pws.rs | 20 | ||||
| -rw-r--r-- | nitrocli/src/tests/reset.rs | 34 | ||||
| -rw-r--r-- | nitrocli/src/tests/status.rs | 16 | ||||
| -rw-r--r-- | nitrocli/src/tests/unencrypted.rs | 25 |
16 files changed, 205 insertions, 162 deletions
diff --git a/nitrocli/CHANGELOG.md b/nitrocli/CHANGELOG.md index dd40acd..7104c20 100644 --- a/nitrocli/CHANGELOG.md +++ b/nitrocli/CHANGELOG.md @@ -1,6 +1,8 @@ Unreleased ---------- -- Bumped `nitrokey` dependency to `0.4.0-alpha.2` +- Bumped `nitrokey` dependency to `0.4.0-alpha.3` + - Bumped `nitrokey-sys` dependency to `3.5.0` + - Added `lazy_static` dependency in version `1.2.0` 0.3.0 diff --git a/nitrocli/Cargo.lock b/nitrocli/Cargo.lock index 168be50..cd90994 100644 --- a/nitrocli/Cargo.lock +++ b/nitrocli/Cargo.lock @@ -55,7 +55,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "lazy_static" version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "libc" @@ -77,32 +76,33 @@ dependencies = [ "argparse 0.2.2", "base32 0.4.0", "libc 0.2.66", - "nitrokey 0.4.0-alpha.2", - "nitrokey-test 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "nitrokey 0.4.0-alpha.3", + "nitrokey-test 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", "nitrokey-test-state 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] name = "nitrokey" -version = "0.4.0-alpha.2" +version = "0.4.0-alpha.3" dependencies = [ + "lazy_static 1.2.0", "libc 0.2.66", - "nitrokey-sys 3.4.3", + "nitrokey-sys 3.5.0", "rand_core 0.3.0", "rand_os 0.1.1", ] [[package]] name = "nitrokey-sys" -version = "3.4.3" +version = "3.5.0" dependencies = [ "cc 1.0.48", ] [[package]] name = "nitrokey-test" -version = "0.2.1" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "proc-macro2 0.4.26 (registry+https://github.com/rust-lang/crates.io-index)", @@ -190,7 +190,7 @@ name = "thread_local" version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "lazy_static 1.2.0", ] [[package]] @@ -234,9 +234,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" "checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f" "checksum fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" "checksum fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" -"checksum lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "a374c89b9db55895453a74c1e38861d9deec0b01b405a82516e9d5de4820dea1" "checksum memchr 2.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "e1dd4eaac298c32ce07eb6ed9242eda7d82955b9170b7d6db59b2e02cc63fcb8" -"checksum nitrokey-test 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f2195b25114e38da93d24169b074e7d1007238a0e33916e01b353099c09df379" +"checksum nitrokey-test 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7e7e81b55db51769209e88a63cdbb4f2dc7ee9cd20ccaf32fbb940a3b0c50259" "checksum nitrokey-test-state 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "a59b732ed6d5212424ed31ec9649f05652bcbc38f45f2292b27a6044e7098803" "checksum proc-macro2 0.4.26 (registry+https://github.com/rust-lang/crates.io-index)" = "38fddd23d98b2144d197c0eca5705632d4fe2667d14a6be5df8934f8d74f1978" "checksum quote 0.6.11 (registry+https://github.com/rust-lang/crates.io-index)" = "cdd8e04bd9c52e0342b406469d494fcb033be4bdbe5c606016defbb1681411e1" diff --git a/nitrocli/Cargo.toml b/nitrocli/Cargo.toml index 1eb301e..23395c2 100644 --- a/nitrocli/Cargo.toml +++ b/nitrocli/Cargo.toml @@ -53,10 +53,10 @@ path = "../base32" version = "0.2" [dependencies.nitrokey] -version = "0.4.0-alpha.2" +version = "0.4.0-alpha.3" [dev-dependencies.nitrokey-test] -version = "0.2.1" +version = "0.3.1" [dev-dependencies.nitrokey-test-state] version = "0.1" @@ -71,5 +71,6 @@ cc = { path = "../cc" } libc = { path = "../libc" } nitrokey = { path = "../nitrokey" } nitrokey-sys = { path = "../nitrokey-sys" } +lazy_static = { path = "../lazy-static" } rand_core = { path = "../rand/rand_core" } rand_os = { path = "../rand/rand_os" } diff --git a/nitrocli/src/commands.rs b/nitrocli/src/commands.rs index ee410e5..f0e0f6e 100644 --- a/nitrocli/src/commands.rs +++ b/nitrocli/src/commands.rs @@ -60,16 +60,19 @@ fn set_log_level(ctx: &mut args::ExecCtx<'_>) { /// Connect to any Nitrokey device and do something with it. fn with_device<F>(ctx: &mut args::ExecCtx<'_>, op: F) -> Result<()> where - F: FnOnce(&mut args::ExecCtx<'_>, nitrokey::DeviceWrapper) -> Result<()>, + F: FnOnce(&mut args::ExecCtx<'_>, nitrokey::DeviceWrapper<'_>) -> Result<()>, { + let mut manager = nitrokey::take()?; set_log_level(ctx); let device = match ctx.model { - Some(model) => nitrokey::connect_model(model.into()).map_err(|_| { + Some(model) => manager.connect_model(model.into()).map_err(|_| { let error = format!("Nitrokey {} device not found", model.as_user_facing_str()); Error::Error(error) })?, - None => nitrokey::connect().map_err(|_| Error::from("Nitrokey device not found"))?, + None => manager + .connect() + .map_err(|_| Error::from("Nitrokey device not found"))?, }; op(ctx, device) @@ -78,8 +81,9 @@ where /// Connect to a Nitrokey Storage device and do something with it. fn with_storage_device<F>(ctx: &mut args::ExecCtx<'_>, op: F) -> Result<()> where - F: FnOnce(&mut args::ExecCtx<'_>, nitrokey::Storage) -> Result<()>, + F: FnOnce(&mut args::ExecCtx<'_>, nitrokey::Storage<'_>) -> Result<()>, { + let mut manager = nitrokey::take()?; set_log_level(ctx); if let Some(model) = ctx.model { @@ -90,8 +94,9 @@ where } } - let device = - nitrokey::Storage::connect().map_err(|_| Error::from("Nitrokey Storage device not found"))?; + let device = manager + .connect_storage() + .map_err(|_| Error::from("Nitrokey Storage device not found"))?; op(ctx, device) } @@ -99,7 +104,7 @@ where /// do something with it. fn with_password_safe<F>(ctx: &mut args::ExecCtx<'_>, mut op: F) -> Result<()> where - F: FnMut(&mut args::ExecCtx<'_>, nitrokey::PasswordSafe<'_>) -> Result<()>, + F: FnMut(&mut args::ExecCtx<'_>, nitrokey::PasswordSafe<'_, '_>) -> Result<()>, { with_device(ctx, |ctx, mut device| { let pin_entry = pinentry::PinEntry::from(pinentry::PinType::User, &device)?; @@ -123,7 +128,7 @@ where /// Authenticate the given device using the given PIN type and operation. /// /// If an error occurs, the error message `msg` is used. -fn authenticate<D, A, F>( +fn authenticate<'mgr, D, A, F>( ctx: &mut args::ExecCtx<'_>, device: D, pin_type: pinentry::PinType, @@ -131,7 +136,7 @@ fn authenticate<D, A, F>( op: F, ) -> Result<A> where - D: Device, + D: Device<'mgr>, F: FnMut(&mut args::ExecCtx<'_>, D, &str) -> result::Result<A, (D, nitrokey::Error)>, { let pin_entry = pinentry::PinEntry::from(pin_type, &device)?; @@ -140,9 +145,12 @@ where } /// Authenticate the given device with the user PIN. -fn authenticate_user<T>(ctx: &mut args::ExecCtx<'_>, device: T) -> Result<nitrokey::User<T>> +fn authenticate_user<'mgr, T>( + ctx: &mut args::ExecCtx<'_>, + device: T, +) -> Result<nitrokey::User<'mgr, T>> where - T: Device, + T: Device<'mgr>, { authenticate( ctx, @@ -154,9 +162,12 @@ where } /// Authenticate the given device with the admin PIN. -fn authenticate_admin<T>(ctx: &mut args::ExecCtx<'_>, device: T) -> Result<nitrokey::Admin<T>> +fn authenticate_admin<'mgr, T>( + ctx: &mut args::ExecCtx<'_>, + device: T, +) -> Result<nitrokey::Admin<'mgr, T>> where - T: Device, + T: Device<'mgr>, { authenticate( ctx, @@ -322,7 +333,7 @@ fn print_storage_status( fn print_status( ctx: &mut args::ExecCtx<'_>, model: &'static str, - device: &nitrokey::DeviceWrapper, + device: &nitrokey::DeviceWrapper<'_>, ) -> Result<()> { let serial_number = device .get_serial_number() @@ -700,7 +711,7 @@ pub fn otp_clear( fn print_otp_status( ctx: &mut args::ExecCtx<'_>, algorithm: args::OtpAlgorithm, - device: &nitrokey::DeviceWrapper, + device: &nitrokey::DeviceWrapper<'_>, all: bool, ) -> Result<()> { let mut slot: u8 = 0; @@ -843,7 +854,7 @@ fn print_pws_data( Ok(()) } -fn check_slot(pws: &nitrokey::PasswordSafe<'_>, slot: u8) -> Result<()> { +fn check_slot(pws: &nitrokey::PasswordSafe<'_, '_>, slot: u8) -> Result<()> { if slot >= nitrokey::SLOT_COUNT { return Err(nitrokey::Error::from(nitrokey::LibraryError::InvalidSlot).into()); } @@ -912,7 +923,7 @@ pub fn pws_clear(ctx: &mut args::ExecCtx<'_>, slot: u8) -> Result<()> { fn print_pws_slot( ctx: &mut args::ExecCtx<'_>, - pws: &nitrokey::PasswordSafe<'_>, + pws: &nitrokey::PasswordSafe<'_, '_>, slot: usize, programmed: bool, ) -> Result<()> { diff --git a/nitrocli/src/pinentry.rs b/nitrocli/src/pinentry.rs index 0733cd1..af28e2d 100644 --- a/nitrocli/src/pinentry.rs +++ b/nitrocli/src/pinentry.rs @@ -58,9 +58,9 @@ pub struct PinEntry { } impl PinEntry { - pub fn from<D>(pin_type: PinType, device: &D) -> crate::Result<Self> + pub fn from<'mgr, D>(pin_type: PinType, device: &D) -> crate::Result<Self> where - D: nitrokey::Device, + D: nitrokey::Device<'mgr>, { let model = device.get_model(); let serial = device.get_serial_number()?; @@ -131,9 +131,9 @@ pub struct PwdEntry { } impl PwdEntry { - pub fn from<D>(device: &D) -> crate::Result<Self> + pub fn from<'mgr, D>(device: &D) -> crate::Result<Self> where - D: nitrokey::Device, + D: nitrokey::Device<'mgr>, { let model = device.get_model(); let serial = device.get_serial_number()?; diff --git a/nitrocli/src/tests/config.rs b/nitrocli/src/tests/config.rs index 8983cb8..ea3a0e8 100644 --- a/nitrocli/src/tests/config.rs +++ b/nitrocli/src/tests/config.rs @@ -20,7 +20,7 @@ use super::*; #[test_device] -fn get(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn get(model: nitrokey::Model) -> crate::Result<()> { let re = regex::Regex::new( r#"^Config: numlock binding: (not set|\d+) @@ -31,14 +31,14 @@ $"#, ) .unwrap(); - let out = Nitrocli::with_dev(device).handle(&["config", "get"])?; + let out = Nitrocli::with_model(model).handle(&["config", "get"])?; assert!(re.is_match(&out), out); Ok(()) } #[test_device] -fn set_wrong_usage(device: nitrokey::DeviceWrapper) { - let res = Nitrocli::with_dev(device).handle(&["config", "set", "--numlock", "2", "-N"]); +fn set_wrong_usage(model: nitrokey::Model) { + let res = Nitrocli::with_model(model).handle(&["config", "set", "--numlock", "2", "-N"]); assert_eq!( res.unwrap_str_err(), "--numlock and --no-numlock are mutually exclusive" @@ -46,8 +46,8 @@ fn set_wrong_usage(device: nitrokey::DeviceWrapper) { } #[test_device] -fn set_get(device: nitrokey::DeviceWrapper) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +fn set_get(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["config", "set", "-s", "1", "-c", "0", "-N"])?; let re = regex::Regex::new( diff --git a/nitrocli/src/tests/encrypted.rs b/nitrocli/src/tests/encrypted.rs index 8aef864..75b84c3 100644 --- a/nitrocli/src/tests/encrypted.rs +++ b/nitrocli/src/tests/encrypted.rs @@ -19,8 +19,8 @@ use super::*; -#[test_device] -fn status_open_close(device: nitrokey::Storage) -> crate::Result<()> { +#[test_device(storage)] +fn status_open_close(model: nitrokey::Model) -> crate::Result<()> { fn make_re(open: Option<bool>) -> regex::Regex { let encrypted = match open { Some(open) => { @@ -44,7 +44,7 @@ $"#, regex::Regex::new(&re).unwrap() } - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); let out = ncli.handle(&["status"])?; assert!(make_re(None).is_match(&out), out); @@ -59,32 +59,37 @@ $"#, Ok(()) } -#[test_device] -fn encrypted_open_on_pro(device: nitrokey::Pro) { - let res = Nitrocli::with_dev(device).handle(&["encrypted", "open"]); +#[test_device(pro)] +fn encrypted_open_on_pro(model: nitrokey::Model) { + let res = Nitrocli::with_model(model).handle(&["encrypted", "open"]); assert_eq!( res.unwrap_str_err(), "This command is only available on the Nitrokey Storage", ); } -#[test_device] -fn encrypted_open_close(device: nitrokey::Storage) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +#[test_device(storage)] +fn encrypted_open_close(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let out = ncli.handle(&["encrypted", "open"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; - assert!(device.get_status()?.encrypted_volume.active); - assert!(!device.get_status()?.hidden_volume.active); - drop(device); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; + assert!(device.get_status()?.encrypted_volume.active); + assert!(!device.get_status()?.hidden_volume.active); + } let out = ncli.handle(&["encrypted", "close"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; - assert!(!device.get_status()?.encrypted_volume.active); - assert!(!device.get_status()?.hidden_volume.active); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; + assert!(!device.get_status()?.encrypted_volume.active); + assert!(!device.get_status()?.hidden_volume.active); + } Ok(()) } diff --git a/nitrocli/src/tests/hidden.rs b/nitrocli/src/tests/hidden.rs index 483a801..28a5d23 100644 --- a/nitrocli/src/tests/hidden.rs +++ b/nitrocli/src/tests/hidden.rs @@ -19,26 +19,31 @@ use super::*; -#[test_device] -fn hidden_create_open_close(device: nitrokey::Storage) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +#[test_device(storage)] +fn hidden_create_open_close(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let out = ncli.handle(&["hidden", "create", "0", "50", "100"])?; assert!(out.is_empty()); let out = ncli.handle(&["hidden", "open"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; - assert!(!device.get_status()?.encrypted_volume.active); - assert!(device.get_status()?.hidden_volume.active); - drop(device); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; + assert!(!device.get_status()?.encrypted_volume.active); + assert!(device.get_status()?.hidden_volume.active); + } let out = ncli.handle(&["hidden", "close"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; - assert!(!device.get_status()?.encrypted_volume.active); - assert!(!device.get_status()?.hidden_volume.active); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; + assert!(!device.get_status()?.encrypted_volume.active); + assert!(!device.get_status()?.hidden_volume.active); + } Ok(()) } diff --git a/nitrocli/src/tests/lock.rs b/nitrocli/src/tests/lock.rs index d23d2ae..5140152 100644 --- a/nitrocli/src/tests/lock.rs +++ b/nitrocli/src/tests/lock.rs @@ -19,24 +19,25 @@ use super::*; -#[test_device] -fn lock_pro(device: nitrokey::Pro) -> crate::Result<()> { +#[test_device(pro)] +fn lock_pro(model: nitrokey::Model) -> crate::Result<()> { // We can't really test much more here than just success of the command. - let out = Nitrocli::with_dev(device).handle(&["lock"])?; + let out = Nitrocli::with_model(model).handle(&["lock"])?; assert!(out.is_empty()); Ok(()) } -#[test_device] -fn lock_storage(device: nitrokey::Storage) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +#[test_device(storage)] +fn lock_storage(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["encrypted", "open"])?; let out = ncli.handle(&["lock"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; assert!(!device.get_status()?.encrypted_volume.active); Ok(()) diff --git a/nitrocli/src/tests/mod.rs b/nitrocli/src/tests/mod.rs index e8af624..1e2fe26 100644 --- a/nitrocli/src/tests/mod.rs +++ b/nitrocli/src/tests/mod.rs @@ -97,21 +97,18 @@ impl Nitrocli { } } - pub fn with_dev<D>(device: D) -> Self + pub fn with_model<M>(model: M) -> Self where - D: nitrokey::Device, + M: Into<nitrokey::Model>, { - let result = Self { - model: Some(device.get_model()), + Self { + model: Some(model.into()), admin_pin: Some(nitrokey::DEFAULT_ADMIN_PIN.into()), user_pin: Some(nitrokey::DEFAULT_USER_PIN.into()), new_admin_pin: None, new_user_pin: None, password: Some("1234567".into()), - }; - - drop(device); - result + } } pub fn admin_pin(&mut self, pin: impl Into<ffi::OsString>) { diff --git a/nitrocli/src/tests/otp.rs b/nitrocli/src/tests/otp.rs index 2893e80..0ccecf9 100644 --- a/nitrocli/src/tests/otp.rs +++ b/nitrocli/src/tests/otp.rs @@ -22,8 +22,8 @@ use super::*; use crate::args; #[test_device] -fn set_invalid_slot_raw(device: nitrokey::DeviceWrapper) { - let (rc, out, err) = Nitrocli::with_dev(device).run(&["otp", "set", "100", "name", "1234"]); +fn set_invalid_slot_raw(model: nitrokey::Model) { + let (rc, out, err) = Nitrocli::with_model(model).run(&["otp", "set", "100", "name", "1234"]); assert_ne!(rc, 0); assert_eq!(out, b""); @@ -31,8 +31,8 @@ fn set_invalid_slot_raw(device: nitrokey::DeviceWrapper) { } #[test_device] -fn set_invalid_slot(device: nitrokey::DeviceWrapper) { - let res = Nitrocli::with_dev(device).handle(&["otp", "set", "100", "name", "1234"]); +fn set_invalid_slot(model: nitrokey::Model) { + let res = Nitrocli::with_model(model).handle(&["otp", "set", "100", "name", "1234"]); assert_eq!( res.unwrap_lib_err(), @@ -44,14 +44,14 @@ fn set_invalid_slot(device: nitrokey::DeviceWrapper) { } #[test_device] -fn status(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn status(model: nitrokey::Model) -> crate::Result<()> { let re = regex::Regex::new( r#"^alg\tslot\tname ((totp|hotp)\t\d+\t.+\n)+$"#, ) .unwrap(); - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); // Make sure that we have at least something to display by ensuring // that there is one slot programmed. let _ = ncli.handle(&["otp", "set", "0", "the-name", "123456"])?; @@ -62,14 +62,14 @@ fn status(device: nitrokey::DeviceWrapper) -> crate::Result<()> { } #[test_device] -fn set_get_hotp(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn set_get_hotp(model: nitrokey::Model) -> crate::Result<()> { // Secret and expected HOTP values as per RFC 4226: Appendix D -- HOTP // Algorithm: Test Values. const SECRET: &str = "12345678901234567890"; const OTP1: &str = concat!(755224, "\n"); const OTP2: &str = concat!(287082, "\n"); - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&[ "otp", "set", "-a", "hotp", "-f", "ascii", "1", "name", &SECRET, ])?; @@ -83,14 +83,14 @@ fn set_get_hotp(device: nitrokey::DeviceWrapper) -> crate::Result<()> { } #[test_device] -fn set_get_totp(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn set_get_totp(model: nitrokey::Model) -> crate::Result<()> { // Secret and expected TOTP values as per RFC 6238: Appendix B -- // Test Vectors. const SECRET: &str = "12345678901234567890"; const TIME: &str = stringify!(1111111111); const OTP: &str = concat!(14050471, "\n"); - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["otp", "set", "-d", "8", "-f", "ascii", "2", "name", &SECRET])?; let out = ncli.handle(&["otp", "get", "-t", TIME, "2"])?; @@ -99,22 +99,22 @@ fn set_get_totp(device: nitrokey::DeviceWrapper) -> crate::Result<()> { } #[test_device] -fn set_totp_uneven_chars(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn set_totp_uneven_chars(model: nitrokey::Model) -> crate::Result<()> { let secrets = [ (args::OtpSecretFormat::Hex, "123"), (args::OtpSecretFormat::Base32, "FBILDWWGA2"), ]; - let mut ncli = Nitrocli::with_dev(device); for (format, secret) in &secrets { + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["otp", "set", "-f", format.as_ref(), "3", "foobar", &secret])?; } Ok(()) } #[test_device] -fn clear(device: nitrokey::DeviceWrapper) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +fn clear(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["otp", "set", "3", "hotp-test", "abcdef"])?; let _ = ncli.handle(&["otp", "clear", "3"])?; let res = ncli.handle(&["otp", "get", "3"]); diff --git a/nitrocli/src/tests/pin.rs b/nitrocli/src/tests/pin.rs index e4cd316..958a36d 100644 --- a/nitrocli/src/tests/pin.rs +++ b/nitrocli/src/tests/pin.rs @@ -23,40 +23,48 @@ use nitrokey::Device; use super::*; #[test_device] -fn unblock(device: nitrokey::DeviceWrapper) -> crate::Result<()> { - let (device, err) = device.authenticate_user("wrong-pin").unwrap_err(); - match err { - nitrokey::Error::CommandError(err) if err == nitrokey::CommandError::WrongPassword => (), - _ => panic!("Unexpected error variant found: {:?}", err), +fn unblock(model: nitrokey::Model) -> crate::Result<()> { + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_model(model)?; + let (device, err) = device.authenticate_user("wrong-pin").unwrap_err(); + match err { + nitrokey::Error::CommandError(err) if err == nitrokey::CommandError::WrongPassword => (), + _ => panic!("Unexpected error variant found: {:?}", err), + } + assert!(device.get_user_retry_count()? < 3); } - assert!(device.get_user_retry_count()? < 3); - let model = device.get_model(); - let _ = Nitrocli::with_dev(device).handle(&["pin", "unblock"])?; - let device = nitrokey::connect_model(model)?; - assert_eq!(device.get_user_retry_count()?, 3); + let _ = Nitrocli::with_model(model).handle(&["pin", "unblock"])?; + + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_model(model)?; + assert_eq!(device.get_user_retry_count()?, 3); + } Ok(()) } #[test_device] -fn set_user(device: nitrokey::DeviceWrapper) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); - +fn set_user(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); // Set a new user PIN. ncli.new_user_pin("new-pin"); let out = ncli.handle(&["pin", "set", "user"])?; assert!(out.is_empty()); - let device = nitrokey::connect_model(ncli.model().unwrap())?; - let (device, err) = device - .authenticate_user(nitrokey::DEFAULT_USER_PIN) - .unwrap_err(); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_model(model)?; + let (_, err) = device + .authenticate_user(nitrokey::DEFAULT_USER_PIN) + .unwrap_err(); - match err { - nitrokey::Error::CommandError(err) if err == nitrokey::CommandError::WrongPassword => (), - _ => panic!("Unexpected error variant found: {:?}", err), + match err { + nitrokey::Error::CommandError(err) if err == nitrokey::CommandError::WrongPassword => (), + _ => panic!("Unexpected error variant found: {:?}", err), + } } - drop(device); // Revert to the default user PIN. ncli.user_pin("new-pin"); @@ -65,9 +73,12 @@ fn set_user(device: nitrokey::DeviceWrapper) -> crate::Result<()> { let out = ncli.handle(&["pin", "set", "user"])?; assert!(out.is_empty()); - let device = nitrokey::connect_model(ncli.model().unwrap())?; - let _ = device - .authenticate_user(nitrokey::DEFAULT_USER_PIN) - .unwrap(); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_model(ncli.model().unwrap())?; + let _ = device + .authenticate_user(nitrokey::DEFAULT_USER_PIN) + .unwrap(); + } Ok(()) } diff --git a/nitrocli/src/tests/pws.rs b/nitrocli/src/tests/pws.rs index 9468dcf..651b2d5 100644 --- a/nitrocli/src/tests/pws.rs +++ b/nitrocli/src/tests/pws.rs @@ -20,8 +20,8 @@ use super::*; #[test_device] -fn set_invalid_slot(device: nitrokey::DeviceWrapper) { - let res = Nitrocli::with_dev(device).handle(&["pws", "set", "100", "name", "login", "1234"]); +fn set_invalid_slot(model: nitrokey::Model) { + let res = Nitrocli::with_model(model).handle(&["pws", "set", "100", "name", "login", "1234"]); assert_eq!( res.unwrap_lib_err(), @@ -33,14 +33,14 @@ fn set_invalid_slot(device: nitrokey::DeviceWrapper) { } #[test_device] -fn status(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn status(model: nitrokey::Model) -> crate::Result<()> { let re = regex::Regex::new( r#"^slot\tname (\d+\t.+\n)+$"#, ) .unwrap(); - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); // Make sure that we have at least something to display by ensuring // that there are there is one slot programmed. let _ = ncli.handle(&["pws", "set", "0", "the-name", "the-login", "123456"])?; @@ -51,12 +51,12 @@ fn status(device: nitrokey::DeviceWrapper) -> crate::Result<()> { } #[test_device] -fn set_get(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn set_get(model: nitrokey::Model) -> crate::Result<()> { const NAME: &str = "dropbox"; const LOGIN: &str = "d-e-s-o"; const PASSWORD: &str = "my-secret-password"; - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["pws", "set", "1", &NAME, &LOGIN, &PASSWORD])?; let out = ncli.handle(&["pws", "get", "1", "--quiet", "--name"])?; @@ -83,12 +83,12 @@ fn set_get(device: nitrokey::DeviceWrapper) -> crate::Result<()> { } #[test_device] -fn set_reset_get(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn set_reset_get(model: nitrokey::Model) -> crate::Result<()> { const NAME: &str = "some/svc"; const LOGIN: &str = "a\\user"; const PASSWORD: &str = "!@&-)*(&+%^@"; - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["pws", "set", "2", &NAME, &LOGIN, &PASSWORD])?; let out = ncli.handle(&["reset"])?; @@ -106,8 +106,8 @@ fn set_reset_get(device: nitrokey::DeviceWrapper) -> crate::Result<()> { } #[test_device] -fn clear(device: nitrokey::DeviceWrapper) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +fn clear(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let _ = ncli.handle(&["pws", "set", "10", "clear-test", "some-login", "abcdef"])?; let _ = ncli.handle(&["pws", "clear", "10"])?; let res = ncli.handle(&["pws", "get", "10"]); diff --git a/nitrocli/src/tests/reset.rs b/nitrocli/src/tests/reset.rs index f9452ec..e197970 100644 --- a/nitrocli/src/tests/reset.rs +++ b/nitrocli/src/tests/reset.rs @@ -23,32 +23,38 @@ use nitrokey::GetPasswordSafe; use super::*; #[test_device] -fn reset(device: nitrokey::DeviceWrapper) -> crate::Result<()> { +fn reset(model: nitrokey::Model) -> crate::Result<()> { let new_admin_pin = "87654321"; - let mut ncli = Nitrocli::with_dev(device); + let mut ncli = Nitrocli::with_model(model); // Change the admin PIN. ncli.new_admin_pin(new_admin_pin); let _ = ncli.handle(&["pin", "set", "admin"])?; - // Check that the admin PIN has been changed. - let device = nitrokey::connect_model(ncli.model().unwrap())?; - let _ = device.authenticate_admin(new_admin_pin).unwrap(); + { + let mut manager = nitrokey::force_take()?; + // Check that the admin PIN has been changed. + let device = manager.connect_model(ncli.model().unwrap())?; + let _ = device.authenticate_admin(new_admin_pin).unwrap(); + } // Perform factory reset ncli.admin_pin(new_admin_pin); let out = ncli.handle(&["reset"])?; assert!(out.is_empty()); - // Check that the admin PIN has been reset. - let device = nitrokey::connect_model(ncli.model().unwrap())?; - let mut device = device - .authenticate_admin(nitrokey::DEFAULT_ADMIN_PIN) - .unwrap(); - - // Check that the password store works, i.e., the AES key has been - // built. - let _ = device.get_password_safe(nitrokey::DEFAULT_USER_PIN)?; + { + let mut manager = nitrokey::force_take()?; + // Check that the admin PIN has been reset. + let device = manager.connect_model(ncli.model().unwrap())?; + let mut device = device + .authenticate_admin(nitrokey::DEFAULT_ADMIN_PIN) + .unwrap(); + + // Check that the password store works, i.e., the AES key has been + // built. + let _ = device.get_password_safe(nitrokey::DEFAULT_USER_PIN)?; + } Ok(()) } diff --git a/nitrocli/src/tests/status.rs b/nitrocli/src/tests/status.rs index 7aac5ad..c9f4976 100644 --- a/nitrocli/src/tests/status.rs +++ b/nitrocli/src/tests/status.rs @@ -36,31 +36,31 @@ fn not_found() { assert_eq!(res.unwrap_str_err(), "Nitrokey device not found"); } -#[test_device] -fn output_pro(device: nitrokey::Pro) -> crate::Result<()> { +#[test_device(pro)] +fn output_pro(model: nitrokey::Model) -> crate::Result<()> { let re = regex::Regex::new( r#"^Status: model: Pro serial number: 0x[[:xdigit:]]{8} - firmware version: \d+\.\d+ + firmware version: v\d+\.\d+ user retry count: [0-3] admin retry count: [0-3] $"#, ) .unwrap(); - let out = Nitrocli::with_dev(device).handle(&["status"])?; + let out = Nitrocli::with_model(model).handle(&["status"])?; assert!(re.is_match(&out), out); Ok(()) } -#[test_device] -fn output_storage(device: nitrokey::Storage) -> crate::Result<()> { +#[test_device(storage)] +fn output_storage(model: nitrokey::Model) -> crate::Result<()> { let re = regex::Regex::new( r#"^Status: model: Storage serial number: 0x[[:xdigit:]]{8} - firmware version: \d+\.\d+ + firmware version: v\d+\.\d+ user retry count: [0-3] admin retry count: [0-3] Storage: @@ -75,7 +75,7 @@ $"#, ) .unwrap(); - let out = Nitrocli::with_dev(device).handle(&["status"])?; + let out = Nitrocli::with_model(model).handle(&["status"])?; assert!(re.is_match(&out), out); Ok(()) } diff --git a/nitrocli/src/tests/unencrypted.rs b/nitrocli/src/tests/unencrypted.rs index c976f50..547dcaf 100644 --- a/nitrocli/src/tests/unencrypted.rs +++ b/nitrocli/src/tests/unencrypted.rs @@ -19,23 +19,28 @@ use super::*; -#[test_device] -fn unencrypted_set_read_write(device: nitrokey::Storage) -> crate::Result<()> { - let mut ncli = Nitrocli::with_dev(device); +#[test_device(storage)] +fn unencrypted_set_read_write(model: nitrokey::Model) -> crate::Result<()> { + let mut ncli = Nitrocli::with_model(model); let out = ncli.handle(&["unencrypted", "set", "read-write"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; - assert!(device.get_status()?.unencrypted_volume.active); - assert!(!device.get_status()?.unencrypted_volume.read_only); - drop(device); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; + assert!(device.get_status()?.unencrypted_volume.active); + assert!(!device.get_status()?.unencrypted_volume.read_only); + } let out = ncli.handle(&["unencrypted", "set", "read-only"])?; assert!(out.is_empty()); - let device = nitrokey::Storage::connect()?; - assert!(device.get_status()?.unencrypted_volume.active); - assert!(device.get_status()?.unencrypted_volume.read_only); + { + let mut manager = nitrokey::force_take()?; + let device = manager.connect_storage()?; + assert!(device.get_status()?.unencrypted_volume.active); + assert!(device.get_status()?.unencrypted_volume.read_only); + } Ok(()) } |