| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
This patch adds the attribute `global = true` for the top-level
--verbose and --model options, which ensures that they can also be set
for subcommands. For example:
nitrocli status --model pro
Instead of only:
nitrocli --model pro status
|
| |
|
|
|
| |
This patch adds the basic scaffolding for the list command which will
list all attached Nitrokey devices.
|
| |
|
|
|
|
|
|
| |
This change updates the version of the nitrokey crate that we use to
0.5.1. As part of that, it replaces occurrences of Storage::get_status
with Storage::get_storage_status as the method has been renamed.
Import subrepo nitrokey/:nitrokey at 817409140a8778215d2d65d614d3672166fff576
|
| | |
|
| |
|
|
|
|
|
|
| |
As we have replaced argparse with structopt, we no longer need it as a
dependency. This patch removes the dependency from Cargo.toml and
deletes the included copy.
Delete subrepo argparse/:argparse
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch changes the argument handling code to use structopt instead
of argparse using the data structures we introduced in the last patch.
As part of that transition we replace the old Error::ArgparseError
variant with ClapError that stores a structopt::clap::Error.
Because of that replacement, the format of the help messages changed,
breaking some of the tests. Hence, this change adapts them accordingly.
Also clap currently prints the version output to stdout, so we ignore
the version_option test case for now.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch series replaces argparse with structopt in the argument
handling code. As a first step, we need structopt as a dependency.
Import subrepo structopt/:structopt at efbdda4753592e27bc430fb01f7b9650b2f3174d
Import subrepo bitflags/:bitflags at 30668016aca6bd3b02c766e8347e0b4080d4c296
Import subrepo clap/:clap at 784524f7eb193e35f81082cc69454c8c21b948f7
Import subrepo heck/:heck at 093d56fbf001e1506e56dbfa38631d99b1066df1
Import subrepo proc-macro-error/:proc-macro-error at 6c4cfe79a622c5de8ae68557993542be46eacae2
Import subrepo proc-macro2/:proc-macro2 at d5d48eddca4566e5438e8a2cbed4a74e049544de
Import subrepo quote/:quote at 727436c6c137b20f0f34dde5d8fda2679b9747ad
Import subrepo rustversion/:rustversion at 0c5663313516263059ce9059ef81fc7a1cf655ca
Import subrepo syn-mid/:syn-mid at 5d3d85414a9e6674e1857ec22a87b96e04a6851a
Import subrepo syn/:syn at e87c27e87f6f4ef8919d0372bdb056d53ef0d8f3
Import subrepo textwrap/:textwrap at abcd618beae3f74841032aa5b53c1086b0a57ca2
Import subrepo unicode-segmentation/:unicode-segmentation at 637c9874c4fe0c205ff27787faf150a40295c6c3
Import subrepo unicode-width/:unicode-width at 3033826f8bf05e82724140a981d5941e48fce393
Import subrepo unicode-xid/:unicode-xid at 4baae9fffb156ba229665b972a9cd5991787ceb7
|
| |
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.3.1. The following
notable changes have been made since 0.3.0:
- Added note about interaction with GnuPG to README file
- Bumped nitrokey dependency to 0.4.0
- Bumped nitrokey-sys dependency to 3.5.0
- Added lazy_static dependency in version 1.4.0
- Added cfg-if dependency in version 0.1.10
- Added getrandom dependency in version 0.1.13
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This change finally updates the version of the nitrokey crate that we
consume to 0.4.0. Along with that we update rand_core, one of its
dependencies, to 0.5.1. Further more we add cfg-if in version 0.1.10 and
getrandom in version 0.1.13, both of which are now new (non-development)
dependencies.
Import subrepo nitrokey/:nitrokey at e81057037e9b4f370b64c0a030a725bc6bdfb870
Import subrepo cfg-if/:cfg-if at 4484a6faf816ff8058088ad857b0c6bb2f4b02b2
Import subrepo getrandom/:getrandom at d661aa7e1b8cc80b47dabe3d2135b3b47d2858af
Import subrepo rand/:rand at d877ed528248b52d947e0484364a4e1ae59ca502
|
| |
|
|
|
|
| |
This change updates the lazy_static crate version to 1.4.0.
Import subrepo lazy-static/:lazy-static at 421669662b35fcb455f2902daed2e20bbbba79b6
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Applications accessing the Nitrokey device through libnitrokey
apparently lock the device. This lock may not be released in time,
causing GnuPG operations performed shortly afterwards to fail (or, the
other way around, when accessing the GPG smart card through GnuPG and
then using nitrocli, the latter program may fail the interaction).
Unfortunately there is nothing we can do directly about this problem on
the nitrocli side of things, as the problem seemingly needs to be fixed
in the firmware. Hence, with this change we add a note about this
problem including a reference to the upstream issue to the README.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change updates the version of the nitrokey crate that we use to
0.4.0-alpha.3. This version is the supposedly last pre-release before
0.4.0, with no further major anticipated changes.
In order to integrate with this new version we have to adjust the way we
connect to a Nitrokey device by funneling those connection requests
through a global manager object. The rationale behind that step being
that the underlying libnitrokey actually cannot handle access of
multiple devices at the same time, and so the manager object is used to
prevent accidental wrong concurrent usage.
Because a device object now effectively keeps a reference to the
manager, we need to provide an additional lifetime to that and derived
objects.
Lastly, the use of a manager is also the reason why the tests had to be
adjusted to no longer accept device objects in their signatures, but
only the respective model for which to invoke the test. That is required
because, as elaborated earlier on, having a device object implies having
taken a reference to a manager (in that case owned by nitrokey-test),
and that reference clashes with the nitrocli code itself attempting to
take the manager. We side step this problem by merely accepting a Model
object, which can be passed around independently of the manager itself,
meaning that nitrokey-test does not need to hold such a reference while
the test is run.
Import subrepo nitrokey/:nitrokey at f150d59410eefdec2ae69b2422906a3d1d88aa07
Import subrepo nitrokey-sys/:nitrokey-sys at 8695e2c762807e033a86c8d03974b686d20cdd72
Import subrepo lazy-static/:lazy-static at b4b2b16aaa79dd7548e288455a0dbe4065bf4e1a
|
| |
|
|
|
|
|
|
|
|
| |
This change updates the dependency to nitrokey to version 0.4.0-alpha.2.
In addition to minor interface changes for the get_*_firmware_version
and get_*_retry_count functions, several functions that change the
device state now require a mutable handle to the nitrokey. Hence, this
patch a number of function signatures to accept mutable device objects.
Import subrepo nitrokey/:nitrokey at 34efcfadf1436102e42144f710edabaa2c4b55cd
|
| |
|
|
|
|
|
|
|
|
|
| |
This is patch marks the first step in the process of updating the
nitrokey dependency to version 0.4. In particular, it integrates with
the first alpha version.
The main change on the nitrocli side accompanying the version bump is
that the nitrokey::CommandError got replaced by a more general
nitrokey::Error which includes the former variant.
Import subrepo nitrokey/:nitrokey at d433189caefe6bd6c88da7fbb1d6e9304353eb83
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.3.0. The following
notable changes have been made since 0.2.4:
- Added unencrypted command with set subcommand for changing the
unencrypted volume's read-write mode
- Changed storage hidden subcommand to hidden top-level command
- Renamed storage command to encrypted
- Removed storage status subcommand
- Moved its output into status command
- Removed previously deprecated --ascii option from otp set command
- Fixed wrong hexadecimal conversion used in otp set command
- Bumped nitrokey dependency to 0.3.5
- Bumped libc dependency to 0.2.66
- Bumped cc dependency to 1.0.48
|
| |
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.5. The main reason
for this new version of the crate is a build fix due to a backwards
compatibility breaking change in upstream libnitrokey. For that reason,
we also have to bump the minimum required version to avoid build
failures.
Import subrepo nitrokey/:nitrokey at f2cc7fdf081340b0b812f0b212537ba2b55d382e
|
| |
|
|
|
|
| |
This change updates the cc crate to version 1.0.48.
Import subrepo cc/:cc at be9f2c1ae05b336aa3d07a4cbefdc1d88a3d8a91
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.66.
Import subrepo libc/:libc at 4f11029a68040c90acf771976b019c1ef273a8cd
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When reading a secret in ascii or base32 format from the user, we
perform a conversion of the potentially decoded string into hexadecimal
bytes, because that is what libnitrokey expects.
The format string we used in the conversion, however, did not account
for padding with a leading zero for single digit results. E.g., the
newline/line feed symbol '\n', which has a decimal value of 10 would
result in the string 'a' being produced, whereas '0a' would be the
correct result.
This change corrects the format string to fix this problem.
|
| |
|
|
|
|
| |
This change updates the cc crate to version 1.0.40.
Import subrepo cc/:cc at 6ad3da7558ec3ccb4dc9c2ed1487fc139469d41e
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.62.
Import subrepo libc/:libc at 37f8f8dc233a79ea9cc89b102aa30ff6e402fe94
|
| |
|
|
|
|
|
| |
This change adds support for changing the read-write mode of the
unencrypted volume. To do so, we introduce a new top-level command,
unencrypted, with a new subcommand, set, that accepts the new mode of
the volume.
|
| |
|
|
|
|
|
| |
The --ascii option of the otp set subcommand has been deprecated a while
in favor of --format. As the next release is slated to be a major one
breaking backwards compatibility, this change removes this option for
good.
|
| |
|
|
|
|
|
|
| |
This change is the last step in the process of restructuring the storage
command. In particular, now that functionality pertaining hidden volumes
has been moved out into a dedicated top-level command, it renames said
command to encrypted, because dealing with the encrypted volume is the
only functionality it provides.
|
| |
|
|
|
|
| |
This patch marks the next step in the process of restructuring the
storage command. Specifically, it promotes the storage hidden subcommand
to a top-level command, hidden.
|
| |
|
|
|
|
|
|
| |
In an attempt to rework the structure of the storage command to better
accommodate future requirements for allowing to change the read-write
state of the unencrypted volume (as well as potentially the encrypted
one), this change removes the storage status subcommand and merges its
output into the storage command.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.4. The following
notable changes have been made since 0.2.3:
- Added the reset command to perform a factory reset
- Added the -V/--version option to print the program's version
- Check the status of a PWS slot before accessing it in pws get
- Added NITROCLI_NO_CACHE environment variable to bypass caching of
secrets
- Clear cached PIN entry as part of pin set command to prevent
spurious authentication failures
- Bumped libc dependency to 0.2.57
- Bumped cc dependency to 1.0.37
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.57.
Import subrepo libc/:libc at cdc48ea36d8d2890dba38e8f779001e6855339a2
|
| |
|
|
|
|
|
|
|
|
| |
When a PIN is changed using the pin set command, the last action is to
confirm the operation with the previously used PIN. This step will cause
this PIN, which is now stale and no longer valid, to be cached, which in
turn can cause follow up command using the same PIN type to use this
wrong cached entry for authentication.
To fix this problem, this change explicitly clear the PIN entry from the
cache after the PIN has been changed.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
So far we have cached secrets in gpg-agent(1) whenever that made sense
to do (i.e., for the two PINs in most contexts but not for passwords).
While there is reason to believe that such caching is desired by the
majority of users, not everybody has a use for it.
To give users an opportunity to opt out of such caching, this change
introduces a new environment variable, NITROCLI_NO_CACHE, that, when
present in the environment, instructs the program to bypass the cache
for all operations that require a secret and to instead inquire such
secrets each time they are needed.
|
| |
|
|
|
|
| |
This change updates the cc crate to version 1.0.37.
Import subrepo cc/:cc at cbf6d2f1312b6be22a7a363cf5c2a02acabc531f
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.55.
Import subrepo libc/:libc at caf17a0641d29dc624621177f5756804dd180c13
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.48.
Import subrepo libc/:libc at 42cd3ba27254c423e03f6f4324de57075047f6a0
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The Nitrokey devices do not check whether a PWS slot is programmed
before accessing it (upstream issues [0] [1]). Until this is fixed in
the firmware, we have to manually check the slot status in pws get. This
could have been done in libnitrokey or the nitrokey crate, yet this
would lead to unnecessary commands if we check multiple fields of a slot
at the same time.
[0] https://github.com/Nitrokey/nitrokey-pro-firmware/issues/56
[1] https://github.com/Nitrokey/nitrokey-storage-firmware/issues/81
|
| |
|
|
|
|
| |
After performing the factory reset, we also build the AES key so that
the device is fully usable. Due to timing issue, we have to add a delay
between the factory reset and building the AES key.
|
| |
|
|
|
|
|
|
| |
The -V/--version option prints the nitrocli version to stdout and exits.
In the future, it should also print the used libnitrokey version, but as
the required function is only available with nitrokey 0.3.2 and as the
current interface does not reflect the latest change in version naming,
I skipped that in this patch.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.3. The following
notable changes have been made since 0.2.2:
- Added the storage hidden subcommand for working with hidden volumes
- Store cached PINs on a per-device basis to better support multi-device
scenarios
- Further decreased binary size by using system allocator
- Bumped nitrokey dependency to 0.3.4
- Bumped rand dependency to 0.6.4
- Removed rustc_version, semver, and semver-parser dependencies
- Bumped nitrokey-sys dependency to 3.4.3
- Bumped libc dependency to 0.2.47
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.47.
Import subrepo libc/:libc at ce1dfcbf81bd74662b5cd02a9214818a0bfbbffa
|
| |
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.4.
Import subrepo nitrokey/:nitrokey at 41cdc1f7091a3c442241dbb2379c50dbcc7e9c5f
|
| |
|
|
|
|
| |
This change updates the README and the man page with documentation about
hidden volumes in general and the storage hidden subcommand in
particular.
|
| |
|
|
|
|
|
|
|
|
| |
With the update to rand 0.6.4 we no longer require the dependencies to
rustc_version, semver, and semver-parser. Hence, this change removes
them.
Delete subrepo rustc_version/:rustc_version
Delete subrepo semver/:semver
Delete subrepo semver-parser/:semver-parser
|
| |
|
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.3. Along with that
change we update rand to 0.6.4 because rand 0.6.1 does not yet contain a
publicly accessible rand_os. Note that we no longer require all
crates in rand's workspace, but only rand_os and rand_core, which is a
significant reduction in the number of lines of code compiled.
Import subrepo nitrokey/:nitrokey at 7cf747d56ddc0b7eeedc3caf36dcc909907a171c
Import subrepo rand/:rand at 4336232dda03323634b10ec72ddf27914aebc3a2
|
| |
|
|
|
|
| |
This change updates the libc crate to version 0.2.46.
Import subrepo libc/:libc at a9e3cc6c1b529eaffef5b82934d0c47203edebe5
|
| |
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.2.
Import subrepo nitrokey/:nitrokey at 6ea73f29daa5db0215663a0a38334b764863671d
|
| |
|
|
|
|
| |
This change updates the nitrokey-sys crate to version 3.4.3.
Import subrepo nitrokey-sys/:nitrokey-sys at fe86df47853718983e1f45d6a4289a1d93ace45c
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The application supports multiple devices both plugged in at the same
time as well as when used after the other. However, the GPG cache ID we
use for storing and retrieving the respective PIN is effectively a
constant. This constraint can cause problems when devices have different
PINs, as the PIN of a previously plugged in device may be reused for an
operation on a different one.
To resolve this problem this change adds the respective device's model
and serial number to the cache ID. As each serial number is supposed to
be different, this will ensure that the correct PIN is used for each
device. With this change we also show the model and serial number of the
currently used device in the pinentry dialog.
Note that because we do not store the serial numbers of all previously
plugged in devices, the pin clear command will only clear the PIN for
the currently plugged in device. If a user wants to make sure that a
cached PIN is cleared, the pin clear command should be invoked before
unplugging the device.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the past we have already taken a couple of steps to reduce the size
of the final binary, arguing that binary size is the metric of most
relevance for the program at hand:
- the memory footprint is close to irrelevant because the program does
not stay resident in memory for long
- execution speed is likely dominated by communication with the Nitrokey
itself, which is a slow I/O device
With that in mind, this change decreases the binary size further by
swapping the default allocator we use (typically jemalloc) with the
system allocator (which is malloc based on Unix systems). Given that we
are by no means allocation sensitive, there is no point in wasting
binary size on something that adds no value.
This change decreases the binary size by another 324 KiB (for an already
stripped release mode binary).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.2. The following
notable changes have been made since 0.2.1:
- Added the -v/--verbose option to control libnitrokey log level
- Added the -m/--model option to restrict connections to a device
model
- Added the -f/--format option for the otp set subcommand to
choose the secret format
- Deprecated the --ascii option
- Honor NITROCLI_ADMIN_PIN and NITROCLI_USER_PIN as well as
NITROCLI_NEW_ADMIN_PIN and NITROCLI_NEW_USER_PIN environment
variables for non-interactive PIN supply
- Format nitrokey reported errors in more user-friendly format
- Bumped nitrokey dependency to 0.3.1
|
| |
|
|
|
|
|
|
|
|
|
| |
The second source of interactivity comes from the pin set and pin
unblock commands, which also inquire with the pinentry module to ask the
user for a PIN.
This change adjusts the two commands to honor the PINs as available in
the command execution context. It also updates the documentation
to reflect the availability of the newly introduced and honored
environment variables NITROCLI_ADMIN_PIN & NITROCLI_USER_PIN as well as
NITROCLI_NEW_ADMIN_PIN & NITROCLI_NEW_USER_PIN.
|
| |
|
|
|
|
|
|
|
| |
At some point in the past nitrokey::CommandError was lacking an
implementation of the fmt::Display trait. Hence, we fell back to
printing these errors in debug format.
Since version 0.2.0 of the crate fmt::Display is implemented for these
errors. With this change we use it to report more user-friendly error
messages.
|
