| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The application supports multiple devices both plugged in at the same
time as well as when used after the other. However, the GPG cache ID we
use for storing and retrieving the respective PIN is effectively a
constant. This constraint can cause problems when devices have different
PINs, as the PIN of a previously plugged in device may be reused for an
operation on a different one.
To resolve this problem this change adds the respective device's model
and serial number to the cache ID. As each serial number is supposed to
be different, this will ensure that the correct PIN is used for each
device. With this change we also show the model and serial number of the
currently used device in the pinentry dialog.
Note that because we do not store the serial numbers of all previously
plugged in devices, the pin clear command will only clear the PIN for
the currently plugged in device. If a user wants to make sure that a
cached PIN is cleared, the pin clear command should be invoked before
unplugging the device.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the past we have already taken a couple of steps to reduce the size
of the final binary, arguing that binary size is the metric of most
relevance for the program at hand:
- the memory footprint is close to irrelevant because the program does
not stay resident in memory for long
- execution speed is likely dominated by communication with the Nitrokey
itself, which is a slow I/O device
With that in mind, this change decreases the binary size further by
swapping the default allocator we use (typically jemalloc) with the
system allocator (which is malloc based on Unix systems). Given that we
are by no means allocation sensitive, there is no point in wasting
binary size on something that adds no value.
This change decreases the binary size by another 324 KiB (for an already
stripped release mode binary).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.2. The following
notable changes have been made since 0.2.1:
- Added the -v/--verbose option to control libnitrokey log level
- Added the -m/--model option to restrict connections to a device
model
- Added the -f/--format option for the otp set subcommand to
choose the secret format
- Deprecated the --ascii option
- Honor NITROCLI_ADMIN_PIN and NITROCLI_USER_PIN as well as
NITROCLI_NEW_ADMIN_PIN and NITROCLI_NEW_USER_PIN environment
variables for non-interactive PIN supply
- Format nitrokey reported errors in more user-friendly format
- Bumped nitrokey dependency to 0.3.1
|
|
|
|
|
|
|
|
|
|
|
| |
The second source of interactivity comes from the pin set and pin
unblock commands, which also inquire with the pinentry module to ask the
user for a PIN.
This change adjusts the two commands to honor the PINs as available in
the command execution context. It also updates the documentation
to reflect the availability of the newly introduced and honored
environment variables NITROCLI_ADMIN_PIN & NITROCLI_USER_PIN as well as
NITROCLI_NEW_ADMIN_PIN & NITROCLI_NEW_USER_PIN.
|
|
|
|
|
|
|
|
|
| |
At some point in the past nitrokey::CommandError was lacking an
implementation of the fmt::Display trait. Hence, we fell back to
printing these errors in debug format.
Since version 0.2.0 of the crate fmt::Display is implemented for these
errors. With this change we use it to report more user-friendly error
messages.
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.1.
Import subrepo nitrokey/:nitrokey at bad12ad3c57c67d42243338af7d65c3591fed327
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces the -f/--format options for the otp set
subcommand to specify the format of the OTP secret. Previously, the
default format was hexadecimal and ASCII format could be selected using
the --ascii option. The new --format option takes the argument hex or
ascii, defaulting to hex, and replaces the --ascii option.
This patch does not remove the --ascii option but marks it as
deprecated. It may not be set together with --format, and a warning is
printed if it is set. It should be deleted with the next minor release.
This patch prepares the addition of a new format, base32.
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.0.
Import subrepo nitrokey/:nitrokey at 3593df8844b80741e2d33c8e5af80e65760dc058
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the -m/--model option that can be used to restrict the
device model to connect to. Per default, nitrocli connects to any
available Nitrokey device. If this new option is set, it will instead
only connect to devices of the given Nitrokey model.
We introduce a new struct DeviceModel instead of using
nitrokey::DeviceModel to make sure that the command-line options are
parsed properly. On the long term, we should add a connect_model
function to the nitrokey crate to make the connection code easier.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces a new option, -v/--verbose, that can be used to
increase the log level of libnitrokey. The option can be supplied
multiple times, with each occurrence increasing the verbosity of the
logging.
On the implementation side, the option is set as part of connecting the
device (piggy-backing on the previously introduced command execution
context), although it describes global state that strictly speaking could
be set anywhere. It is bad enough that libnitrokey just prints log
messages to stderr (and does not accept a file handle) and that it does
not track the log level on a per-device basis, but we don't want setting
of global state from arbitrary locations inside the program. Instead,
let's do that along with what pretty much is the first call into
libnitrokey anyway: the connection to the device.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.1. The following
notable changes have been made since 0.2.0:
- Added the pws command for accessing the password safe
- Added the lock command for locking the Nitrokey device
- Adjust release build compile options to optimize binary for size
- Bumped nitrokey dependency to 0.2.3
- Bumped rand dependency to 0.6.1
- Added rustc_version version 0.2.3, semver version 0.9.0, and
semver-parser version 0.7.0 as indirect dependencies
- Bumped cc dependency to 1.0.28
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.2.3. This version
bumps the rand crate used to 0.6.1, which in turn requires an additional
set of dependencies.
Import subrepo nitrokey/:nitrokey at b3e2adc5bb1300441ca74cc7672617c042f3ea31
Import subrepo rand/:rand at 73613ff903512e9503e41cc8ba9eae76269dc598
Import subrepo rustc_version/:rustc_version at 0294f2ba2018bf7be672abd53db351ce5055fa02
Import subrepo semver-parser/:semver-parser at 750da9b11a04125231b1fb293866ca036845acee
Import subrepo semver/:semver at 5eb6db94fa03f4d5c64a625a56188f496be47598
|
|
|
|
|
|
| |
This change updates the cc crate to version 1.0.28.
Import subrepo cc/:cc at 9490b5ecb43b8b926f96a7e484fa83e39620d8e5
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The program's binary is more than 1,5 MiB in size (after stripping debug
symbols). Although in general that is not a size to worry about, keeping
a small binary and memory footprint is beneficial in the majority of
cases and leaves a tangentially better impression with users.
To that end, this change enables the following optimizations to be
performed when creating a release build:
1) We compile with optimization for code size. We have no performance
sensitive code and are communicating with a slow I/O device to begin
with, meaning that binary size will ultimately have the most weight
when judging the program. Hence, minimizing it seems like the best
trade-off.
2) We enable link-time optimization (LTO). At the expense of compilation
time (which is not a concern for what may almost be considered a
one-off operation), this step can reduce binary size by eliminating
more unused code as well as enable performance related optimizations
not possible without this setting. For similar reasons we disable
incremental builds and treat the entire compilation as one unit.
The end result of these optimizations is a reduction of binary size by
almost a fourth (420 KiB).
Those optimizations come at little to no cost (depending on one's view).
There is another one that we could enable and that is to abort on panics
instead of unwinding, yielding savings of 44 KiB. However, we refrained
from doing so because that has a negative impact on the amount of error
reporting happening in case of a panic.
|
|
|
|
|
|
| |
This patch implements the lock command that locks the password safe and,
on the Nitrokey Storage, the encrypted volume. See issue #18 for
details on the locking mechanism.
|
|
|
|
|
| |
This patch adds the basic structure for the pws command that can be used
to access the password safe on the Nitrokey Pro and Nitrokey Storage.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.0. The following
notable changes have been made since 0.1.3:
- Use the nitrokey crate for the 'open', 'close', and 'status'
commands instead of directly communicating with the Nitrokey device
- Added nitrokey version 0.2.1 as a direct dependency and
nitrokey-sys version 3.4.1 as well as rand version 0.4.3 as
indirect dependencies
- Removed the hid, hidapi-sys and pkg-config dependencies
- Added the 'otp' command for working with one-time passwords
- Added the 'config' command for reading and writing the device configuration
- Added the 'pin' command for managing PINs
- Renamed the 'clear' command to 'pin clear'
- Moved 'open' and 'close' commands as subcommands into newly introduced
'storage' command
- Moved printing of storage related information from 'status' command
into new 'storage status' subcommand
- Made 'status' command work with Nitrokey Pro devices
- Enabled CI pipeline comprising code style conformance checks, linting,
and building of the project
- Added badges indicating pipeline status, current crates.io published
version of the crate, and minimum version of rustc required
- Fixed wrong messages in the pinentry dialog that were caused by unescaped
spaces in a string
- Use the argparse crate to parse the command-line arguments
- Added argparse dependency in version 0.2.2
|
|
|
|
|
|
|
|
|
| |
We have functionality for changing the Nitrokey's user & admin PINs as
well as for resetting the user PIN coming up. With the prospect of this
new functionality arriving, it makes sense to introduce a new top-level
command for the sole purpose of PIN management.
This change introduces such a command, pin, and moves the existing clear
command for clearing the PIN cache into it.
|
|
|
|
|
|
|
|
|
|
| |
The 'status' command has traditionally printed information about the
connected Nitrokey and that included storage specific data if the device
present is a Nitrokey Storage.
Given that we have a root-level 'storage' command it arguably makes
sense to move the printing of the storage related status information
into a 'status' sub-command of the said command, which makes the output
more predictable.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upon their inception, the 'open' and 'close' commands were pretty much
the only relevant commands the program provided and it made sense to
have them reside in the root namespace. By now we support more commands
and have started to structure them in a more hierarchical fashion.
To go with the flow, this change introduces a new 'storage' command and
makes the existing 'open' and 'close' commands subcommands of it. We
chose the name 'storage' (over, say, 'volume') because we plan to move
the printing of the storage related status from the 'status' root level
command into a subcommand within 'storage'.
|
|
|
|
|
| |
This patch adds the top-level config command. Its subcommands will
provide access to the device configuration.
|
|
|
|
|
|
|
|
| |
Currently, the status command fails for a Nitrokey Pro. This patch
changes the command to also print basic status information for Pro
devices. For the sake of consistency, the common status is always
queried using the common `Device` functions, even if the Storage status
includes the same information.
|
|
|
|
|
| |
This patch adds the `otp` top-level command. Its subcommands provide
access to one-time passwords on the Nitrokey.
|
|
|
|
|
|
|
|
|
| |
This patch replaces the macro for argument parsing with
`argparse::ArgumentParser` from the argparse crate. It moves the
application logic to the `commands` module and the argument parsing to
the `options` module. An enum is used to represent the available
commands. The code is based on the `subcommands.rs` example shipped
with argparse.
|
|
|
|
|
|
|
|
|
| |
This patch adds the crate rust-argparse [0] in version 0.2.2 as a
dependency, as discussed in issue #4.
[0] https://github.com/tailhook/rust-argparse
Import subrepo argparse/:argparse at 0de60a5e6d9ee1a3570d6089afd3ccd6ed7480c5
|
|
|
|
|
|
|
| |
Spaces in the arguments for gpg-connect-agent’s `GET_PASSPHRASE` command
have to be esaced using a plus sign. Somehow this was missing for the
prompt argument. This patch adds escaping for the prompt so that the
pinentry dialog is displayed correctly.
|
|
|
|
|
|
|
|
|
|
|
| |
This change enables automated code format checking by means of the
rustfmt program in the Gitlab CI pipeline. The check is performed in a
third job in the hope that this helps identify problems more easily:
users can see which of the jobs failed and focus on them in isolation,
as opposed to having a single log file or, worse, just the results of
the stages up to the first failure.
This patch resolves issue #17.
|
|
|
|
|
|
|
|
|
| |
This patch removes all dependencies that are no longer required since
the hidapi communication is replaced by libnitrokey.
Delete subrepo hid/:hid
Delete subrepo hidapi-sys/:hidapi-sys
Delete subrepo pkg-config/:pkg-config
|
|
|
|
|
|
| |
This patch removes the raw hidapi implementation of the status command
and all utility methods that are no longer needed. With this patch, all
device communication is performed using libnitrokey.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes the raw hidapi implementations of the Enable
Encrypted Volume and Disable Encrypted Volume commands and replaces them
with the methods enable_encrypted_volume and disable_encrypted_volume of
the Storage struct provided by the nitrokey trait.
To provide some context to the error messages, the errors are wrapped
using the map_err method of the Result enum and the get_error function
that combines a nitrokey error code and a string into a nitrocli error.
It would be more idiomatic to define a conversion from a nitrokey error
to a nitrocli error, but then we would lose information about the
context of the error.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nitrokey crate provides a simple interface to the Nitrokey Storage
and the Nitrokey Pro based on the libnitrokey library developed by
Nitrokey UG. The low-level bindings to this library are available in
the nitrokey-sys crate.
This patch adds version v0.2.1 of the nitrokey crate as a dependency
for nitrocli. It includes the indirect dependencies nitrokey-sys
(version 3.4.1) and rand (version 0.4.3).
Import subrepo nitrokey/:nitrokey at 2eccc96ceec2282b868891befe9cda7f941fbe7b
Import subrepo nitrokey-sys/:nitrokey-sys at f1a11ebf72610fb9cf80ac7f9f147b4ba1a5336f
Import subrepo rand/:rand at d7d5da49daf7ceb3e5940072940d495cced3a1b3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.1.3. The following
notable changes have been made since 0.1.2:
- Show PIN related errors through pinentry native reporting mechanism
instead of emitting them to stdout
- Added a man page (nitrocli(1)) for the program to the repository
- Adjusted program to use Rust Edition 2018
- Applied a couple of clippy reported suggestions
- Added categories to Cargo.toml
- Changed dependency version requirements to be less strict (only up to
the minor version and not the patch level)
- Bumped pkg-config dependency to 0.3.14
- Bumped libc dependency to 0.2.45
- Bumped cc dependency to 1.0.25
|
|
|
|
|
|
|
|
| |
Given that development is picking up speed again we should accept all
the help we get from the compiler to catch issues as early as possible.
To that end, this change enables more lints for the program. As "usual",
lints that are suspected to potentially change in future versions of
Rust are reported as warnings and not errors.
|
|
|
|
|
|
|
|
|
| |
For a while now Cargo has supported the specification of categories in
the Cargo.toml file and crates.io will actually honor those categories
and show case the crate in them.
With this change we specify the four categories this crate is believed
to fit in the best: 'command-line-utilities', 'authentication',
'cryptography', and 'hardware-support'.
|
|
|
|
|
|
|
| |
With the 1.31 release of Rust support for Edition 2018 has reached
the stable tool chain.
This change enables compilation based off of this new edition for the
crate. This change resolves issue #6.
|
|
In order for users to decide whether an update of the program is
justified (or, to potentially help in identifying changes that resulted
in a regression), it is often a good idea to provide a brief summary of
all the changes that went into a particular release.
With this change we add a change log for the program to the repository.
Through a bit of code archeology the log stretches back to the initial
release.
|