| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
For a while now the program has not only supported Nitrokey Storage but
also Nitrokey Pro devices. Back when we added support for the latter we
missed updating the program's description inside Cargo.toml. This change
takes care of this oversight.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change updates the version of the nitrokey crate that we use to
0.4.0-alpha.3. This version is the supposedly last pre-release before
0.4.0, with no further major anticipated changes.
In order to integrate with this new version we have to adjust the way we
connect to a Nitrokey device by funneling those connection requests
through a global manager object. The rationale behind that step being
that the underlying libnitrokey actually cannot handle access of
multiple devices at the same time, and so the manager object is used to
prevent accidental wrong concurrent usage.
Because a device object now effectively keeps a reference to the
manager, we need to provide an additional lifetime to that and derived
objects.
Lastly, the use of a manager is also the reason why the tests had to be
adjusted to no longer accept device objects in their signatures, but
only the respective model for which to invoke the test. That is required
because, as elaborated earlier on, having a device object implies having
taken a reference to a manager (in that case owned by nitrokey-test),
and that reference clashes with the nitrocli code itself attempting to
take the manager. We side step this problem by merely accepting a Model
object, which can be passed around independently of the manager itself,
meaning that nitrokey-test does not need to hold such a reference while
the test is run.
Import subrepo nitrokey/:nitrokey at f150d59410eefdec2ae69b2422906a3d1d88aa07
Import subrepo nitrokey-sys/:nitrokey-sys at 8695e2c762807e033a86c8d03974b686d20cdd72
Import subrepo lazy-static/:lazy-static at b4b2b16aaa79dd7548e288455a0dbe4065bf4e1a
|
|
|
|
|
|
|
|
|
|
| |
This change updates the dependency to nitrokey to version 0.4.0-alpha.2.
In addition to minor interface changes for the get_*_firmware_version
and get_*_retry_count functions, several functions that change the
device state now require a mutable handle to the nitrokey. Hence, this
patch a number of function signatures to accept mutable device objects.
Import subrepo nitrokey/:nitrokey at 34efcfadf1436102e42144f710edabaa2c4b55cd
|
|
|
|
|
|
|
|
| |
With nitrokey-test up to version 0.2.0 we required a work around to make
device tests work across different modules.
With this patch we bump the consumed version of the crate to 0.2.1, as
part which the underlying problem got fixed. Hence, with this change we
remove this hack as it is no longer needed.
|
|
|
|
|
|
|
|
|
|
|
| |
This is patch marks the first step in the process of updating the
nitrokey dependency to version 0.4. In particular, it integrates with
the first alpha version.
The main change on the nitrocli side accompanying the version bump is
that the nitrokey::CommandError got replaced by a more general
nitrokey::Error which includes the former variant.
Import subrepo nitrokey/:nitrokey at d433189caefe6bd6c88da7fbb1d6e9304353eb83
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.3.0. The following
notable changes have been made since 0.2.4:
- Added unencrypted command with set subcommand for changing the
unencrypted volume's read-write mode
- Changed storage hidden subcommand to hidden top-level command
- Renamed storage command to encrypted
- Removed storage status subcommand
- Moved its output into status command
- Removed previously deprecated --ascii option from otp set command
- Fixed wrong hexadecimal conversion used in otp set command
- Bumped nitrokey dependency to 0.3.5
- Bumped libc dependency to 0.2.66
- Bumped cc dependency to 1.0.48
|
|
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.5. The main reason
for this new version of the crate is a build fix due to a backwards
compatibility breaking change in upstream libnitrokey. For that reason,
we also have to bump the minimum required version to avoid build
failures.
Import subrepo nitrokey/:nitrokey at f2cc7fdf081340b0b812f0b212537ba2b55d382e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.4. The following
notable changes have been made since 0.2.3:
- Added the reset command to perform a factory reset
- Added the -V/--version option to print the program's version
- Check the status of a PWS slot before accessing it in pws get
- Added NITROCLI_NO_CACHE environment variable to bypass caching of
secrets
- Clear cached PIN entry as part of pin set command to prevent
spurious authentication failures
- Bumped libc dependency to 0.2.57
- Bumped cc dependency to 1.0.37
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.3. The following
notable changes have been made since 0.2.2:
- Added the storage hidden subcommand for working with hidden volumes
- Store cached PINs on a per-device basis to better support multi-device
scenarios
- Further decreased binary size by using system allocator
- Bumped nitrokey dependency to 0.3.4
- Bumped rand dependency to 0.6.4
- Removed rustc_version, semver, and semver-parser dependencies
- Bumped nitrokey-sys dependency to 3.4.3
- Bumped libc dependency to 0.2.47
|
|
|
|
|
|
|
| |
The CI scripts and the rustfmt configuration are only needed when
developing. There is no point in distributing them in the package
published on crates.io, so we exclude them from packaging using the
exclude setting in Cargo.toml.
|
|
|
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.3. Along with that
change we update rand to 0.6.4 because rand 0.6.1 does not yet contain a
publicly accessible rand_os. Note that we no longer require all
crates in rand's workspace, but only rand_os and rand_core, which is a
significant reduction in the number of lines of code compiled.
Import subrepo nitrokey/:nitrokey at 7cf747d56ddc0b7eeedc3caf36dcc909907a171c
Import subrepo rand/:rand at 4336232dda03323634b10ec72ddf27914aebc3a2
|
|
|
|
|
|
|
|
|
| |
Cargo uses SPDX 2.1 license identifiers. The identifier GPL-3.0+ is
deprecated as of version 2.0rc2 [0]. The current license identifier for GNU
General Public License v3.0 or later is GPL-3.0-or-later [1].
[0] https://spdx.org/licenses/GPL-3.0+.html
[1] https://spdx.org/licenses/GPL-3.0-or-later.html
|
|
|
|
|
|
|
|
|
|
|
| |
The nitrokey-sys crate poses a challenge in that upgrading it causes
build errors caused by linking against the system's nitrokey library
from multiple crates, which is not allowed. The exact cause of the
problem is unclear but the suspicion is that a bug in Cargo's replacing
logic is the cause of the issue.
To work around this problem, this change switches to using the [patch]
section for replacing crates with local copies instead of the [replace]
one.
|
|
|
|
|
|
|
|
|
|
| |
With the first usage of the nitrokey crate we have used the dependency's
path attribute to perform the replacement with a local version of the
source code, while most other dependencies are replaced using the
[replace] section.
Because the [replace] section is more flexible (it allows for
replacement of transitive dependencies), this change unifies all
dependencies to use it.
|
|
|
|
|
|
|
|
|
| |
nitrokey 0.3.1 introduced the connect_model function that connects to a
specific model given by an enum variant and returns a DeviceWrapper.
This new function allows us to remove the manual selection of a
connection method from the get_device function. We only have to
implement From<DeviceModel> for nitrokey::Model to be able to convert
our model enum to nitrokey's model enum.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.2. The following
notable changes have been made since 0.2.1:
- Added the -v/--verbose option to control libnitrokey log level
- Added the -m/--model option to restrict connections to a device
model
- Added the -f/--format option for the otp set subcommand to
choose the secret format
- Deprecated the --ascii option
- Honor NITROCLI_ADMIN_PIN and NITROCLI_USER_PIN as well as
NITROCLI_NEW_ADMIN_PIN and NITROCLI_NEW_USER_PIN environment
variables for non-interactive PIN supply
- Format nitrokey reported errors in more user-friendly format
- Bumped nitrokey dependency to 0.3.1
|
|
|
|
|
|
|
|
|
| |
This change introduces the first set of integration-style test for the
application. Those tests may or may not connect to an actual Nitrokey
device (depending on what they test). We use the nitrokey-test crate's
test attribute macro to automatically dispatch tests to connected
devices or skip them if a required device is not present. It also
provides the means for automatically serializing tests.
|
|
|
|
|
|
|
| |
To parse OTP secrets in base32 representation, we need a new dependency:
the base32 crate.
Import subrepo base32/:base32 at a74cd9246fc0e08d6f5cfcb644bfdf76dd438613
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.3.0.
Import subrepo nitrokey/:nitrokey at 3593df8844b80741e2d33c8e5af80e65760dc058
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.1. The following
notable changes have been made since 0.2.0:
- Added the pws command for accessing the password safe
- Added the lock command for locking the Nitrokey device
- Adjust release build compile options to optimize binary for size
- Bumped nitrokey dependency to 0.2.3
- Bumped rand dependency to 0.6.1
- Added rustc_version version 0.2.3, semver version 0.9.0, and
semver-parser version 0.7.0 as indirect dependencies
- Bumped cc dependency to 1.0.28
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to flush file system level buffers to disk we use the sync
function. The way we made this function known to the crate was by
explicitly declaring it as extern "C" and linking against libc. However,
given that we already (indirectly) depend on libc through the nitrokey
crate (and that is unlikely to change) we may as well make libc a direct
dependency and invoke the function through the crate.
Given that the libc crate is available for a variety of platforms, it
seems likely that its approach to interfacing with the system libc
library is more portable than our hand rolled version.
|
|
|
|
|
|
|
|
| |
For a while now the program has supported the Nitrokey Pro device in
addition to the Nitrokey Storage. To reflect this change, this patch
adjusts the keywords in Cargo.toml to include 'nitrokey-pro' as well.
In order to not exceed the crates.io imposed limit, it removes the 'hid'
keyword.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change updates the nitrokey crate to version 0.2.3. This version
bumps the rand crate used to 0.6.1, which in turn requires an additional
set of dependencies.
Import subrepo nitrokey/:nitrokey at b3e2adc5bb1300441ca74cc7672617c042f3ea31
Import subrepo rand/:rand at 73613ff903512e9503e41cc8ba9eae76269dc598
Import subrepo rustc_version/:rustc_version at 0294f2ba2018bf7be672abd53db351ce5055fa02
Import subrepo semver-parser/:semver-parser at 750da9b11a04125231b1fb293866ca036845acee
Import subrepo semver/:semver at 5eb6db94fa03f4d5c64a625a56188f496be47598
|
|
|
|
|
|
| |
This change updates the cc crate to version 1.0.28.
Import subrepo cc/:cc at 9490b5ecb43b8b926f96a7e484fa83e39620d8e5
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The program's binary is more than 1,5 MiB in size (after stripping debug
symbols). Although in general that is not a size to worry about, keeping
a small binary and memory footprint is beneficial in the majority of
cases and leaves a tangentially better impression with users.
To that end, this change enables the following optimizations to be
performed when creating a release build:
1) We compile with optimization for code size. We have no performance
sensitive code and are communicating with a slow I/O device to begin
with, meaning that binary size will ultimately have the most weight
when judging the program. Hence, minimizing it seems like the best
trade-off.
2) We enable link-time optimization (LTO). At the expense of compilation
time (which is not a concern for what may almost be considered a
one-off operation), this step can reduce binary size by eliminating
more unused code as well as enable performance related optimizations
not possible without this setting. For similar reasons we disable
incremental builds and treat the entire compilation as one unit.
The end result of these optimizations is a reduction of binary size by
almost a fourth (420 KiB).
Those optimizations come at little to no cost (depending on one's view).
There is another one that we could enable and that is to abort on panics
instead of unwinding, yielding savings of 44 KiB. However, we refrained
from doing so because that has a negative impact on the amount of error
reporting happening in case of a panic.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.2.0. The following
notable changes have been made since 0.1.3:
- Use the nitrokey crate for the 'open', 'close', and 'status'
commands instead of directly communicating with the Nitrokey device
- Added nitrokey version 0.2.1 as a direct dependency and
nitrokey-sys version 3.4.1 as well as rand version 0.4.3 as
indirect dependencies
- Removed the hid, hidapi-sys and pkg-config dependencies
- Added the 'otp' command for working with one-time passwords
- Added the 'config' command for reading and writing the device configuration
- Added the 'pin' command for managing PINs
- Renamed the 'clear' command to 'pin clear'
- Moved 'open' and 'close' commands as subcommands into newly introduced
'storage' command
- Moved printing of storage related information from 'status' command
into new 'storage status' subcommand
- Made 'status' command work with Nitrokey Pro devices
- Enabled CI pipeline comprising code style conformance checks, linting,
and building of the project
- Added badges indicating pipeline status, current crates.io published
version of the crate, and minimum version of rustc required
- Fixed wrong messages in the pinentry dialog that were caused by unescaped
spaces in a string
- Use the argparse crate to parse the command-line arguments
- Added argparse dependency in version 0.2.2
|
|
|
|
|
|
|
|
|
| |
This patch adds the crate rust-argparse [0] in version 0.2.2 as a
dependency, as discussed in issue #4.
[0] https://github.com/tailhook/rust-argparse
Import subrepo argparse/:argparse at 0de60a5e6d9ee1a3570d6089afd3ccd6ed7480c5
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the past we have used the 'devel' branch for more or less early
development work that includes the occasional rebase to fix up mistakes
and keep the history clean. That is a non-starter when it comes to
tagging signed releases, which we have introduced recently.
Hence, there is no point in diverging from what the rest of the world is
doing by using a branch name other than 'master' as the main development
vehicle.
By now we have introduced two dependencies on the branch name into the
code base, which this change fixes up.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds a configuration file for the Gitlab CI/CD pipeline to
the repository. This file (directly or indirectly) controls the
environment in which to build, what exactly to build, and ultimately
would also be used to define what tests to run.
With the pipeline in place the change also adds a badge indicating the
status of the build on the project's front page.
The following other CI services have been evaluated or tested and found
to be insufficient for the needs at hand:
- Travis CI: Does not support configuration in a directory other than
the repository root
- Cirrus CI: Has the same problem
- Semaphore: Does not support Rust
- Circle CI: Does not support Rust
- Google Cloud Build: Pretty much strictly a paid service
|
|
|
|
|
|
|
| |
Currently, the nitrokey crate is renamed to libnitrokey in Cargo.toml as
there used to exist a nitrokey module in this crate. As this module
does no longer exist and is not likely to return, this patch removes the
customized name for the nitrokey crate.
|
|
|
|
|
|
|
|
|
| |
This patch removes all dependencies that are no longer required since
the hidapi communication is replaced by libnitrokey.
Delete subrepo hid/:hid
Delete subrepo hidapi-sys/:hidapi-sys
Delete subrepo pkg-config/:pkg-config
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nitrokey crate provides a simple interface to the Nitrokey Storage
and the Nitrokey Pro based on the libnitrokey library developed by
Nitrokey UG. The low-level bindings to this library are available in
the nitrokey-sys crate.
This patch adds version v0.2.1 of the nitrokey crate as a dependency
for nitrocli. It includes the indirect dependencies nitrokey-sys
(version 3.4.1) and rand (version 0.4.3).
Import subrepo nitrokey/:nitrokey at 2eccc96ceec2282b868891befe9cda7f941fbe7b
Import subrepo nitrokey-sys/:nitrokey-sys at f1a11ebf72610fb9cf80ac7f9f147b4ba1a5336f
Import subrepo rand/:rand at d7d5da49daf7ceb3e5940072940d495cced3a1b3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change bumps the version of the crate to 0.1.3. The following
notable changes have been made since 0.1.2:
- Show PIN related errors through pinentry native reporting mechanism
instead of emitting them to stdout
- Added a man page (nitrocli(1)) for the program to the repository
- Adjusted program to use Rust Edition 2018
- Applied a couple of clippy reported suggestions
- Added categories to Cargo.toml
- Changed dependency version requirements to be less strict (only up to
the minor version and not the patch level)
- Bumped pkg-config dependency to 0.3.14
- Bumped libc dependency to 0.2.45
- Bumped cc dependency to 1.0.25
|
|
|
|
|
|
|
|
|
| |
For a while now Cargo has supported the specification of categories in
the Cargo.toml file and crates.io will actually honor those categories
and show case the crate in them.
With this change we specify the four categories this crate is believed
to fit in the best: 'command-line-utilities', 'authentication',
'cryptography', and 'hardware-support'.
|
|
|
|
|
|
|
| |
With the 1.31 release of Rust support for Edition 2018 has reached
the stable tool chain.
This change enables compilation based off of this new edition for the
crate. This change resolves issue #6.
|
|
|
|
|
|
| |
This change updates the cc crate to version 1.0.25.
Import subrepo cc/:cc at fe0a7acb6d3e22e03bf83bcbf89367be888b5448
|
|
|
|
|
|
| |
This change updates the libc crate to version 0.2.45.
Import subrepo libc/:libc at f5636fc618f8e16968b3178196d73c94ad9f7b05
|
|
|
|
|
|
| |
This change updates the pkg-config crate to version 0.3.14.
Import subrepo pkg-config/:pkg-config at f867f8be1babca4d6d9cddc92a817519ae845193
|
|
|
|
|
|
|
|
|
| |
We try to adhere to the Semantic Versioning convention and expect
dependent crates to do the same. So far we have been fairly strict in
terms of the specific versions we consume, specifying the full version
triple (x.y.z).
This change loosens that stance by only specifying the minor version
requirement of dependencies, not the patch level (i.e., x.y).
|
| |
|
|
|
|
|
|
|
|
|
| |
This change updates the hidapi-sys crate to version 0.1.4. In this
version the cc crate (the stable and renamed version of the gcc crate)
is used.
Import subrepo hidapi-sys/:hidapi-sys at c01043da72c0cac898660017e4c4115278c14369
Import subrepo cc/:cc at 500c65b03775cecf55bd358e616963bc3222acca
|
|
|
|
| |
Import subrepo libc/:libc at 16a0f4a3d6c836f88f50c58f5d0a74a32cbf0193
|
|
|
|
| |
Import subrepo hid/:hid at 6dc63c8682bd2f027c0d3b4a004b097ca9ac49fa
|
|
|
|
| |
Import subrepo libc/:libc at 3520512a8c9cb55661910318a6fb169a75c02a59
|
|
|
|
| |
Import subrepo gcc/:gcc at dc329205d54b53a45ab66368aed265b68fe7f261
|
| |
|
|
|
|
|
|
|
|
| |
Although the version information for all the local dependencies can be
inferred from various locations, cargo requires an explicit mentioning
of the version of each dependency for the 'package' command to be
successful.
This change adds explicit versions.
|
|
|
|
|
|
|
| |
The 'libc' create got a couple of updates. This change imports the new
code and bumps the version to use.
Import subrepo libc/:libc at 7db3fd570dfb41a38fb17116e93679307178103a
|
|
|
|
|
|
|
| |
The 'gcc' create got a couple of updates. This change imports the new
code and bumps the version to use.
Import subrepo gcc/:gcc at 6b41873be3172415efcadbff1187a3ff42428943
|
|
|
|
|
|
|
|
| |
The 'hid' crate got a couple of bug fixes, at least one of which we
require in order to retrieve HID feature reports correctly.
This patch imports the new state and bumps up the library version used.
Import subrepo hid/:hid at 52b47d78c17b876194e4b4a1c0c8ae8adfb3d39c
|