| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch renames the options for the config set command:
--numlock ==> --num-lock
--capslock ==> --caps-lock
--scrolllock ==> --scroll-lock
--no-numlock ==> --no-num-lock
--no-capslock ==> --no-caps-lock
--no-scrolllock ==> --no-scroll-lock
The original naming was based on a typo in nitrokey-rs (scrollock vs.
scrolllock). Also, the typical spelling for the keys is Num Lock, Caps
Lock and Scroll Lock, so using a hyphen is a more natural.
|
|
|
|
|
|
|
| |
This patch removes the unused DeviceModel::as_user_facing_str method.
The device model is only used for the argument handling. When printing
messages for the user, we always use nitrokey::Model. Its Display
implementation already prints the model in an appropriate format.
|
|
|
|
|
|
|
| |
This patch adds the librem device model for the Librem Key.
Note that we cannot run any tests for the new model until nitrokey-test
is updated.
|
|
|
|
|
|
| |
This patch updates the nitrokey dependency to version 0.8.0 and applies
all breaking changes (Config fields renaming, DeviceWrapper and Model
non-exhaustiveness, changed Display implementation for Model).
|
|
|
|
|
|
|
| |
The fill command starts a background operation on a Nitrokey Storage
device that fills the SD card with random data. This patch adds a new
option, --progress, to the fill command that checks if a fill operation
is already running on the device and shows its progress.
|
|
|
|
|
| |
This patch uses the progressing crate to display a progress bar for the
fill command if the output is printed to a TTY.
|
|
|
|
|
|
| |
This patch adds the is_tty field to the Context struct that indicates
whether stdout is a TTY. This allows us to use TTY features like moving
the cursor in our output.
|
|
|
|
|
|
| |
This patch adds the fill command that overwrites the SD card with random
data. Similar to the reset command, we always require the user to enter
the admin PIN even if is cached.
|
|
|
|
|
|
|
|
|
|
| |
The Storage device keeps track of the areas of the SD card that have
been written to during this power cycle. This data can be accessed using
the NK_get_SD_usage_data function that returns a range of the SD card
that has not been written. This data can be used as a guide line when
creating new hidden volumes.
This patch adds the SD card usage data to the output of the status
command for Nitrokey Storage devices.
|
|
|
|
|
| |
For consistency with the --usb-path option, this path renames the device
path column in the output of the list command to USB path.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the --usb-path option as an additional way to filter the
Nitrokey device to connect to. While the serial number is a better
identifier in theory, the Nitrokey Storage devices do not send their
serial number in the USB device descriptor. Having the --usb-path
options allows users to select one of multiple Nitrokey Storage devices.
While we could directly call the nitrokey::Manager::connect_path
function with the specified path, we integrate the --usb-path option
into the existing find_device function for consistent error messages and
to avoid having to duplicate the --model and --serial-number checks.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds test cases for the new connection logic:
- connect_multiple checks that nitrocli aborts if more than one Nitrokey
device is connected and no filter is set.
- connect_serial_number checks that we can use the --serial-number
option to connect to all supported Nitrokey devices.
- connect_wrong_serial_number checks that nitrocli aborts if it can’t
find a device with the requested serial number.
- connect_model checks that we can use the --model option to select the
Nitrokey device to connect to, and that nitrocli aborts if it finds no
matching device or multiple matching devices.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This patch adds the --serial-number option that allows the user to
filter the attached Nitrokey devices by serial number. As the Nitrokey
Storage does not include its serial number in the USB device descriptor
and as we don't want to connect to it just to query the serial number,
this option only works for Nitrokey Storage devices.
|
|
|
|
|
|
|
|
| |
Previously, we just applied our filter (if any) to all attached Nitrokey
devices and selected the first match when connection to a Nitrokey
device. This may lead to unexpected behavior if multiple devices are
attached. This patch changes the find_device function to return an
error if multiple matching devices are found.
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces two new functions, find_device and connect, to
connect to a Nitrokey device. find_device queries the attached Nitrokey
devices, applies the filters (currently only the --model option) and
returns the first match. connect calls find_device and connects to the
returned device.
This refactoring allows us to add more device filters, for example a
--serial-number option, without code duplication.
|
|
|
|
|
|
|
|
| |
In the future we would like to provide more ways for tests to create a
Nitrocli instance. In order to prevent explosion of with_XXX methods for
each possible combination of arguments, this change allows for an easier
configuration of an existing object with builder-pattern-inspired
modifier methods.
|
|
|
|
|
|
|
|
| |
While the Nitrocli::model() method was well intentioned, we do not
actually need it because we create a Nitrocli instance from the model
passed to the individual test. We can just reuse this model instead.
With this patch we do exactly that, allowing us to get rid of
Nitrocli::model() all together.
|
|
|
|
|
|
|
|
| |
With this change we switch to using a REUSE compliant way of specifying
the copyright & license of the program. To be fully in conformance we
also add additional license specifications for the remaining files in
the project. Lastly, a new CI pipeline rule takes care of verifying
compliance on an ongoing basis.
|
|
|
|
|
| |
This change adjusts the copyright header in all files to no longer
mention individuals but refer to The Nitrocli Developers in general.
|
|
|
|
|
| |
This patch adds the from_env constructor to Context to make the main
function easier to read.
|
|
|
|
|
|
|
| |
Since we moved the model, no_cache and verbosity fields from ExecCtx
into Config and added a Config field to both ExecCtx and RunCtx, RunCtx
and ExecCtx are identical. Therefore this patch merges the ExecCtx and
RunCtx structs into the new Context struct.
|
|
|
|
|
|
|
| |
With the switch from argparse over to structopt a while back the need
for the Stdio trait that we used for abstracting over the different
contexts vanished. With this change we remove the trait and its various
implementations.
|
|
|
|
|
|
|
|
| |
This patch adds a new --no-cache option that corresponds to the
NITROCLI_NO_CACHE environment variable and the no_cache configuration.
This makes the user interface more consistent as all configuration items
are now backed by both an environment variable and a command-line
option.
|
|
|
|
|
|
|
|
| |
This patch adds a simple configuration file that demonstrates the syntax
and contains some documentation. We suggest to ship this file together
with nitrocli and to install it e.g., in the /usr/share/doc/nitrocli
directory. This patch also adds a simple test case that makes sure that
the example file is parsed correctly.
|
|
|
|
|
|
|
|
|
| |
This patch uses the directories crate to query the appropriate path for
the configuration files. For Linux, paths according to the XDG Base
Directory Specification are used.
Note that directories does not yet support the XDG_CONFIG_DIRS variable
for system-wide configuration files. Therefore we only use a user
configuration file.
|
|
|
|
|
|
|
|
| |
This patch uses the envy crate to parse the environment. A variable
NITROCLI_KEY can be used to overwrite the configuration for *key*. This
has the side effect that the NITROCLI_NO_CACHE variable is evaluated as
a boolean variable (instead of only checking whether it is set). We
also accept two new variables, NITROCLI_MODEL and NITROCLI_VERBOSITY.
|
|
|
|
|
|
|
|
|
| |
This patch implements basic configuration handling that reads a
configuration file and stores the parsed data in the ExecCtx and RunCtx
structs. It supports three configuration items:
- model (previously only --model)
- no_cache (previously only NITROCLI_NO_CACHE)
- verbosity (previously only --verbose)
|
|
|
|
|
|
|
| |
The missing_copy_implementations lint is arguably not super useful in an
application crate, where no third party is consuming the type
definitions. As such, this change removes it from the list of lints
causing warnings.
|
|
|
|
|
|
|
| |
In the past we were using an application global custom Result type
definition. This makes less sense now that we switched over to using
anyhow's Error and Result types. We kept that for the time being, but
with this change we remove the type and use anyhow::Result instead.
|
|
|
|
|
|
| |
This change removes the error module. This module, and the Error type it
homes, are no longer used by the application, as everything has been
transitioned over to using anyhow's Error type.
|
|
|
|
|
|
|
|
|
| |
With the move to using anyhow's Error type and adding contextual
information at the point where we bubble up errors, we no longer require
the 'msg' argument that is passed to the try_with_pin_* and authenticate
functions.
To that end, this change removes this parameter, concluding the switch
to using anyhow.
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes our error handling approach from the ground up:
instead of having a globally used Error enum that contains variants for
all possible errors, we now use anyhow's Error type. This approach is
more dynamic (and not statically typed), but it allows for more fine
grained error messages and overall more user-friendly error reporting.
Overall it also is a net simplification. While we have one dynamic cast
now, in order to be able to handle erroneous password/PIN entries
correctly, that is considered a reasonable compromise.
|
|
|
|
|
|
|
|
| |
The pinentry tests currently expect the Error::Error variant to be
reported for failures.
This patch adjusts the tests to merely compare strings and ignore the
exact type of error. Doing so will make it easier to switch to using
anyhow for error handling.
|
|
|
|
|
|
| |
This change wraps up the removal of the UnwrapError test trait. This
step prepares us for the subsequent removal of the application's global
Error enum type, in favor of the usage of anyhow's Error type.
|
|
|
|
|
| |
This change marks the next step in getting rid of the UnwrapError test
trait. Specifically, it removes its unwrap_lib_err method.
|
|
|
|
|
|
|
|
|
|
| |
With upcoming changes we intend to move towards a model where we do not
distinguish the individual error variants the program deals with in a
global enum.
In preparation of such a change, this patch marks a first step in
removing the UnwrapError test trait, which relies on the existence of
exactly such typed errors. In particular, we remove the unwrap_str_err
method from it, basically falling back to just working with strings.
|
|
|
|
|
|
|
|
|
|
|
| |
An arguably unrepresentative survey of services (GitHub, Google
Authenticator, and Bitbucket) seems to suggests that the base32 format
is the de-facto standard format for OTP secrets. Given that it's not
necessarily obvious what format a secret is in and that most services
refrain from mentioning it explicitly, having the correct default format
is fairly important.
With this change we switch the default format from hexadecimal to
base32 to accommodate for this finding.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our custom macros for conveniently creating types with additional meta
information for working with structopt do not actually use the doc
comments we have in place -- these comments are solely for in-source
documentation. We are an application and as such crates.io will not
automatically generate documentation.
All of that does not deter rustc from complaining that doc comments are
unused. In the past we tried to fudge that by adding a special
allowance, #[allow(unused_doc_comments)], but that seems to have seized
to work.
With this change we finally give in and move the doc comment into the
macro itself, where it will be used to annotate the generated type. This
step should hopefully silence rustc once and for all -- at the expense
of a slight decrease in readability.
|
|
|
|
|
|
| |
We have never been fully satisfied with the name arg_defs. Now that we
have gotten rid of the formerly used args module, this change renames
arg_defs to args.
|
|
|
|
|
|
| |
This change removes the args module by moving all remaining
functionality in it into main.rs. The result is arguably a nice
consolidation of all context related definitions in a single module.
|
|
|
|
|
|
| |
As a next step moving us closer towards removing the args module, this
change merges the config_set function into the existing function of the
same name in the commands module.
|
|
|
|
|
|
|
|
|
| |
Now that we have isolated and separated out structopt specific
definitions into a new module, arg_defs, args.rs is actually so small
that we do not want to keep it around any longer.
This change marks a first step moving us closer towards removing it.
Specifically, it merges the otp_set function from args.rs into the
function of the same name in commands.rs.
|
|
|
|
|
|
|
|
|
|
|
| |
We are aiming to rid the arg_defs module of dependencies to the rest of
the crate in an attempt to make the file fully free standing. The last
remaining references into the crate are used to hook up the functionality
backing the respective commands. Luckily for us, this "gluing" of
functionality to types is really only required in the macro-generated
code (which we do not care about as part of this exercise) and so with
this change we remove the use declarations from the top of the file and
reference the respective functionality in an absolute manner instead.
|
|
|
|
|
|
|
|
|
| |
This change removes the need to import crate::Error from the arg_defs
module. By dropping this dependency we make the file more independent of
the rest of the crate, which subsequently will allow us to merely
include! it in another file in order to get the argument related type
definitions without compilation errors due to missing symbols from the
rest of the crate.
|
|
|
|
|
|
|
|
| |
The PinType struct, despite being intended for the pinentry module, is
ultimately part of the argument handling definitions. Because our goal
is to consolidate all of those in a single file, this change moves the
definition of this type from the pinentry module into the newly
introduced arg_defs.
|
|
|
|
|
|
|
|
| |
This change marks the first step in a restructuring of the argument
handling code, the ultimate goal of which is a separation of the type
definitions as used by structopt from the logic associated with it. This
change in particular introduces a new module, arg_defs, that contains
all those type definitions that previously resided in the args module.
|