Rust interface to libnitrokey https://git.ireas.org/nitrokey-rs/atom?h=v0.3.4 2019-01-20T14:04:29Z 2019-01-20T14:04:29Z Robin Krahl robin.krahl@ireas.org 2019-01-20T14:04:29Z urn:sha1:41cdc1f7091a3c442241dbb2379c50dbcc7e9c5f 2019-01-20T14:00:53Z Robin Krahl robin.krahl@ireas.org 2019-01-20T14:00:53Z urn:sha1:b6a941cd9ed30a4f93299132ae7e155922c73701 2019-01-20T13:58:11Z Robin Krahl robin.krahl@ireas.org 2019-01-20T13:54:20Z urn:sha1:9e97ffad01e1b81c87f2926bd7bab823219b07c7 The random number generator used for the temporary password produces a Vec<u8>. The libnitrokey functions using the temporary password require a pointer to a c_char. Previously, we cast the u8 pointer to the Vec<u8> to a i8 pointer (unsigned to signed). This leads to a type mismatch if the char type is not signed. Therefore we now cast to c_char instead of i8. 2019-01-16T20:36:49Z Robin Krahl robin.krahl@ireas.org 2019-01-16T20:36:49Z urn:sha1:7cf747d56ddc0b7eeedc3caf36dcc909907a171c 2019-01-16T20:32:11Z Robin Krahl robin.krahl@ireas.org 2019-01-16T20:32:11Z urn:sha1:ea84e4609421ee5ce3bebbb9f52ef302fe2fba56 The archlinux build compiles libnitrokey from source. Now we also verify that we can use the system libnitrokey version. 2019-01-16T20:29:38Z Robin Krahl robin.krahl@ireas.org 2019-01-16T20:28:31Z urn:sha1:679791064169a37ad9d88b910b7553ebf7133c07 If libnitrokey has not been built from a clone of the Git repository, the Git version string may be empty. 2019-01-16T20:22:48Z Robin Krahl robin.krahl@ireas.org 2019-01-16T20:20:31Z urn:sha1:d72641832a6c8622cf6468987b5b0aa5bd4c1c39 There seems to be a bug in libnitrokey or the Nitrokey Storage firmware that causes problems when chaining factory reset and build_AES_keys without delay (upstream issue [0]). [0] https://github.com/Nitrokey/nitrokey-storage-firmware/issues/80 2019-01-16T20:22:41Z Robin Krahl robin.krahl@ireas.org 2019-01-16T19:43:04Z urn:sha1:3a8669cea4aa4b32fee3336cb9be4ec66d3dc2c2 The device::clear_new_sd_card_warning used to perform a factory reset without building an AES key. This led to errors in tests that assume that an AES key is present. 2019-01-16T20:22:31Z Robin Krahl robin.krahl@ireas.org 2019-01-16T19:35:50Z urn:sha1:d3a103bc25e5f37a42a19515ad25e5a8e5995b36 The device::factory_reset test used to first change the PINs and then access the PWS and the OTP data. If for example the PWS access failed due to an problem with the AES key, the PINs were not reset. Now we perform the PWS and OTP access with the old PINs – which is okay as we do not want to test the PIN change but the factory reset. If these preparations fail, the tests is cancelled before the PINs are changed. 2019-01-16T19:17:16Z Robin Krahl robin.krahl@ireas.org 2019-01-16T03:16:01Z urn:sha1:79a3298ab5973a47cb68ef48e554ec88fb7e99a6 Until the last commit, all empty strings returned by the library were interepreted as errors. As the PWS functions return empty strings for unprogrammed slots, the methods to access the PWS data returned an error when querying a slot that is not programmed. Since the last commit, they return an empty string instead. This patch restores the old behavior by returning an error instead of an empty string. Yet we change the error variant: SlotNotProgrammed instead of Undefined.