Rust interface to libnitrokey https://git.ireas.org/nitrokey-rs/atom?h=v0.3.1 2019-01-06T23:29:52Z 2019-01-06T23:29:52Z Robin Krahl robin.krahl@ireas.org 2019-01-06T23:27:06Z urn:sha1:3fab663891d42cfe317125650394c9560639b60c This patch adds the global connect_model function that can be used to connect to a Nitrokey device of a given model. Contrary to Pro::connect and Storage::connect, the model does not have to be set at compile time. 2019-01-06T22:59:54Z Robin Krahl robin.krahl@ireas.org 2019-01-06T22:56:27Z urn:sha1:30264131262d9e926d3c14b0c92760fdc15ba5c8 This patch introduces the methods enable_hidden_volume, disable_hidden_volume and create_hidden_volume for the Storage struct to support the hidden volumes on the Nitrokey Storage. The enable and create methods require that the encrypted storage has been enabled. Contrary to authentication and password safe access, we do not enforce this requirement in the API as file system operations could have unwanted side effects and should not performed implicitly. 2019-01-05T09:53:25Z Robin Krahl robin.krahl@ireas.org 2019-01-05T09:52:29Z urn:sha1:83063599f4ab1bcbbd9be9166e738a13ae4e4cc6 2019-01-05T09:28:49Z Daniel Mueller deso@posteo.net 2019-01-04T21:00:23Z urn:sha1:54f77851093932d82076f9ef393753e9d6692179 We experienced various problems running the tests and while they may or may not be caused by local setup issues, it is helpful to have more information than just an indication that an assertion (true/false) was violated. To that end, this change adjusts some of the assert!(<func>().is_ok()) to compare against Ok(()) instead. This way, if the result is not the Ok variant, the error code will get printed. 2019-01-05T09:28:43Z Daniel Mueller deso@posteo.net 2019-01-03T19:07:07Z urn:sha1:7645f3964cf8060181b8fac130686e09959f00e1 This change adjusts the PWS tests to use the nitrokey-test crate. 2019-01-05T09:28:37Z Daniel Mueller deso@posteo.net 2019-01-03T19:02:39Z urn:sha1:0b3275f44306f96d41a306d8a753ec76be020d05 This change adjusts the OTP tests to use the nitrokey-test crate. 2019-01-05T09:26:16Z Daniel Mueller deso@posteo.net 2018-12-29T19:52:42Z urn:sha1:65bff57e6139cc126191d4faabbcf74118932dd2 This change is the first in a series to migrate the existing tests to using the nitrokey-test crate. The crate provides a couple of benefits over the existing way testing works: - test execution is automatically serialized (i.e., no more need for --test-threads) - available devices are detected at runtime (i.e., no more need for --features test-pro) - tests capable of running only on a specific device are automatically skipped if this device is not present In addition to that, the crate also offers selection of particular groups of tests by virtue of the NITROKEY_TEST_GROUP environment variable. If set (valid values are "nodev", "pro", and "storage") only tests of the particular group are run (those tests will fail if a required precondition is not met, i.e., if a device is present but "nodev" is set, or if the "pro" group is run but no device or a storage device is present). Unfortunately, it has some limitations as well. Most importantly Rust does not allow us to indicate whether a test has been skipped or not. While it has #[ignore] support, that strictly is a compile-time feature and, hence, not usable. This patch in particular pulls in the nitrokey-test crate and adjusts the existing device tests to make use of it. 2019-01-03T23:51:00Z Robin Krahl robin.krahl@ireas.org 2019-01-03T23:48:22Z urn:sha1:c5d5ab12ab8ca6b9889550f050b859b76fa4bdd7 Contrary to my previous beliefs, build_aes_key has to be called even after a factory reset using the Nitrokey API. This patch updates the documentation and the unit tests based on this insight. 2019-01-03T17:06:30Z Robin Krahl robin.krahl@ireas.org 2019-01-03T17:04:50Z urn:sha1:616f84c13a4e676d3e2f870533fb1b8778c5f614 This patch adds the build_aes_key method to the Device trait that uses the NK_build_aes_key function to build new AES keys on the device. This effectively resets the password safe and the encrypted storage. It is unclear whether other data (e. g. the one-time passwords) are affected too. 2019-01-03T13:53:06Z Robin Krahl robin.krahl@ireas.org 2019-01-03T13:50:15Z urn:sha1:0a7a62c9af15b11e5dbfad1900ac89924457b272 This patch adds the factory_reset_method to the Device trait that uses the NK_factory_reset function to perform a factory reset. The tests verify that the user and admin PIN are reset and that the OTP storage and the password safe are deleted.