aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Krahl <robin.krahl@ireas.org>2019-01-12 17:37:21 +0000
committerRobin Krahl <robin.krahl@ireas.org>2019-01-12 18:39:10 +0100
commit78f926456a07047c34dc20b97fe04e55ba443528 (patch)
tree53ed0f2fac5bccc007df78aa441a16c69a537211
parent879ee92e81b3acee88e3ecbc35f7d4cfbacd708a (diff)
downloadnitrokey-rs-78f926456a07047c34dc20b97fe04e55ba443528.tar.gz
nitrokey-rs-78f926456a07047c34dc20b97fe04e55ba443528.tar.bz2
Add export_firmware method to Storage
The export_firmware method writes the firmware of the Nitrokey Storage to the unencrypted storage. We only test that the command succeeds as mounting the unencrypted storage and accessing the file is out of scope for the tests.
-rw-r--r--TODO.md1
-rw-r--r--src/device.rs21
-rw-r--r--tests/device.rs18
3 files changed, 39 insertions, 1 deletions
diff --git a/TODO.md b/TODO.md
index 113858a..7c8c5e6 100644
--- a/TODO.md
+++ b/TODO.md
@@ -1,7 +1,6 @@
- Add support for the currently unsupported commands:
- `NK_is_AES_supported`
- `NK_send_startup`
- - `NK_export_firmware`
- `NK_clear_new_sd_card_warning`
- `NK_fill_SD_card_with_random_data`
- `NK_get_SD_usage_data_as_string`
diff --git a/src/device.rs b/src/device.rs
index ee8e31c..f247f58 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -1170,6 +1170,27 @@ impl Storage {
pub fn wink(&self) -> Result<(), CommandError> {
get_command_result(unsafe { nitrokey_sys::NK_wink() })
}
+
+ /// Exports the firmware to the unencrypted volume.
+ ///
+ /// This command requires the admin PIN. The unencrypted volume must be in read-write mode
+ /// when this command is executed. Otherwise, it will still return `Ok` but not write the
+ /// firmware.
+ ///
+ /// This command unmounts the unencrypted volume if it has been mounted, so all buffers should
+ /// be flushed. The firmware is written to the `firmware.bin` file on the unencrypted volume.
+ ///
+ /// # Errors
+ ///
+ /// - [`InvalidString`][] if one of the provided passwords contains a null byte
+ /// - [`WrongPassword`][] if the admin password is wrong
+ ///
+ /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString
+ /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword
+ pub fn export_firmware(&self, admin_pin: &str) -> Result<(), CommandError> {
+ let admin_pin_string = get_cstring(admin_pin)?;
+ get_command_result(unsafe { nitrokey_sys::NK_export_firmware(admin_pin_string.as_ptr()) })
+ }
}
impl Drop for Storage {
diff --git a/tests/device.rs b/tests/device.rs
index 9985e7a..e40ae12 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -437,3 +437,21 @@ fn get_storage_status(device: Storage) {
assert!(status.serial_number_sd_card > 0);
assert!(status.serial_number_smart_card > 0);
}
+
+#[test_device]
+fn export_firmware(device: Storage) {
+ assert_eq!(
+ Err(CommandError::WrongPassword),
+ device.export_firmware("someadminpn")
+ );
+ assert_eq!(Ok(()), device.export_firmware(ADMIN_PASSWORD));
+ assert_eq!(
+ Ok(()),
+ device.set_unencrypted_volume_mode(ADMIN_PASSWORD, VolumeMode::ReadWrite)
+ );
+ assert_eq!(Ok(()), device.export_firmware(ADMIN_PASSWORD));
+ assert_eq!(
+ Ok(()),
+ device.set_unencrypted_volume_mode(ADMIN_PASSWORD, VolumeMode::ReadOnly)
+ );
+}