diff options
| author | Robin Krahl <robin.krahl@ireas.org> | 2018-05-24 20:36:46 +0000 |
|---|---|---|
| committer | Robin Krahl <robin.krahl@ireas.org> | 2018-05-28 20:08:23 +0200 |
| commit | 5f956b8e2a7f1fbf8e968154f55fadb71e8b521a (patch) | |
| tree | 4a820312740cfaf6259c152bdecd02aca301c51b /src/lib.rs | |
| parent | 2ec913fdcadef73281ec30f96c0fc7cd00a4ed26 (diff) | |
| download | nitrokey-rs-5f956b8e2a7f1fbf8e968154f55fadb71e8b521a.tar.gz nitrokey-rs-5f956b8e2a7f1fbf8e968154f55fadb71e8b521a.tar.bz2 | |
Introduce DeviceWrapper to abstract over devices
DeviceWrapper abstracts over the supported devices. It implements the
traits that are implemented by all supported devices. The previous
UnauthenticatedDevice is renamed to Pro to prepare Storage support.
connect_model is moved to Pro::connect.
Diffstat (limited to 'src/lib.rs')
| -rw-r--r-- | src/lib.rs | 89 |
1 files changed, 20 insertions, 69 deletions
@@ -2,16 +2,17 @@ //! //! # Usage //! -//! Operations on the Nitrokey require different authentication levels. Some -//! operations can be performed without authentication, some require user -//! access, and some require admin access. This is modelled using the types -//! [`UnauthenticatedDevice`][], [`UserAuthenticatedDevice`][] and -//! [`AdminAuthenticatedDevice`][]. +//! Operations on the Nitrokey require different authentication levels. Some operations can be +//! performed without authentication, some require user access, and some require admin access. +//! This is modelled using the types [`User`][] and [`Admin`][]. //! -//! Use [`connect`][] or [`connect_model`][] to obtain an -//! [`UnauthenticatedDevice`][]. You can then use [`authenticate_user`][] or -//! [`authenticate_admin`][] to get an authenticated device. You can then use -//! [`device`][] to go back to the unauthenticated device. +//! Use [`connect`][] to connect to any Nitrokey device. The method will return a +//! [`DeviceWrapper`][] that abstracts over the supported Nitrokey devices. You can also use +//! [`Pro::connect`][] to connect to a specific device. +//! +//! You can then use [`authenticate_user`][] or [`authenticate_admin`][] to get an authenticated +//! device that can perform operations that require authentication. You can use [`device`][] to go +//! back to the unauthenticated device. //! //! This makes sure that you can only execute a command if you have the //! required access rights. Otherwise, your code will not compile. The only @@ -76,13 +77,13 @@ //! [`authenticate_admin`]: trait.Authenticate.html#method.authenticate_admin //! [`authenticate_user`]: trait.Authenticate.html#method.authenticate_user //! [`connect`]: fn.connect.html -//! [`connect_model`]: fn.connect_model.html -//! [`device`]: struct.AuthenticatedDevice.html#method.device -//! [`get_hotp_code`]: trait.ProvideOtp.html#method.get_hotp_code -//! [`get_totp_code`]: trait.ProvideOtp.html#method.get_totp_code -//! [`AdminAuthenticatedDevice`]: struct.AdminAuthenticatedDevice.html -//! [`UserAuthenticatedDevice`]: struct.UserAuthenticatedDevice.html -//! [`UnauthenticatedDevice`]: struct.UnauthenticatedDevice.html +//! [`Pro::connect`]: struct.Pro.html#fn.connect.html +//! [`device`]: struct.User.html#method.device +//! [`get_hotp_code`]: trait.GenerateOtp.html#method.get_hotp_code +//! [`get_totp_code`]: trait.GenerateOtp.html#method.get_totp_code +//! [`Admin`]: struct.Admin.html +//! [`DeviceWrapper`]: enum.DeviceWrapper.html +//! [`User`]: struct.User.html extern crate libc; extern crate nitrokey_sys; @@ -90,68 +91,18 @@ extern crate rand; mod config; mod device; +mod misc; mod otp; mod util; #[cfg(test)] mod tests; pub use config::Config; -pub use device::{AdminAuthenticatedDevice, Authenticate, Device, Model, UnauthenticatedDevice, - UserAuthenticatedDevice}; +pub use device::{connect, Admin, Device, DeviceWrapper, Pro, User}; +pub use misc::Authenticate; pub use otp::{ConfigureOtp, GenerateOtp, OtpMode, OtpSlotData}; pub use util::{CommandError, CommandStatus, LogLevel}; -/// Connects to a Nitrokey device. This method can be used to connect to any -/// connected device, both a Nitrokey Pro and a Nitrokey Storage. -/// -/// # Example -/// -/// ``` -/// use nitrokey::UnauthenticatedDevice; -/// -/// fn do_something(device: UnauthenticatedDevice) {} -/// -/// match nitrokey::connect() { -/// Ok(device) => do_something(device), -/// Err(err) => println!("Could not connect to a Nitrokey: {:?}", err), -/// } -/// ``` -pub fn connect() -> Result<UnauthenticatedDevice, CommandError> { - unsafe { - match nitrokey_sys::NK_login_auto() { - 1 => Ok(UnauthenticatedDevice {}), - _ => Err(CommandError::Unknown), - } - } -} - -/// Connects to a Nitrokey device of the given model. -/// -/// # Example -/// -/// ``` -/// use nitrokey::{Model, UnauthenticatedDevice}; -/// -/// fn do_something(device: UnauthenticatedDevice) {} -/// -/// match nitrokey::connect_model(Model::Pro) { -/// Ok(device) => do_something(device), -/// Err(err) => println!("Could not connect to a Nitrokey Pro: {:?}", err), -/// } -/// ``` -pub fn connect_model(model: Model) -> Result<UnauthenticatedDevice, CommandError> { - let model = match model { - Model::Storage => nitrokey_sys::NK_device_model_NK_STORAGE, - Model::Pro => nitrokey_sys::NK_device_model_NK_PRO, - }; - unsafe { - return match nitrokey_sys::NK_login_enum(model) { - 1 => Ok(UnauthenticatedDevice {}), - rv => Err(CommandError::from(rv)), - }; - } -} - /// Enables or disables debug output. Calling this method with `true` is /// equivalent to setting the log level to `Debug`; calling it with `false` is /// equivalent to the log level `Error` (see [`set_log_level`][]). |