summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--TODO.md1
-rw-r--r--src/device.rs21
-rw-r--r--tests/device.rs18
3 files changed, 39 insertions, 1 deletions
diff --git a/TODO.md b/TODO.md
index 113858a..7c8c5e6 100644
--- a/TODO.md
+++ b/TODO.md
@@ -1,7 +1,6 @@
- Add support for the currently unsupported commands:
- `NK_is_AES_supported`
- `NK_send_startup`
- - `NK_export_firmware`
- `NK_clear_new_sd_card_warning`
- `NK_fill_SD_card_with_random_data`
- `NK_get_SD_usage_data_as_string`
diff --git a/src/device.rs b/src/device.rs
index ee8e31c..f247f58 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -1170,6 +1170,27 @@ impl Storage {
pub fn wink(&self) -> Result<(), CommandError> {
get_command_result(unsafe { nitrokey_sys::NK_wink() })
}
+
+ /// Exports the firmware to the unencrypted volume.
+ ///
+ /// This command requires the admin PIN. The unencrypted volume must be in read-write mode
+ /// when this command is executed. Otherwise, it will still return `Ok` but not write the
+ /// firmware.
+ ///
+ /// This command unmounts the unencrypted volume if it has been mounted, so all buffers should
+ /// be flushed. The firmware is written to the `firmware.bin` file on the unencrypted volume.
+ ///
+ /// # Errors
+ ///
+ /// - [`InvalidString`][] if one of the provided passwords contains a null byte
+ /// - [`WrongPassword`][] if the admin password is wrong
+ ///
+ /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString
+ /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword
+ pub fn export_firmware(&self, admin_pin: &str) -> Result<(), CommandError> {
+ let admin_pin_string = get_cstring(admin_pin)?;
+ get_command_result(unsafe { nitrokey_sys::NK_export_firmware(admin_pin_string.as_ptr()) })
+ }
}
impl Drop for Storage {
diff --git a/tests/device.rs b/tests/device.rs
index 9985e7a..e40ae12 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -437,3 +437,21 @@ fn get_storage_status(device: Storage) {
assert!(status.serial_number_sd_card > 0);
assert!(status.serial_number_smart_card > 0);
}
+
+#[test_device]
+fn export_firmware(device: Storage) {
+ assert_eq!(
+ Err(CommandError::WrongPassword),
+ device.export_firmware("someadminpn")
+ );
+ assert_eq!(Ok(()), device.export_firmware(ADMIN_PASSWORD));
+ assert_eq!(
+ Ok(()),
+ device.set_unencrypted_volume_mode(ADMIN_PASSWORD, VolumeMode::ReadWrite)
+ );
+ assert_eq!(Ok(()), device.export_firmware(ADMIN_PASSWORD));
+ assert_eq!(
+ Ok(()),
+ device.set_unencrypted_volume_mode(ADMIN_PASSWORD, VolumeMode::ReadOnly)
+ );
+}