diff options
Diffstat (limited to 'src/auth.rs')
-rw-r--r-- | src/auth.rs | 51 |
1 files changed, 21 insertions, 30 deletions
diff --git a/src/auth.rs b/src/auth.rs index 0b000f7..5ca59da 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -1,13 +1,13 @@ // Copyright (C) 2018-2019 Robin Krahl <robin.krahl@ireas.org> // SPDX-License-Identifier: MIT +use std::convert::TryFrom as _; +use std::ffi::CString; use std::marker; use std::ops; use std::os::raw::c_char; use std::os::raw::c_int; -use nitrokey_sys; - use crate::config::{Config, RawConfig}; use crate::device::{Device, DeviceWrapper, Pro, Storage}; use crate::error::Error; @@ -116,9 +116,7 @@ pub trait Authenticate<'a> { } trait AuthenticatedDevice<T> { - fn new(device: T, temp_password: Vec<u8>) -> Self; - - fn temp_password_ptr(&self) -> *const c_char; + fn new(device: T, temp_password: CString) -> Self; } /// A Nitrokey device with user authentication. @@ -128,12 +126,12 @@ trait AuthenticatedDevice<T> { /// method. /// /// [`Authenticate`]: trait.Authenticate.html -/// [`authenticate_admin`]: trait.Authenticate.html#method.authenticate_admin +/// [`authenticate_user`]: trait.Authenticate.html#method.authenticate_user /// [`device`]: #method.device #[derive(Debug)] pub struct User<'a, T: Device<'a>> { device: T, - temp_password: Vec<u8>, + temp_password: CString, marker: marker::PhantomData<&'a T>, } @@ -149,7 +147,7 @@ pub struct User<'a, T: Device<'a>> { #[derive(Debug)] pub struct Admin<'a, T: Device<'a>> { device: T, - temp_password: Vec<u8>, + temp_password: CString, marker: marker::PhantomData<&'a T>, } @@ -168,7 +166,7 @@ where Err(err) => return Err((device, err)), }; let password_ptr = password.as_ptr(); - let temp_password_ptr = temp_password.as_ptr() as *const c_char; + let temp_password_ptr = temp_password.as_ptr(); match callback(password_ptr, temp_password_ptr) { 0 => Ok(A::new(device, temp_password)), rv => Err((device, Error::from(rv))), @@ -233,29 +231,25 @@ impl<'a, T: Device<'a>> ops::DerefMut for User<'a, T> { impl<'a, T: Device<'a>> GenerateOtp for User<'a, T> { fn get_hotp_code(&mut self, slot: u8) -> Result<String, Error> { result_from_string(unsafe { - nitrokey_sys::NK_get_hotp_code_PIN(slot, self.temp_password_ptr()) + nitrokey_sys::NK_get_hotp_code_PIN(slot, self.temp_password.as_ptr()) }) } fn get_totp_code(&self, slot: u8) -> Result<String, Error> { result_from_string(unsafe { - nitrokey_sys::NK_get_totp_code_PIN(slot, 0, 0, 0, self.temp_password_ptr()) + nitrokey_sys::NK_get_totp_code_PIN(slot, 0, 0, 0, self.temp_password.as_ptr()) }) } } impl<'a, T: Device<'a>> AuthenticatedDevice<T> for User<'a, T> { - fn new(device: T, temp_password: Vec<u8>) -> Self { + fn new(device: T, temp_password: CString) -> Self { User { device, temp_password, marker: marker::PhantomData, } } - - fn temp_password_ptr(&self) -> *const c_char { - self.temp_password.as_ptr() as *const c_char - } } impl<'a, T: Device<'a>> ops::Deref for Admin<'a, T> { @@ -284,7 +278,8 @@ impl<'a, T: Device<'a>> Admin<'a, T> { /// /// # Errors /// - /// - [`InvalidSlot`][] if the provided numlock, capslock or scrolllock slot is larger than two + /// - [`InvalidSlot`][] if the provided Num Lock, Caps Lock or Scroll Lock slot is larger than + /// two /// /// # Example /// @@ -312,12 +307,12 @@ impl<'a, T: Device<'a>> Admin<'a, T> { let raw_config = RawConfig::try_from(config)?; get_command_result(unsafe { nitrokey_sys::NK_write_config( - raw_config.numlock, - raw_config.capslock, - raw_config.scrollock, + raw_config.num_lock, + raw_config.caps_lock, + raw_config.scroll_lock, raw_config.user_password, false, - self.temp_password_ptr(), + self.temp_password.as_ptr(), ) }) } @@ -336,7 +331,7 @@ impl<'a, T: Device<'a>> ConfigureOtp for Admin<'a, T> { raw_data.use_enter, raw_data.use_token_id, raw_data.token_id.as_ptr(), - self.temp_password_ptr(), + self.temp_password.as_ptr(), ) }) } @@ -353,36 +348,32 @@ impl<'a, T: Device<'a>> ConfigureOtp for Admin<'a, T> { raw_data.use_enter, raw_data.use_token_id, raw_data.token_id.as_ptr(), - self.temp_password_ptr(), + self.temp_password.as_ptr(), ) }) } fn erase_hotp_slot(&mut self, slot: u8) -> Result<(), Error> { get_command_result(unsafe { - nitrokey_sys::NK_erase_hotp_slot(slot, self.temp_password_ptr()) + nitrokey_sys::NK_erase_hotp_slot(slot, self.temp_password.as_ptr()) }) } fn erase_totp_slot(&mut self, slot: u8) -> Result<(), Error> { get_command_result(unsafe { - nitrokey_sys::NK_erase_totp_slot(slot, self.temp_password_ptr()) + nitrokey_sys::NK_erase_totp_slot(slot, self.temp_password.as_ptr()) }) } } impl<'a, T: Device<'a>> AuthenticatedDevice<T> for Admin<'a, T> { - fn new(device: T, temp_password: Vec<u8>) -> Self { + fn new(device: T, temp_password: CString) -> Self { Admin { device, temp_password, marker: marker::PhantomData, } } - - fn temp_password_ptr(&self) -> *const c_char { - self.temp_password.as_ptr() as *const c_char - } } impl<'a> Authenticate<'a> for DeviceWrapper<'a> { |