1 files changed, 41 insertions, 0 deletions

diff --git a/src/device.rs b/src/device.rs
index 73952cc..d6b9780 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -367,6 +367,47 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp {
             ))
         }
     }
+
+    /// Unlocks the user PIN after three failed login attempts and sets it to the given value.
+    ///
+    /// # Errors
+    ///
+    /// - [`InvalidString`][] if one of the provided passwords contains a null byte
+    /// - [`WrongPassword`][] if the admin password is wrong
+    ///
+    /// # Example
+    ///
+    /// ```no_run
+    /// use nitrokey::{CommandStatus, Device};
+    /// # use nitrokey::CommandError;
+    ///
+    /// # fn try_main() -> Result<(), CommandError> {
+    /// let device = nitrokey::connect()?;
+    /// match device.unlock_user_pin("12345678", "123456") {
+    ///     CommandStatus::Success => println!("Unlocked user PIN."),
+    ///     CommandStatus::Error(err) => println!("Failed to unlock user PIN: {:?}", err),
+    /// };
+    /// #     Ok(())
+    /// # }
+    /// ```
+    ///
+    /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString
+    /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword
+    fn unlock_user_pin(&self, admin_pin: &str, user_pin: &str) -> CommandStatus {
+        let admin_pin_string = CString::new(admin_pin);
+        let user_pin_string = CString::new(user_pin);
+        if admin_pin_string.is_err() || user_pin_string.is_err() {
+            return CommandStatus::Error(CommandError::InvalidString);
+        }
+        let admin_pin_string = admin_pin_string.unwrap();
+        let user_pin_string = user_pin_string.unwrap();
+        unsafe {
+            CommandStatus::from(nitrokey_sys::NK_unlock_user_password(
+                admin_pin_string.as_ptr(),
+                user_pin_string.as_ptr(),
+            ))
+        }
+    }
 }
 
 /// Connects to a Nitrokey device.  This method can be used to connect to any connected device,