aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Return UTF-8 error if libnitrokey returns an invalid stringRobin Krahl2019-01-23
| | | | | | | Previously, we used lossy UTF-8 conversion. Yet the user should be notified if we have a problem instead of silently changing the data. Therefore, we now return an error if we enocunter an invalid UTF-8 string. This leads to a change in `get_library_version`’s signature.
* Add Error::Utf8Error variantRobin Krahl2019-01-23
| | | | | Previously, we just ignored UTF-8 errors. This patch prepares the Utf8Error variant so that we are able to return UTF-8 errors.
* Implement From<Pro> and From<Storage> for DeviceWrapperRobin Krahl2019-01-23
|
* Add Pro::new and Storage::new functionsRobin Krahl2019-01-23
|
* Refactor and clean up all codeRobin Krahl2019-01-23
| | | | | | | This includes: - using idiomatic Rust - limiting the scope of unsafe blocks - simplifying code
* Add temp_password_ptr method to AuthenticatedDeviceRobin Krahl2019-01-23
| | | | | | To reduce the number of casts, we introduce the temp_password_ptr method that casts the pointer received from the Vec<u8> to a c_char pointer that can be handled by libnitrokey.
* Prefer into() over numeric castingRobin Krahl2019-01-23
| | | | | | Numeric casting might truncate an integer, while into() is only implemented for numeric types if the cast is possible without truncation.
* Prevent direct instantiation of Pro and StorageRobin Krahl2019-01-23
| | | | | | The Pro and Storage structs may only be created using the connect functions. This patch adds a private PhantomData field to the structs to ensure that the compiler does not allow direct instantiation.
* Fix formatting in testsRobin Krahl2019-01-20
|
* Merge branch 'feature/error-refactoring' into nextRobin Krahl2019-01-20
|\ | | | | | | RFC: https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190117000856.slgb6jwkwd3qu6ey%40localhost%3E
| * Check specific error codes in the testsRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | | | If possible, check specific error codes instead of `is_err()`. This makes the code more readable and catches bugs resulting in the wrong error code. Also, using the assert_*_err and assert_ok macros yields error messages containing the expected and the actual value. To be able to use these macros with the `get_password_safe` method, we also have to implement `Debug` for `PasswordSafe` and `Device`.
| * Remove the unused CommandError::Undefined variantRobin Krahl2019-01-20
| | | | | | | | | | | | The CommandError::Undefined variant has been refactored into Error::UnexpectedError and CommunicationError::NotConnected and is therefore no longer needed.
| * Return CommunicationError::NotConnected from connect functionsRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | Previously, we returned a CommandError::Undefined if a connect function failed. A CommunicationError::NotConnected is a more specific and better fitting choice. Once the Try trait has been stabilized, we should return an Option<_> instead of a Result<_, Error> from the connect functions.
| * Introduce the Error::UnexpectedError variantRobin Krahl2019-01-20
| | | | | | | | | | | | | | The UnexpectedError variant is used when a libnitrokey function returns a value that violates the function’s contract, for example if a function returns a null pointer although it guarantees to never return null. Previously, we returned a CommandError::Unspecified in these cases.
| * Make CommandError messages more generalRobin Krahl2019-01-20
| | | | | | | | For example, the WrongSlot error may also be returned for a PWS slot.
| * Remove CommandError::as_str methodRobin Krahl2019-01-20
| | | | | | | | | | AsStr is automatically implementeded if Display is implemented, so having a manual as_str() method is not necessary.
| * Add the CommunicationError enumRobin Krahl2019-01-20
| | | | | | | | | | | | Communication errors returned by libnitrokey were previously not mapped to an error type in the nitrokey crate. We introduce the CommunicationError enum to represent these errors.
| * Refactor library errors into LibraryError enumRobin Krahl2019-01-20
| | | | | | | | | | | | Previously, library errors were part of the CommandError enum. As command errors and library errors are two different error types, they should be split into two enums.
| * Move the CommandError::Unknown to ErrorRobin Krahl2019-01-20
| | | | | | | | | | | | | | An error code can not only indiciate a command error, but also a library or device communication error. Therefore, the variant for an unknown error code should be placed in the top-level Error enum instead of the CommandError enum.
| * Refactor CommandError::RngError into Error::RandErrorRobin Krahl2019-01-20
| | | | | | | | | | We reserve CommandError for errors returned by the Nitrokey device. Errors during random number generation should have their own type.
| * Enable std feature for rand_coreRobin Krahl2019-01-20
| | | | | | | | | | | | With the std feature enabled, rand_core::Error implements std::error::Error, which we require for the error types wrapped in the Error enum.
| * Add assert_cmd_err and assert_ok macros to testsRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | These macros allow easier comparisions using the new error type. This patch fixes all tests and updates nitrokey-test to 0.2.0 so that it integrates with the new error structure. Some tests may still fail until CommunicationError::NotConnected is actually returned.
| * Return Error instead of CommandErrorRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | | | This patch changes all public functions to return the Error enum instead of the CommandError enum. This breaks the tests which will be fixed with the next patch. This patch also adds a placeholder variant Error::CommandError and a placeholder enum CommandError to make the transition to a new nitrokey-test version easier.
| * Add the Error enum and the Result<T> typedefRobin Krahl2019-01-20
| | | | | | | | | | The Error enum is a wrapper for the possible error types (currently only CommandError). Result<T> is defined as Result<T, Error>.
| * Implement std::error::Error for error::CommandErrorRobin Krahl2019-01-20
| |
| * Move util::CommandError to the new error moduleRobin Krahl2019-01-20
|/ | | | This prepares the refactoring of util::CommandError into multiple enums.
* Merge branch 'hotfix-0.3.4' into nextRobin Krahl2019-01-20
|\
| * Release v0.3.4Robin Krahl2019-01-20
| |
| * Pass temporary password as *const c_charRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | The random number generator used for the temporary password produces a Vec<u8>. The libnitrokey functions using the temporary password require a pointer to a c_char. Previously, we cast the u8 pointer to the Vec<u8> to a i8 pointer (unsigned to signed). This leads to a type mismatch if the char type is not signed. Therefore we now cast to c_char instead of i8.
* | Introduce DEFAULT_ADMIN_PIN and DEFAULT_USER_PIN constantsRobin Krahl2019-01-19
| | | | | | | | The constants can be used for tests or after a factory reset.
* | Implement Display for VersionRobin Krahl2019-01-17
| |
* | Introduce the FirmwareVersion structRobin Krahl2019-01-17
| | | | | | | | | | | | The FirmwareVersion struct stores the major and minor firmware version of a Nitrokey device. We refactor the StorageProductionInfo and StorageStatus structs to use this new struct.
* | Document that NK_is_AES_supported is unsupportedRobin Krahl2019-01-16
| | | | | | | | | | | | NK_is_AES_supported is not needed for newer firmware versions of the Pro and Storage, see this discussion for more information: https://github.com/Nitrokey/libnitrokey/issues/142
* | Remove the test-pro and test-storage featuresRobin Krahl2019-01-16
|/ | | | | | | Since commit 65bff57e6139cc126191d4faabbcf74118932dd2, we use the nitrokey-test crate to select test cases. Previously, we used the features test-pro and test-storage to select test suites. These features are now obsolete.
* Release v0.3.3v0.3.3Robin Krahl2019-01-16
|
* Add build with USE_SYSTEM_LIBNITROKEY=1Robin Krahl2019-01-16
| | | | | The archlinux build compiles libnitrokey from source. Now we also verify that we can use the system libnitrokey version.
* Document and test empty Git versionsRobin Krahl2019-01-16
| | | | | If libnitrokey has not been built from a clone of the Git repository, the Git version string may be empty.
* Add delay between factory reset and building AES key in testsRobin Krahl2019-01-16
| | | | | | | | There seems to be a bug in libnitrokey or the Nitrokey Storage firmware that causes problems when chaining factory reset and build_AES_keys without delay (upstream issue [0]). [0] https://github.com/Nitrokey/nitrokey-storage-firmware/issues/80
* Build AES key after factory reset in testsRobin Krahl2019-01-16
| | | | | | The device::clear_new_sd_card_warning used to perform a factory reset without building an AES key. This led to errors in tests that assume that an AES key is present.
* Make device::factory_reset test more robustRobin Krahl2019-01-16
| | | | | | | | | | | The device::factory_reset test used to first change the PINs and then access the PWS and the OTP data. If for example the PWS access failed due to an problem with the AES key, the PINs were not reset. Now we perform the PWS and OTP access with the old PINs – which is okay as we do not want to test the PIN change but the factory reset. If these preparations fail, the tests is cancelled before the PINs are changed.
* pws: Interpret empty strings as unprogrammed slotsRobin Krahl2019-01-16
| | | | | | | | | | | | Until the last commit, all empty strings returned by the library were interepreted as errors. As the PWS functions return empty strings for unprogrammed slots, the methods to access the PWS data returned an error when querying a slot that is not programmed. Since the last commit, they return an empty string instead. This patch restores the old behavior by returning an error instead of an empty string. Yet we change the error variant: SlotNotProgrammed instead of Undefined.
* Fix result_from_string for empty return valuesRobin Krahl2019-01-16
| | | | | | | | | | | An empty string returned from a libnitrokey function can either indicate an error or be a valid return value. Previously, we assumed that it indicates an error. But instead, we should check the last command status and use it to decide whether to return the empty string or an error code. This breaks the unit tests that assume that empty strings cause errors. These will be fixed in the next patches.
* Fix typo: destory -> destroyDaniel Mueller2019-01-16
|
* Add CI build script for sr.htRobin Krahl2019-01-15
|
* Use rand_os for random data generationDaniel Mueller2019-01-14
| | | | | | | | | | | | The rand crate comes with a slew of dependencies to cover all sort of randomness related tasks in various scenarios. However, this crate really only requires a tiny subset of this functionality. As it turns out, this core functionality is provided by the rand_os crate. This change drops the dependency to rand in favor of rand_os. In order to accomplish that, it brings back the RngError variant for the CommandError enum to capture the possibility of the creation of the random number generator failing.
* Add the clear_new_sd_card_warning method to StorageRobin Krahl2019-01-14
| | | | | | The clear_new_sd_card_warning method calls the libnitrokey NK_clear_new_sd_card_warning function to reset the corresponding flag in the Storage status.
* Add the get_production_info method to the Storage structRobin Krahl2019-01-14
| | | | | | | | | | | The get_production_info method maps to the NK_get_production_info function of libnitrokey. The Storage firmware supports two query modes: with or without a write test. libnitrokey only performs the query without write test, so the fields that are only set for the write test are ignored in our implementation. This affects: - user and admin retry counts - smart card ID - SD card size
* Release v0.3.2v0.3.2Robin Krahl2019-01-12
|
* Add export_firmware to the change logRobin Krahl2019-01-12
|
* Add export_firmware method to StorageRobin Krahl2019-01-12
| | | | | | | The export_firmware method writes the firmware of the Nitrokey Storage to the unencrypted storage. We only test that the command succeeds as mounting the unencrypted storage and accessing the file is out of scope for the tests.