| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
|
|
| |
In a previous commit, we used the non_exhaustive attribute to mark some
enums as non-exhaustive. This attribute was stabilized in Rust version
1.40.0, so we have to increase our minimum supported Rust version.
|
|
|
|
|
|
|
|
|
|
| |
The serial numuer check in the device tests are different for Storage
devices because the Nitrokey Storage currently does not report its
serial number in the status. Our previous implementation matched the
model to determine how to check the serial number. This no longer works
as we marked the model as non-exhaustive and was unnecessary. This
patch changes the test logic to perform the serial number test for all
devices except the Nitrokey Storage.
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously, all enums defined by the nitrokey crate were exhaustive.
This means that adding new variants to these enums is a breaking change.
To make it possible to add new features to nitrokey-rs without breaking
compatibility, this patch marks the Error, CommandError,
CommunicationError, LibraryError, Model and DeviceWrapper enums as
non-exhaustive.
|
|
|
|
|
|
| |
For a while now nitrocli now longer had the nitrocli/ subdirectory
present, as it used to when it was vendoring all its dependencies. With
this change we adjust the link to the project to reflect this change.
|
|
|
|
|
|
|
| |
This patch adds the FirmwareVersion struct to the re-exports in lib.rs.
Previosuly, nitrokey users where able to access FirmwareVersion values
as part of the Status struct and the Device::get_firmware_version method
but could not see its definition.
|
|\ |
|
|/
|
|
|
|
| |
This patch release contains a minor change to the Error enum so that
error handling frameworks like anyhow don’t produce redundant error
messages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes the custom implementation of the source method of the
std::error::Error trait for the error::Error type. This means that the
default implementation is used that always returns None. The reason for
this change is that we already print the error message of the source
error in the Display implementation. This leads to a duplicated error
message if both Display and source are checked, for example with
anyhow’s error formatting.
See this thread for more information:
https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C6e0b4dc8-9059-a113-e98e-b49e52818c75%40posteo.net%3E
|
|\ |
|
|/
|
|
|
| |
This release changes the Error enum to implement Send, Sync and 'static
for compatibility with error handling crates like anyhow.
|
|\
| |
| |
| |
| |
| |
| | |
This patch series refactors the Error enum and ensures that it is Send,
Sync and 'static. This makes sure that it is compatible with the anyhow
crate. To achieve this, we drop the RandError variant and remove the
sync::PoisonError value from the PoisonError variant.
|
| |
| |
| |
| |
| |
| | |
The anyhow crate requires that error types are error::Error, Send, Sync
and 'static. This patch implements a simple static assertion that our
Error type implements these traits.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since we update rand_os to version 0.2 in commit
6c138eaa850c745b97b7e48a201db0cbaad8e1e0, the random number generation
can no longer fail. Therefore the Error::RandError variant is no longer
needed.
As we did not want to break the public API, we still kept the RandError
variant. This patch removes the RandError variant for good.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the Error::PoisonError contained the sync::PoisonError that
caused the error. This is problematic as sync::PoisonError does not
implement Send, making it impossible to use the Error enum with the
anyhow crate. At the same time, storing the sync::PoisonError is not
very useful. If a user wants to access the poisoned lock, they can call
the force_take function.
Therefore we remove the sync::PoisonError value from the Error::
PoisonError variant. This also allows us to simplify the
From<sync::PoisonError<…>> and From<sync::TryLockError<…>>
implementations as we no longer need to know the type of the mutex that
caused the error.
For more information, see this thread:
https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C68ed0f3f-d98f-63bc-04d2-81b6d6cde560%40posteo.net%3E
|
|
|
|
|
| |
This patch replaces calls to skip_while(…).next() for an iter::Iterator
with a call to find(…), as suggested by clippy.
|
| |
|
|\ |
|
|/
|
|
|
|
| |
This release introduces a new struct SerialNumber that represents the
serial number of a Nitrokey device, replacing the strings we used
previously.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The util module provides helper methods to deal with the C strings
returned by libnitrokey. The current implementation has to problems:
- It causes unnecessary allocations if we only want to look at the
string, for example in get_serial_number.
- If the conversion from a CStr to a String fails, the string pointer
is not freed.
Therefore this patch introduces the run_with_str function that executes
a function with the string returned by libnitrokey and then makes sure
that the pointer is freed correctly.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In a previous commit, we changed the serial number representation from a
string to an integer. This made it easier to compare serial numbers,
but also introduced new problems:
- Serial numbers should be formatted consistently, for example as
"{:#010x}". It is hard to ensure this for an integer value.
- The format of the serial number may be subject to change. Users
should not rely too much on the u32 representation.
Therefore we introduce a new SerialNumber struct that represents a
serial number. Currently it only stores a u32 value. The following
traits and functions can be used to access its value:
- FromStr for string parsing
- ToString/Display for string formatting
- as_u32 to access the underlying integer value
|
|\
| |
| |
| |
| |
| |
| | |
This patch series changes the Device::get_config implementation to use
libnitrokey’s NK_get_status instead of NK_read_config. This does
results in the same command being sent to the Nitrokey device, but
avoids a new[]/free mismatch and makes the parsing more robust.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
libnitrokey’s NK_read_config function returns a pointer to an array that
has been allocated using new[]. We would have to delete this pointer
using delete[], but we only have access to free. Therefore this patch
modifies the Device::get_config function to call NK_get_status instead
of NK_read_config.
This also makes the code more safe as we get the data as a struct
instead of an array. It does not add much overhead as NK_read_config
also executes the GET_STATUS command on the Nitrokey device.
|
|/
|
|
|
|
| |
This makes it easier to parse only the config part of the NK_status
struct and avoids code duplication in the upcoming get_config
refactoring.
|
|\ |
|
| |
| |
| |
| |
| | |
This patch release makes the handling of the randomly generated
temporary passwords more robust.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we silently cut off temporary passwords that contained a
null byte. With the change to CString, we returned a LibraryError
instead. With this patch, we change to generate_password function to
continue generating passwords until we have a password without a null
byte.
The chance of generating a password with a null byte is ca. 10 % for our
temporary password with 25 characters. Therefore the chance of having
to re-generate the password multiple times is low enough that we don’t
bother with re-generating only the null bytes of the password for the
time being. This should be improved in the future.
|
| |
| |
| |
| |
| |
| |
| |
| | |
We introduced the AuthenticatedDevice::temp_password_ptr function to
reduce the number of casts needed in our code base. Since we switched
from Vec<u8> to CString, we no longer have to cast the return value of
as_ptr. Therefore we can remove the temp_password_ptr function to
reduce code complexity.
|
| |
| |
| |
| |
| |
| |
| | |
This patch changes the generate_password function and the User and Admin
structs to use a CString instead of a Vec<u8> when storing temporary
passwords. This makes sure that the strings that are passed to the C
API are properly null-terminated.
|
| |\ |
|
| |\ \ |
|
| |\ \ \ |
|
| |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This patch release changes the nitrokey-sys version specification to fix
a compilation error if nitrokey-sys v3.5.0 is selected (which was legal
with the previous specification).
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This patch consistently uses u32 integers to store and return the serial
number of a Nitrokey device. This makes it easier to convert and
compare the serial number, as it is a unique representation and as
formatting an integer cannot fail. For more details, see this RFC:
https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20200126074816.GA1314%40ireas.org%3E
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
To make debugging of unexpected errors easier, this patch adds an
associated String value with a description of the unexpected behavior to
the UnexpectedError variant of the Error enum.
|
|\ \ \ \ \ \
| | |_|_|_|/
| |/| | | | |
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This patch release contains a fix for the serial number formatting in
the list_devices function for Nitrokey Pro devices with firmware
versions older than 0.9.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously, we assumed that the serial number returned by hidapi
contains the Nitrokey serial number as the least significant bytes. As
disussed here [0], this is not true for Nitrokey Pro devices with
firmware version 0.8 or older: They write the serial number to the most
significant bytes instead.
This patch update the get_hidapi_serial_number function so that
list_devices now returns the correctly formatted and truncated serial
number for all Nitrokey Pro devices. It also makes sure that the serial
number is lowercase to be consistent with libnitrokey’s formatting.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
docs.rs seems to support only versioned links to source files. This
patch replaces the link to docs.rs with a link to git.ireas.org to avoid
having to update the link with every release. (Note that the last
release already contained a link to the wrong version.)
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This patch replaces the invalid license identifier CC-0 with the correct
identifier CC0-1.0.
|
|\ \ \ \ \
| | |_|_|/
| |/| | | |
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This release adds support for these Nitrokey commands:
For all devices:
- Listing the connected devices and connecting to one of them
(list_devices and Manager::connect_path).
- Querying the status of a Nitrokey device (Device::get_status).
For the Nitrokey Storage:
- Getting the SD card usage (Storage::get_sd_card_usage).
- Getting the status of a background operation
(Storage::get_operation_status).
- Filling the SD card with random data (Storage::fill_sd_card).
With this release, we support all functions provided by libnitrokey –
except those listed as unsupported in the readme file. Therefore we
should be able to release a stable version 1.0.0 soon.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch updates the readme with:
- more usage information, especially a pointer to the examples and to
nitrocli,
- information about the supported features (= everything),
- information on how to use the system libnitrokey instead of building
it from source.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With commit f49e61589e32217f97c94aa86d826f6b65170fba, we changed the
GetPasswordSafe::get_password_safe to take a mutable reference to a
device. This makes sure that we cannot have two PWS instances for one
device at the same time, so we can drop the corresponding item from the
todo list.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch adds two basic usage examples: listing and connecting to
Nitrokey devices, and generating a one-time password.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch adds a new section about background operations to the crate
documentation.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch adds support for libnitrokey’s
NK_fill_SD_card_with_random_data function. It is executed by the
fill_sd_card function of the Storage struct. We also add a new test
case that is set to ignore because it takes between 30 and 60 minutes to
run.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch adds support for the NK_get_progress_bar_value function: It
adds the OperationStatus enum that stores the return value of this
command and adds the get_operation_status function to the Storage struct
that executes the command.
|