summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge branch 'mutable-references' into nextRobin Krahl2019-02-02
|\ | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190126174327.tbuyk2s535kfiqm4%40localhost%3E https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C43cc304d-23e8-7f95-2167-ce3f0530b81e%40posteo.net%3E * mutable-references: Store mutable reference to Device in PasswordSafe Refactor User and Admin to use a mutable reference Require mutable reference if method changes device state Add device_mut method to DeviceWrapper Implement DerefMut for User and Admin
| * Store mutable reference to Device in PasswordSafeRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | The current implementation of PasswordSafe stored a normal reference to the Device. This patch changes the PasswordSafe struct to use a mutable reference instead. This allows the borrow checker to make sure that there is only one PasswordSafe instance at a time. While this is currently not needed, it will become important once we can lock the PWS on the Nitrokey when dropping the PasswordSafe instance.
| * Refactor User and Admin to use a mutable referenceRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | | | | | | | In the initial nitrokey-rs implementation, the Admin and the User struct take the Device by value to make sure that the user cannot initiate a second authentication while this first is still active (which would invalidate the temporary password). Now we realized that this is not necessary – taking a mutable reference has the same effect, but leads to a much cleaner API. This patch refactors the Admin and User structs – and all dependent code – to use a mutable reference instead of a Device value.
| * Require mutable reference if method changes device stateRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | | | | | | | Previously, all methods that access a Nitrokey device took a reference to the device as input. This method changes methods that change the device state to require a mutable reference instead. In most case, this is straightforward as the method writes data to the device (for example write_config or change_user_pin). But there are two edge cases: - Authenticating with a PIN changes the device state as it may decrease the PIN retry counter if the authentication fails. - Generating an HOTP code changes the device state as it increases the HOTP counter.
| * Add device_mut method to DeviceWrapperRobin Krahl2019-02-02
| | | | | | | | | | | | To prepare the mutability refactoring, we add a device_mut method to DeviceWrapper that can be used to obtain a mutable reference to the wrapped device.
| * Implement DerefMut for User and AdminRobin Krahl2019-02-02
|/ | | | | | As we want to change some methods to take a mutable reference to a Device, we implement DerefMut for User<T> and Admin<T> so that users can obtain a mutable reference to the wrapped device.
* Add set_encrypted_volume_mode method to StorageRobin Krahl2019-01-31
| | | | | | | | | | Previously, we considered this command as unsupported as it only was available with firmware version 0.49. But as discussed in nitrocli issue 80 [0], it will probably be re-enabled in future firmware versions. Therefore this patch adds the set_encrypted_volume_mode to Storage. [0] https://github.com/d-e-s-o/nitrocli/issues/80
* Consistently use yml file extension instead of yamlRobin Krahl2019-01-29
|
* Exclude build files in crates.io packageRobin Krahl2019-01-29
|
* Prefer eprintln over println for error messagesRobin Krahl2019-01-28
|
* Add assert_any_ok macro to unit testsRobin Krahl2019-01-28
| | | | | | | | Sometimes we cannot use assert_ok! as we can’t compare the Ok value (or do not want to). For these cases, this patch adds the new assert_any_ok macro to use instead of assert!(x.is_ok()). The advantage is that the error information is not discarded but printed in a helpful error message.
* Add unwrap_ok macro to replace unwrap in unit testsRobin Krahl2019-01-28
| | | | | | The unwrap error message is not very useful. This patch adds the unwrap_ok macro that is basically the same as unwrap but prints a more readable error message.
* Accept UTF-8 errors in password safe testsRobin Krahl2019-01-28
| | | | | | | After a factory reset or after building the AES key, the password safe contains garbage data. This will most likely not be valid UTF-8. Therefore we change the tests to also accept an UTF-8 error in these cases.
* Add get_firmware_version methodRobin Krahl2019-01-28
| | | | | | | | This patch combines the get_{major,minor}_firmware_version methods into the new get_firmware_version method that returns a FirmwareVersion struct. Currently, this requires casting from i32 to u8. But this will be fixed with the next libnitrokey version as we change the return types for the firmware getters.
* Always return a Result when communicating with a deviceRobin Krahl2019-01-27
| | | | | | | | Previously, we sometimes returned a value without wrapping it in a result if the API method did not indicate errors in the return value. But we can detect errors using the NK_get_last_command_status function. This patch changes the return types of these methods to Result<_, Error> and adds error checks.
* Release v0.4.0-alpha.0v0.4.0-alpha.0Robin Krahl2019-01-27
|
* Update sources URL in build filesRobin Krahl2019-01-27
|
* Add clippy to lint buildRobin Krahl2019-01-27
|
* Use if instead of match for boolean expressionRobin Krahl2019-01-27
|
* Replace or with or_else in get_cstringRobin Krahl2019-01-27
| | | | | To avoid unnecessary function calls, we replace the or with an or_else in get_cstring.
* Remove the static lifetime modifier from constantsRobin Krahl2019-01-27
| | | | | The DEFAULT_{ADMIN,USER}_PIN constants implicitly have static lifetime. Therefore we can remove the static lifetime modifiers.
* Rename Error::Unknown to Error::UnknownErrorRobin Krahl2019-01-27
| | | | | For consistency with the other Error variants, we rename Unknown to UnknownError.
* Remove the Result typedefRobin Krahl2019-01-27
| | | | | | | | | Many of our functions do not return a Result<_, Error>, but for example a Result<_, (Device, Error)>. We only use the typedef in one function, but it makes the other functions more complicated as we have to use result::Result (if crate::Result is imported). Therefore, this patch removes the typedef. Applications or libraries can still redefine it if they want to.
* Remove triggers from build scriptsRobin Krahl2019-01-25
| | | | | | I changed the build setup so that the trigger is determined by the branch being pushed to. Therefore the triggers in the build scripts are no longer needed and removed in this patch.
* Add tolerance for timing issues to the TOTP testsRobin Krahl2019-01-25
| | | | | | The TOTP test with the timestamp 59 often fails as the Nitrokey’s clock ticks between setting the time and generating the TOTP code. This patch also allows the TOTP code for timestamp 60 for this test case.
* Remove rand_core::Error from public APIRobin Krahl2019-01-25
| | | | | | | rand_core does not have a stable release yet, and it is unlikely that there will be one soon. To be able to stabilize nitrokey without waiting for a stable rand_core version, we remove the rand_core::Error type from the public API and replace it with a Box<dyn error::Error>.
* Add reuse linter to the lint buildRobin Krahl2019-01-23
| | | | | The reuse linter verifies that nitrokey-rs complies with the REUSE specification 2.0.
* Move format checks into lint buildRobin Krahl2019-01-23
| | | | | | While we want to test the code on multiple platforms and with different configurations, it is sufficient to execute the linting once. Therefore we move the formatting checks into a new lint build.
* Add license and copyright informationRobin Krahl2019-01-23
| | | | | | | This patch adds license and copyright information to all files to make nitrokey-rs compliant with the REUSE practices [0]. [0] https://reuse.software/practices/2.0/
* Refactor device::config test caseRobin Krahl2019-01-23
|
* Implement From<(T: Device, Error)> for ErrorRobin Krahl2019-01-23
| | | | | | Not all users of the authenticate methods want to use the device after an error, so implementing From<(T: Device, Error)> for Error makes it easier for them to discard the device.
* Return UTF-8 error if libnitrokey returns an invalid stringRobin Krahl2019-01-23
| | | | | | | Previously, we used lossy UTF-8 conversion. Yet the user should be notified if we have a problem instead of silently changing the data. Therefore, we now return an error if we enocunter an invalid UTF-8 string. This leads to a change in `get_library_version`’s signature.
* Add Error::Utf8Error variantRobin Krahl2019-01-23
| | | | | Previously, we just ignored UTF-8 errors. This patch prepares the Utf8Error variant so that we are able to return UTF-8 errors.
* Implement From<Pro> and From<Storage> for DeviceWrapperRobin Krahl2019-01-23
|
* Add Pro::new and Storage::new functionsRobin Krahl2019-01-23
|
* Refactor and clean up all codeRobin Krahl2019-01-23
| | | | | | | This includes: - using idiomatic Rust - limiting the scope of unsafe blocks - simplifying code
* Add temp_password_ptr method to AuthenticatedDeviceRobin Krahl2019-01-23
| | | | | | To reduce the number of casts, we introduce the temp_password_ptr method that casts the pointer received from the Vec<u8> to a c_char pointer that can be handled by libnitrokey.
* Prefer into() over numeric castingRobin Krahl2019-01-23
| | | | | | Numeric casting might truncate an integer, while into() is only implemented for numeric types if the cast is possible without truncation.
* Prevent direct instantiation of Pro and StorageRobin Krahl2019-01-23
| | | | | | The Pro and Storage structs may only be created using the connect functions. This patch adds a private PhantomData field to the structs to ensure that the compiler does not allow direct instantiation.
* Fix formatting in testsRobin Krahl2019-01-20
|
* Merge branch 'feature/error-refactoring' into nextRobin Krahl2019-01-20
|\ | | | | | | RFC: https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190117000856.slgb6jwkwd3qu6ey%40localhost%3E
| * Check specific error codes in the testsRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | | | If possible, check specific error codes instead of `is_err()`. This makes the code more readable and catches bugs resulting in the wrong error code. Also, using the assert_*_err and assert_ok macros yields error messages containing the expected and the actual value. To be able to use these macros with the `get_password_safe` method, we also have to implement `Debug` for `PasswordSafe` and `Device`.
| * Remove the unused CommandError::Undefined variantRobin Krahl2019-01-20
| | | | | | | | | | | | The CommandError::Undefined variant has been refactored into Error::UnexpectedError and CommunicationError::NotConnected and is therefore no longer needed.
| * Return CommunicationError::NotConnected from connect functionsRobin Krahl2019-01-20
| | | | | | | | | | | | | | | | | | Previously, we returned a CommandError::Undefined if a connect function failed. A CommunicationError::NotConnected is a more specific and better fitting choice. Once the Try trait has been stabilized, we should return an Option<_> instead of a Result<_, Error> from the connect functions.
| * Introduce the Error::UnexpectedError variantRobin Krahl2019-01-20
| | | | | | | | | | | | | | The UnexpectedError variant is used when a libnitrokey function returns a value that violates the function’s contract, for example if a function returns a null pointer although it guarantees to never return null. Previously, we returned a CommandError::Unspecified in these cases.
| * Make CommandError messages more generalRobin Krahl2019-01-20
| | | | | | | | For example, the WrongSlot error may also be returned for a PWS slot.
| * Remove CommandError::as_str methodRobin Krahl2019-01-20
| | | | | | | | | | AsStr is automatically implementeded if Display is implemented, so having a manual as_str() method is not necessary.
| * Add the CommunicationError enumRobin Krahl2019-01-20
| | | | | | | | | | | | Communication errors returned by libnitrokey were previously not mapped to an error type in the nitrokey crate. We introduce the CommunicationError enum to represent these errors.
| * Refactor library errors into LibraryError enumRobin Krahl2019-01-20
| | | | | | | | | | | | Previously, library errors were part of the CommandError enum. As command errors and library errors are two different error types, they should be split into two enums.
| * Move the CommandError::Unknown to ErrorRobin Krahl2019-01-20
| | | | | | | | | | | | | | An error code can not only indiciate a command error, but also a library or device communication error. Therefore, the variant for an unknown error code should be placed in the top-level Error enum instead of the CommandError enum.