summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* | | Document Minium Supported Rust Version in readme fileRobin Krahl2019-12-27
| | | | | | | | | | | | | | | | | | The version 1.34.2 is picked arbitrarily as it is the Rust version in Debian buster and nitrocli is known to work with it. Earlier versions might work too, but they might break with any future release.
* | | Add verify task to lint buildRobin Krahl2019-12-27
| | | | | | | | | | | | | | | This patch adds a verify task to the lint build that checks the OpenPGP signature of the last commit.
* | | Use the AUR package for reuse in the lint buildRobin Krahl2019-12-27
| | | | | | | | | | | | | | | Previously, we used pip to manually install the fsfe-reuse package. Now we can use the new AUR package reuse.
* | | Move format and clippy checks to archlinux-*.ymlRobin Krahl2019-12-27
| | | | | | | | | | | | | | | | | | | | | The Rust package for Arch includes rustfmt and clippy, so we don’t have to use rustup for it. To make the builds simpler and faster, we move the format and clippy tasks to the archlinux-*.yml build that already has Rust installed.
* | | Change license for configuration and documentation to CC0-1.0Robin Krahl2019-12-27
| | |
* | | Comply with version 3.0 of the REUSE specificationRobin Krahl2019-12-27
| | | | | | | | | | | | | | | | | | To comply with the new version 3.0 of the REUSE specification, we have to add a copyright header to the .gitignore file and move the LICENSE file to LICENSES/MIT.txt.
* | | Merge branch 'hotfix-0.3.5' into nextRobin Krahl2019-12-16
|\ \ \ | | |/ | |/|
| * | Release v0.3.5v0.3.5Robin Krahl2019-12-16
| | |
| * | Fix triggers and source URL in CI scriptsRobin Krahl2019-12-16
| | | | | | | | | | | | | | | | | | Due to a change in the CI infrastructure, we have to change the source URL for the CI scripts in .builds. Also, we can remove the triggers as they are automatically inferred by the build submit script.
| * | Update the nitrokey-sys version specification to ~3.4Robin Krahl2019-12-16
| |/ | | | | | | | | | | | | | | | | | | | | | | Previously, we required nitrokey-sys version 3.4, which allows the upgrade to nitrokey-sys 3.5. Unfortunately, libnitrokey version 3.5, which is packaged as nitrokey-sys 3.5, introduced breaking changes, breaking the semantic versioning guarantees and causing compilation errors if this version is selected. This patch changes the version specification from 3.4 to ~3.4, i. e. >= 3.4.0, < 3.5.0, to make sure that nitrokey-rs can be compiled without errors.
| * Merge branch 'hotfix-0.3.4'v0.3.4Robin Krahl2019-01-20
| |\
* | | Refactor the device module into submodulesRobin Krahl2019-07-16
| | | | | | | | | | | | | | | | | | This patch splits the rather large device module into the submodules pro, storage and wrapper. This only changes the internal code structure and does not affect the public API.
* | | Update rand_{core,os} dependenciesRobin Krahl2019-07-16
| | | | | | | | | | | | | | | | | | | | | This patch updates the rand_core dependency to version 0.5 and the rand_os dependency to version 0.2. This causes a change in util.rs: Instead of constructing an OsRng instance using OsRng::new(), we can directly instantiate the (now empty) struct.
* | | Release v0.4.0-alpha.3v0.4.0-alpha.3Robin Krahl2019-07-16
| | |
* | | Update the nitrokey-test dependency to version 0.3Robin Krahl2019-07-16
| | | | | | | | | | | | | | | | | | Previously, we were using a development version of nitrokey-test that was compatible with nitrokey 0.4. This patch updates nitrokey-test to version 0.3, which includes the required changes.
* | | Merge branch 'release-0.4.0-alpha.2' into nextRobin Krahl2019-07-15
|\ \ \
| * | | Release v0.4.0-alpha.2v0.4.0-alpha.2Robin Krahl2019-07-15
| | | |
* | | | Check retry count before building AES key in testRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to a timing issue, some calls to the build_aes_key function may fail after a factory reset. As a workaround for this firmware bug, we check the user retry count before building the aes key in the factory_reset test. For details, see the upstream issue: https://github.com/Nitrokey/nitrokey-pro-firmware/issues/57
* | | | Use into_manager in device connection testsRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | To avoid a ConcurrentAccessError, we have to use the Device::into_manager function instead of calling take to obtain a Manager instance.
* | | | Update nitrokey-test development versionRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch updates the nitrokey-test dependency to a new development version that uses force_take instead of take to get a Manager instance. If a test fails, the thread panics, leading to a poisoned cache – yet this should not affect the other test cases. Therefore we want to ignore the poisoned caches.
* | | | Add force_take function to ignore poisoned cacheRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The take and take_blocking functions return a PoisonError if the cache is poisoned, i. e. if a thread panicked while holding the manager. This is a sensible default behaviour, but for example during testing, one might want to ignore the poisoned cache. This patch adds the force_take function that unwraps the PoisonError and returns the cached Manager even if the cache was poisoned.
* | | | Remove allow(deprecated) attribute for in lib.rsRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | During the connection manager refactoring, we temporarily used deprecated methods. This is no longer the case, so we can remove the allow(deprecated) attribute.
* | | | Merge branch 'connection-manager-mut' into nextRobin Krahl2019-07-09
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the connection management to prevent multiple device connections at the same time. RFC: https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190126174327.tbuyk2s535kfiqm4%40localhost%3E
| * | | | Update documentation for Manager refactoringRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch updates the documentation to reflect the latest changes to connection handling. It also updates the doc tests to prefer the new methods over the old ones.
| * | | | Use Manager in device connection testsRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous patches refactored the connection handling to use the Manager struct. This patch changes the tests to use the new Manager methods instead of the deprecated functions.
| * | | | Update nitrokey-test to development versionRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | To test the changes to connection handling, we temporarily use the development version of nitrokey-test.
| * | | | Introduce into_manager for DeviceRobin Krahl2019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To enable applications like nitrokey-test to go back to a manager instance from a Device instance, we add the into_manager function to the Device trait. To do that, we have to keep track of the Manager’s lifetime by adding a lifetime to Device (and then to some other traits that use Device).
| * | | | Store mutable reference to Manager in DeviceRobin Krahl2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the last patches, we ensured that devices can only be obtained using the Manager struct. But we did not ensure that there is only one device at a time. This patch adds a mutable reference to the Manager instance to the Device implementations. The borrow checker makes sure that there is only one mutable reference at a time. In this patch, we have to remove the old connect, Pro::connect and Storage::connect functions as they do no longer compile. (They discard the MutexGuard which invalidates the reference to the Manager.) Therefore the tests do no longer compile.
| * | | | Move {Pro, Storage}::connect into ManagerRobin Krahl2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of the connection refactoring, this patch moves the connect methods of the Pro and Storage structs into the Manager struct. To maintain compatibility with nitrokey-test, the old methods are not removed but marked as deprecated.
| * | | | Move the connect_model function into ManagerRobin Krahl2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of the connection refactoring, this patch moves the connect_model function to the Manager struct. As the connect_model function is not used by nitrokey-test, it is removed.
| * | | | Move the connect function into ManagerRobin Krahl2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of the connection refactoring, we replace the connect function with the Manager::connect method. To maintain compatibility with nitrokey-test, the connect function is not removed but marked as deprecated.
| * | | | Add Manager struct to manage Nitrokey connectionsRobin Krahl2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of the connection refactoring, we introduce the Manager struct that deals with connection management. To make sure there can be only once instance of the manager, we add a global static Mutex that holds the single Manager instance. We use the struct to ensure that the user can only connect to one device at a time. This also changes the Error::PoisonError variant to store the sync::PoisonError. This allows the user to call into_inner on the PoisonError to retrieve the MutexGuard and to ignore the error (for example useful during testing).
| * | | | Add ConcurrentAccessError and PoisonError variantsRobin Krahl2019-07-08
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch prepares the refactoring of the connection methods by introducing the Error variants ConcurrentAccessError and PoisonError. ConcurrentAccessError indicates that the user tried to connect to obtain a token that is currently locked, and PoisonError indicates that a lock has been poisoned, i. e. a thread panicked while accessing using a token.
* | | | Update list of new and unsupported functionsRobin Krahl2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch updates the list of unsupported functions in the README and the TODO and the list of functions changed in the libnitrokey 3.5 release: - List all `*_as_string` functions as unsupported. - List deprecated functions as unsupported. - List `NK_read_HOTP_slot` as unsupported until an equivalent function for TOTP exists. - Ignore the changes to `NK_get_progress_bar_value` as the function is not yet used by `nitrokey-rs`. - Add the new functions from version 3.5 to the list of missing functions.
* | | | Fix formatting error in device.rsRobin Krahl2019-07-07
| | | |
* | | | Update nitrokey-test and add nitrokey-test-stateRobin Krahl2019-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new 0.2.1 version of nitrokey-test requires an additional crate, nitrokey-test-state. This patch updates the nitrokey-test version and adds the nitrokey-test-state dependency in version 0.1.0. See this thread [0] for more information. [0] https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3Ce3e908e5-3f66-7072-9603-8a4de5ac614b%40posteo.net%3E
* | | | Update nitrokey-sys to version 3.5Robin Krahl2019-07-05
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | As the return type of the NK_get_{major,minor}_firmware_version methods changed with libnitrokey 3.5, we also have to adapt our get_firmware_version function in device.rs. This patch also updates the changelog and the todo list with the changes caused by the new libnitrokey version.
* | | Fix cargo dependency version specificationsRobin Krahl2019-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Firstly, the libnitrokey API contains breaking changes between minor versions. Therefore we have to fix the nitrokey-sys version using a tilde requirement ("~3.4" means ">= 3.4.0, < 3.5.0"). Secondly, nitrokey-test’s 0.2.1 release requires some changes that are not yet implemented in this crate, so we have to pin its version to 0.2.0.
* | | Merge branch 'revert' into nextRobin Krahl2019-07-06
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The tests with the 0.4.0-alpha.1 version showed that the approach using mutable references to the Device in User, Admin and PasswordSafe causes problems in nitrocli, see [0]. Therefore, these changes are reverted. [0] https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C43cc304d-23e8-7f95-2167-ce3f0530b81e%40posteo.net%3E * revert: Revert "Store mutable reference to Device in PasswordSafe" Revert "Refactor User and Admin to use a mutable reference"
| * | | Revert "Store mutable reference to Device in PasswordSafe"Robin Krahl2019-02-05
| | | | | | | | | | | | | | | | This reverts commit 13006c00dcbd570cf8347d89557834e320427377.
| * | | Revert "Refactor User and Admin to use a mutable reference"Robin Krahl2019-02-05
|/ / / | | | | | | | | | This reverts commit 0972bbe82623c3d9649b6023d8f50d304aa0cde6.
* | | Remove PIN constants from testsRobin Krahl2019-02-04
| | | | | | | | | | | | | | | | | | In a previous commit, we introduced the DEFAULT_{ADMIN,USER}_PIN constants. Therefore we no longer need in the {ADMIN,USER}_PASSWORD constants in the util module for the tests.
* | | Release v0.4.0-alpha.1v0.4.0-alpha.1Robin Krahl2019-02-02
| | |
* | | Merge branch 'mutable-references' into nextRobin Krahl2019-02-02
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190126174327.tbuyk2s535kfiqm4%40localhost%3E https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C43cc304d-23e8-7f95-2167-ce3f0530b81e%40posteo.net%3E * mutable-references: Store mutable reference to Device in PasswordSafe Refactor User and Admin to use a mutable reference Require mutable reference if method changes device state Add device_mut method to DeviceWrapper Implement DerefMut for User and Admin
| * | | Store mutable reference to Device in PasswordSafeRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current implementation of PasswordSafe stored a normal reference to the Device. This patch changes the PasswordSafe struct to use a mutable reference instead. This allows the borrow checker to make sure that there is only one PasswordSafe instance at a time. While this is currently not needed, it will become important once we can lock the PWS on the Nitrokey when dropping the PasswordSafe instance.
| * | | Refactor User and Admin to use a mutable referenceRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the initial nitrokey-rs implementation, the Admin and the User struct take the Device by value to make sure that the user cannot initiate a second authentication while this first is still active (which would invalidate the temporary password). Now we realized that this is not necessary – taking a mutable reference has the same effect, but leads to a much cleaner API. This patch refactors the Admin and User structs – and all dependent code – to use a mutable reference instead of a Device value.
| * | | Require mutable reference if method changes device stateRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, all methods that access a Nitrokey device took a reference to the device as input. This method changes methods that change the device state to require a mutable reference instead. In most case, this is straightforward as the method writes data to the device (for example write_config or change_user_pin). But there are two edge cases: - Authenticating with a PIN changes the device state as it may decrease the PIN retry counter if the authentication fails. - Generating an HOTP code changes the device state as it increases the HOTP counter.
| * | | Add device_mut method to DeviceWrapperRobin Krahl2019-02-02
| | | | | | | | | | | | | | | | | | | | | | | | To prepare the mutability refactoring, we add a device_mut method to DeviceWrapper that can be used to obtain a mutable reference to the wrapped device.
| * | | Implement DerefMut for User and AdminRobin Krahl2019-02-02
|/ / / | | | | | | | | | | | | | | | As we want to change some methods to take a mutable reference to a Device, we implement DerefMut for User<T> and Admin<T> so that users can obtain a mutable reference to the wrapped device.
* | | Add set_encrypted_volume_mode method to StorageRobin Krahl2019-01-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we considered this command as unsupported as it only was available with firmware version 0.49. But as discussed in nitrocli issue 80 [0], it will probably be re-enabled in future firmware versions. Therefore this patch adds the set_encrypted_volume_mode to Storage. [0] https://github.com/d-e-s-o/nitrocli/issues/80