| Commit message (Collapse) | Author | Age |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This version contains these major changes:
- Refactoring of the error handling.
- Using mutability to represent changes to the device status.
- Updating the nitrokey-sys/libnitrokey dependency to version 3.5.
- Refactoring the connection management and introducing the Manager
struct.
|
| |
| |
| |
| |
| | |
To fix a compiler warning, we use the dyn keyword for trait arguments in
the otp.rs instead of using the trait directly.
|
| |
| |
| |
| |
| | |
This patch updates the readme regarding the support by Nitrokey UG and
fixes an editing error in the test section.
|
| |
| |
| |
| |
| |
| | |
Since Rust 1.34.0, we no longer need a `fn main` comment in doc tests
that return results. It is sufficient to have an `Ok` return value with
type annotations.
|
| |
| |
| |
| |
| |
| | |
Previously, the RawConfig struct had a try_from function. As the
TryFrom trait has been stabilized with Rust 1.34.0, we can use it
instead.
|
| |
| |
| |
| |
| | |
rand_os::OsRng has been deprecated. Instead we can use rand_core with
the getrandom feature.
|
| |
| |
| |
| |
| | |
This patch adds a new archlinux-msrv build that compiles the code and
the tests on the Minimum Supported Rust Version.
|
| |
| |
| |
| |
| |
| | |
The version 1.34.2 is picked arbitrarily as it is the Rust version in
Debian buster and nitrocli is known to work with it. Earlier versions
might work too, but they might break with any future release.
|
| |
| |
| |
| |
| | |
This patch adds a verify task to the lint build that checks the OpenPGP
signature of the last commit.
|
| |
| |
| |
| |
| | |
Previously, we used pip to manually install the fsfe-reuse package. Now
we can use the new AUR package reuse.
|
| |
| |
| |
| |
| |
| |
| | |
The Rust package for Arch includes rustfmt and clippy, so we don’t have
to use rustup for it. To make the builds simpler and faster, we move
the format and clippy tasks to the archlinux-*.yml build that already
has Rust installed.
|
| | |
|
| |
| |
| |
| |
| |
| | |
To comply with the new version 3.0 of the REUSE specification, we have
to add a copyright header to the .gitignore file and move the LICENSE
file to LICENSES/MIT.txt.
|
| |\ |
|
| | |
| | |
| | |
| | |
| | |
| | | |
This patch splits the rather large device module into the submodules
pro, storage and wrapper. This only changes the internal code structure
and does not affect the public API.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch updates the rand_core dependency to version 0.5 and the
rand_os dependency to version 0.2. This causes a change in util.rs:
Instead of constructing an OsRng instance using OsRng::new(), we can
directly instantiate the (now empty) struct.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, we were using a development version of nitrokey-test that
was compatible with nitrokey 0.4. This patch updates nitrokey-test to
version 0.3, which includes the required changes.
|
| |\ \ |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Due to a timing issue, some calls to the build_aes_key function may fail
after a factory reset. As a workaround for this firmware bug, we check
the user retry count before building the aes key in the factory_reset
test. For details, see the upstream issue:
https://github.com/Nitrokey/nitrokey-pro-firmware/issues/57
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
To avoid a ConcurrentAccessError, we have to use the
Device::into_manager function instead of calling take to obtain a
Manager instance.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch updates the nitrokey-test dependency to a new development
version that uses force_take instead of take to get a Manager instance.
If a test fails, the thread panics, leading to a poisoned cache – yet
this should not affect the other test cases. Therefore we want to
ignore the poisoned caches.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The take and take_blocking functions return a PoisonError if the cache
is poisoned, i. e. if a thread panicked while holding the manager. This
is a sensible default behaviour, but for example during testing, one
might want to ignore the poisoned cache. This patch adds the force_take
function that unwraps the PoisonError and returns the cached Manager
even if the cache was poisoned.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
During the connection manager refactoring, we temporarily used
deprecated methods. This is no longer the case, so we can remove the
allow(deprecated) attribute.
|
| |\ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Refactor the connection management to prevent multiple device
connections at the same time.
RFC: https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190126174327.tbuyk2s535kfiqm4%40localhost%3E
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This patch updates the documentation to reflect the latest changes to
connection handling. It also updates the doc tests to prefer the new
methods over the old ones.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The previous patches refactored the connection handling to use the
Manager struct. This patch changes the tests to use the new Manager
methods instead of the deprecated functions.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
To test the changes to connection handling, we temporarily use the
development version of nitrokey-test.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
To enable applications like nitrokey-test to go back to a manager
instance from a Device instance, we add the into_manager function to the
Device trait. To do that, we have to keep track of the Manager’s
lifetime by adding a lifetime to Device (and then to some other traits
that use Device).
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In the last patches, we ensured that devices can only be obtained using
the Manager struct. But we did not ensure that there is only one device
at a time. This patch adds a mutable reference to the Manager instance
to the Device implementations. The borrow checker makes sure that there
is only one mutable reference at a time.
In this patch, we have to remove the old connect, Pro::connect and
Storage::connect functions as they do no longer compile. (They discard
the MutexGuard which invalidates the reference to the Manager.)
Therefore the tests do no longer compile.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As part of the connection refactoring, this patch moves the connect
methods of the Pro and Storage structs into the Manager struct. To
maintain compatibility with nitrokey-test, the old methods are not
removed but marked as deprecated.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As part of the connection refactoring, this patch moves the
connect_model function to the Manager struct. As the connect_model
function is not used by nitrokey-test, it is removed.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As part of the connection refactoring, we replace the connect function
with the Manager::connect method. To maintain compatibility with
nitrokey-test, the connect function is not removed but marked as
deprecated.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As part of the connection refactoring, we introduce the Manager struct
that deals with connection management. To make sure there can be only
once instance of the manager, we add a global static Mutex that holds
the single Manager instance. We use the struct to ensure that the user
can only connect to one device at a time.
This also changes the Error::PoisonError variant to store the
sync::PoisonError. This allows the user to call into_inner on the
PoisonError to retrieve the MutexGuard and to ignore the error (for
example useful during testing).
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch prepares the refactoring of the connection methods by
introducing the Error variants ConcurrentAccessError and PoisonError.
ConcurrentAccessError indicates that the user tried to connect to
obtain a token that is currently locked, and PoisonError indicates that
a lock has been poisoned, i. e. a thread panicked while accessing using
a token.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch updates the list of unsupported functions in the README and
the TODO and the list of functions changed in the libnitrokey 3.5
release:
- List all `*_as_string` functions as unsupported.
- List deprecated functions as unsupported.
- List `NK_read_HOTP_slot` as unsupported until an equivalent function
for TOTP exists.
- Ignore the changes to `NK_get_progress_bar_value` as the function is
not yet used by `nitrokey-rs`.
- Add the new functions from version 3.5 to the list of missing
functions.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The new 0.2.1 version of nitrokey-test requires an additional crate,
nitrokey-test-state. This patch updates the nitrokey-test version and
adds the nitrokey-test-state dependency in version 0.1.0. See this
thread [0] for more information.
[0] https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3Ce3e908e5-3f66-7072-9603-8a4de5ac614b%40posteo.net%3E
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As the return type of the NK_get_{major,minor}_firmware_version methods
changed with libnitrokey 3.5, we also have to adapt our
get_firmware_version function in device.rs.
This patch also updates the changelog and the todo list with the changes
caused by the new libnitrokey version.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Firstly, the libnitrokey API contains breaking changes between minor
versions. Therefore we have to fix the nitrokey-sys version using a
tilde requirement ("~3.4" means ">= 3.4.0, < 3.5.0").
Secondly, nitrokey-test’s 0.2.1 release requires some changes that are
not yet implemented in this crate, so we have to pin its version to
0.2.0.
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The tests with the 0.4.0-alpha.1 version showed that the approach using
mutable references to the Device in User, Admin and PasswordSafe causes
problems in nitrocli, see [0]. Therefore, these changes are reverted.
[0] https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C43cc304d-23e8-7f95-2167-ce3f0530b81e%40posteo.net%3E
* revert:
Revert "Store mutable reference to Device in PasswordSafe"
Revert "Refactor User and Admin to use a mutable reference"
|
| | | |
| | | |
| | | |
| | | | |
This reverts commit 13006c00dcbd570cf8347d89557834e320427377.
|
| |/ /
| | |
| | |
| | | |
This reverts commit 0972bbe82623c3d9649b6023d8f50d304aa0cde6.
|
| | |
| | |
| | |
| | |
| | |
| | | |
In a previous commit, we introduced the DEFAULT_{ADMIN,USER}_PIN
constants. Therefore we no longer need in the {ADMIN,USER}_PASSWORD
constants in the util module for the tests.
|
| | | |
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
RFC:
https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20190126174327.tbuyk2s535kfiqm4%40localhost%3E
https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C43cc304d-23e8-7f95-2167-ce3f0530b81e%40posteo.net%3E
* mutable-references:
Store mutable reference to Device in PasswordSafe
Refactor User and Admin to use a mutable reference
Require mutable reference if method changes device state
Add device_mut method to DeviceWrapper
Implement DerefMut for User and Admin
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The current implementation of PasswordSafe stored a normal reference to
the Device. This patch changes the PasswordSafe struct to use a mutable
reference instead. This allows the borrow checker to make sure that
there is only one PasswordSafe instance at a time. While this is
currently not needed, it will become important once we can lock the PWS
on the Nitrokey when dropping the PasswordSafe instance.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In the initial nitrokey-rs implementation, the Admin and the User struct
take the Device by value to make sure that the user cannot initiate a
second authentication while this first is still active (which would
invalidate the temporary password). Now we realized that this is not
necessary – taking a mutable reference has the same effect, but leads to
a much cleaner API.
This patch refactors the Admin and User structs – and all dependent code
– to use a mutable reference instead of a Device value.
|