|  | Commit message (Collapse) | Author | Age | 
|---|
| | 
| 
| 
| 
| | This release changes the Error enum to implement Send, Sync and 'static
for compatibility with error handling crates like anyhow. | 
| |\  
| | 
| | 
| | 
| | 
| | 
| | | This patch series refactors the Error enum and ensures that it is Send,
Sync and 'static.  This makes sure that it is compatible with the anyhow
crate.  To achieve this, we drop the RandError variant and remove the
sync::PoisonError value from the PoisonError variant. | 
| | | 
| | 
| | 
| | 
| | 
| | | The anyhow crate requires that error types are error::Error, Send, Sync
and 'static.  This patch implements a simple static assertion that our
Error type implements these traits. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | Since we update rand_os to version 0.2 in commit
6c138eaa850c745b97b7e48a201db0cbaad8e1e0, the random number generation
can no longer fail.  Therefore the Error::RandError variant is no longer
needed.
As we did not want to break the public API, we still kept the RandError
variant.  This patch removes the RandError variant for good. | 
| |/  
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
|   
| | Previously, the Error::PoisonError contained the sync::PoisonError that
caused the error.  This is problematic as sync::PoisonError does not
implement Send, making it impossible to use the Error enum with the
anyhow crate.  At the same time, storing the sync::PoisonError is not
very useful.  If a user wants to access the poisoned lock, they can call
the force_take function.
Therefore we remove the sync::PoisonError value from the Error::
PoisonError variant.  This also allows us to simplify the
From<sync::PoisonError<…>> and From<sync::TryLockError<…>>
implementations as we no longer need to know the type of the mutex that
caused the error.
For more information, see this thread:
	https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C68ed0f3f-d98f-63bc-04d2-81b6d6cde560%40posteo.net%3E | 
| | 
| 
| 
| 
| | This patch replaces calls to skip_while(…).next() for an iter::Iterator
with a call to find(…), as suggested by clippy. | 
| | |  | 
| |\ |  | 
| |/  
|   
|   
|   
|   
| | This release introduces a new struct SerialNumber that represents the
serial number of a Nitrokey device, replacing the strings we used
previously. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | The util module provides helper methods to deal with the C strings
returned by libnitrokey.  The current implementation has to problems:
- It causes unnecessary allocations if we only want to look at the
  string, for example in get_serial_number.
- If the conversion from a CStr to a String fails, the string pointer
  is not freed.
Therefore this patch introduces the run_with_str function that executes
a function with the string returned by libnitrokey and then makes sure
that the pointer is freed correctly. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | In a previous commit, we changed the serial number representation from a
string to an integer.  This made it easier to compare serial numbers,
but also introduced new problems:
- Serial numbers should be formatted consistently, for example as
  "{:#010x}".  It is hard to ensure this for an integer value.
- The format of the serial number may be subject to change.  Users
  should not rely too much on the u32 representation.
Therefore we introduce a new SerialNumber struct that represents a
serial number.  Currently it only stores a u32 value.  The following
traits and functions can be used to access its value:
- FromStr for string parsing
- ToString/Display for string formatting
- as_u32 to access the underlying integer value | 
| |\  
| | 
| | 
| | 
| | 
| | 
| | | This patch series changes the Device::get_config implementation to use
libnitrokey’s NK_get_status instead of NK_read_config.  This does
results in the same command being sent to the Nitrokey device, but
avoids a new[]/free mismatch and makes the parsing more robust. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | libnitrokey’s NK_read_config function returns a pointer to an array that
has been allocated using new[].  We would have to delete this pointer
using delete[], but we only have access to free.  Therefore this patch
modifies the Device::get_config function to call NK_get_status instead
of NK_read_config.
This also makes the code more safe as we get the data as a struct
instead of an array.  It does not add much overhead as NK_read_config
also executes the GET_STATUS command on the Nitrokey device. | 
| |/  
|   
|   
|   
|   
| | This makes it easier to parse only the config part of the NK_status
struct and avoids code duplication in the upcoming get_config
refactoring. | 
| |\ |  | 
| | | 
| | 
| | 
| | 
| | | This patch release makes the handling of the randomly generated
temporary passwords more robust. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | Previously, we silently cut off temporary passwords that contained a
null byte.  With the change to CString, we returned a LibraryError
instead.  With this patch, we change to generate_password function to
continue generating passwords until we have a password without a null
byte.
The chance of generating a password with a null byte is ca. 10 % for our
temporary password with 25 characters.  Therefore the chance of having
to re-generate the password multiple times is low enough that we don’t
bother with re-generating only the null bytes of the password for the
time being.  This should be improved in the future. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | We introduced the AuthenticatedDevice::temp_password_ptr function to
reduce the number of casts needed in our code base.  Since we switched
from Vec<u8> to CString, we no longer have to cast the return value of
as_ptr.  Therefore we can remove the temp_password_ptr function to
reduce code complexity. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | | This patch changes the generate_password function and the User and Admin
structs to use a CString instead of a Vec<u8> when storing temporary
passwords.  This makes sure that the strings that are passed to the C
API are properly null-terminated. | 
| | |\ |  | 
| | |\ \ |  | 
| | |\ \ \ |  | 
| | |\ \ \ \  
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | | This patch release changes the nitrokey-sys version specification to fix
a compilation error if nitrokey-sys v3.5.0 is selected (which was legal
with the previous specification). | 
| | | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | | This patch consistently uses u32 integers to store and return the serial
number of a Nitrokey device.  This makes it easier to convert and
compare the serial number, as it is a unique representation and as
formatting an integer cannot fail.  For more details, see this RFC:
	https://lists.sr.ht/~ireas/nitrokey-rs-dev/%3C20200126074816.GA1314%40ireas.org%3E | 
| | | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | | To make debugging of unexpected errors easier, this patch adds an
associated String value with a description of the unexpected behavior to
the UnexpectedError variant of the Error enum. | 
| |\ \ \ \ \ \  
| | |_|_|_|/  
| |/| | | | |  | 
| |/ / / / /  
| | | | |   
| | | | |   
| | | | |   
| | | | |   
| | | | | | This patch release contains a fix for the serial number formatting in
the list_devices function for Nitrokey Pro devices with firmware
versions older than 0.9. | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | Previously, we assumed that the serial number returned by hidapi
contains the Nitrokey serial number as the least significant bytes.  As
disussed here [0], this is not true for Nitrokey Pro devices with
firmware version 0.8 or older:  They write the serial number to the most
significant bytes instead.
This patch update the get_hidapi_serial_number function so that
list_devices now returns the correctly formatted and truncated serial
number for all Nitrokey Pro devices.  It also makes sure that the serial
number is lowercase to be consistent with libnitrokey’s formatting. | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | docs.rs seems to support only versioned links to source files.  This
patch replaces the link to docs.rs with a link to git.ireas.org to avoid
having to update the link with every release.  (Note that the last
release already contained a link to the wrong version.) | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | This patch replaces the invalid license identifier CC-0 with the correct
identifier CC0-1.0. | 
| |\ \ \ \ \  
| | |_|_|/  
| |/| | | |  | 
| |/ / / /  
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | |   
| | | | | This release adds support for these Nitrokey commands:
For all devices:
- Listing the connected devices and connecting to one of them
  (list_devices and Manager::connect_path).
- Querying the status of a Nitrokey device (Device::get_status).
For the Nitrokey Storage:
- Getting the SD card usage (Storage::get_sd_card_usage).
- Getting the status of a background operation
  (Storage::get_operation_status).
- Filling the SD card with random data (Storage::fill_sd_card).
With this release, we support all functions provided by libnitrokey –
except those listed as unsupported in the readme file.  Therefore we
should be able to release a stable version 1.0.0 soon. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch updates the readme with:
- more usage information, especially a pointer to the examples and to
  nitrocli,
- information about the supported features (= everything),
- information on how to use the system libnitrokey instead of building
  it from source. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | With commit f49e61589e32217f97c94aa86d826f6b65170fba, we changed the
GetPasswordSafe::get_password_safe to take a mutable reference to a
device.  This makes sure that we cannot have two PWS instances for one
device at the same time, so we can drop the corresponding item from the
todo list. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch adds two basic usage examples:  listing and connecting to
Nitrokey devices, and generating a one-time password. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch adds a new section about background operations to the crate
documentation. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch adds support for libnitrokey’s
NK_fill_SD_card_with_random_data function.  It is executed by the
fill_sd_card function of the Storage struct.  We also add a new test
case that is set to ignore because it takes between 30 and 60 minutes to
run. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch adds support for the NK_get_progress_bar_value function:  It
adds the OperationStatus enum that stores the return value of this
command and adds the get_operation_status function to the Storage struct
that executes the command. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | Somehow I forgot to derive the common traits for the new Status struct.
This patch adds the missing derive attribute for Clone, Copy, Debug and
PartialEq. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch removes two items from the todo list:
- Check timing in Storage tests:  Since we introduced the two seconds
  timeout, no test failed due to timing issues.  There is nothing we can
  do to check it more precisely, so we just have to live with it for
  now.
- Consider restructuring `device::StorageStatus`:  We already have
  structs for the volume status and firmware version.  There is no need
  to extract more fields. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch adds support for the NK_get_SD_usage_data function.  It
returns a range of the SD card that has not been accessed during this
power cycle. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | In the last patch, we added the get_status function to the Device trait.
This patch renames the Storage::get_status function to
get_storage_status to resolve the name clash – though allowed by the
compiler, it is rather confusing for the end user. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | This patch adds support for the GET_STATUS command that returns the
status information common to all Nitrokey devices.  It can be accessed
using the Device::get_status function and is stored in a Status struct.
Due to a bug in the Storage firmware [0], the GET_STATUS command returns
wrong firmware versions and serial numbers.  Until this is fixed in
libnitrokey [1], we have to manually execute the GET_DEVICE_STATUS
command to fix these values for the Nitrokey Storage.
Also, this leads to a name clash with the existing Storage::get_status
function, which will be renamed in an upcoming patch.
[0] https://github.com/Nitrokey/nitrokey-storage-firmware/issues/96
[1] https://github.com/Nitrokey/libnitrokey/issues/166 | 
| |\ \ \ \  
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | This patch series adds the list_devices function that returns a list of
available Nitrokey devices and the Manager::connect_path function that
connects to one of the available devices. | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | This patch adds the connect_path function to the Manager struct that
uses NK_connect_with_path to connect to a Nitrokey device at a given USB
path. | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | This patch adds support for libnitrokey’s NK_list_devices function by
introducing the top-level list_devices function.  It returns a vector of
DeviceInfo structs with information about all connected Nitrokey
devices. | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | In the next patch, we will add support for the NK_list_devices functions
that returns a list of NK_device_info structs with information about the
connected devices.  This patch introduces the DeviceInfo struct that
holds the information returned by NK_list_devices and that can be
created from a NK_device_info struct. | 
| | | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | A nitrokey_sys::NK_device_model (= u32) value may correspond to a
nitrokey::Model, and vice versa.  This patch adds the appropriate From
and TryFrom implementations. | 
| |/ / / /  
| | | |   
| | | |   
| | | |   
| | | |   
| | | | | This patch adds the UnsupportedModelError variant to the Error enum:
When parsing the model returned by libnitrokey, we should provide a
meaningful error message for unknown values. | 
| | | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | 
| | | | | After some more research, I decided not to implement some of the methods
provided by libnitrokey.  This patch adds them to the list of
unsupported functions in the readme, and removes them from the list of
unimplemented functions in the todo list. |