aboutsummaryrefslogtreecommitdiff
path: root/TODO.md
Commit message (Collapse)AuthorAge
* Remove NK_lock_device call from PasswordSafe::dropRobin Krahl2018-06-07
| | | | | | | | | | | | | | | | | | | When enabled, the password safe can be used without authentication. The lock device can be used to lock the password safe. Currently, PasswordSafe::drop calls this command to make sure that other applications cannot access the password safe without authentication. On the Nitrokey Storage, locking the device may also disable the encrypted or hidden volume. As using the password safe should not have side effects on the storage volumes, this patch removes the call to the lock device command from the Drop implementation. Instead, the user should call this method after making sure that it does not have side effects. A feature request for a command that only locks the password safe without side effects is submitted to the Nitrokey Storage firmware repository: https://github.com/Nitrokey/nitrokey-storage-firmware/issues/65
* Add support for encrypted volumeRobin Krahl2018-06-07
| | | | | | | | | | | | | | | | | This patch adds support for the commands to enable or disable the encrypted volume on the Nitrokey Storage. To test these commands, the output of lsblk is parsed for the device model “Nitrokey Storage”. This is not perfect but seems to be the best solution for automated testing. As the effect of enabling and disabling volumes is not immediate, a delay of two seconds is added to the tests before checking lsblk. This is sufficient on my machine, yet it would be better to have a portable version of this check. This patch also adds a lock method to Device that executes the lock_device command. This command was previously only used to close the password safe. On the Nitrokey Storage, it also disables the encrypted and hidden volume.
* Implement Drop for PasswordSafeRobin Krahl2018-06-05
| | | | | | By calling NK_lock_device when dropping a PasswordSafe instance, we can make sure that the password safe cannot be reused without authentication.
* Add traits for easier error handling to todo listRobin Krahl2018-06-05
| | | | | | Implementing Into<CommandError> for (Device, CommandError) might allow a user to use the ? operator on methods like authenticate_user within a method returning a CommandError.
* Add tests with different TOTP time windowsRobin Krahl2018-06-05
| | | | | | | | While 30 seconds is the default time step for TOTP, arbitrary values are possible. Yet the RFC does only provide test cases for the default time window. This patch adds tests where these test cases are applied for a time window of 60 seconds (if both the current time and the time window double, the resulting TOTP code is the same).
* Add support for unlock_user_password commandRobin Krahl2018-05-31
|
* Add support for password safesRobin Krahl2018-05-29
| | | | | | | | | A password safe (PWS) stores names, logins and passwords in slots. PWS are supported both by the Nitrokey Pro and the Nitrokey Storage. They are implemented as a struct wrapping a device as the device may not be disconnected while the password safe is alive. The creation of a password safe is handled by the GetPasswordSafe trait, implemented by DeviceWrapper, Pro and Storage.
* Add rudimentary support for the Nitrokey StorageRobin Krahl2018-05-29
| | | | | This patch adds the Storage struct and the test-storage feature. It also enables all currently supported Pro commands for the Storage.
* Group tests by tested functionalityRobin Krahl2018-05-28
|
* Improve log level documentationRobin Krahl2018-05-22
| | | | | | Now, the documentation clearly states the purpose of each log level. Also, the documentation for set_log_level is corrected: libnitrokey always prints to stderr.
* Add an example for setting the current timeRobin Krahl2018-05-22
| | | | | The example uses the chrono crate and can therefore not be executed, but at least it shows how to set the Nitrokey device to the current time.
* Use drop() instead of disconnect()Robin Krahl2018-05-22
| | | | | | | | Previously, the user had to explicitly call diconnect() to terminate the connection to the Nitrokey. Now NK_logout() is called automatically once the device is out of scope as UnauthenticatedDevice implements Drop. AdminAuthenticatedDevice and UserAuthenticatedDevice do not have to implement Drop, as it will be called recursively.
* Add support for change_admin_pin and change_user_pinRobin Krahl2018-05-22
|
* Add support for erase_hotp_slot and erase_totp_slotRobin Krahl2018-05-22
|
* Re-add segmentation fault issues to todo listRobin Krahl2018-05-21
| | | | | | I removed the segfault note in the todo list when moving to libnitrokey v3.3. Yet the commit fixing this issue -- 7a8550d -- is not part of that version.
* Use NK_login_enum instead of NK_loginRobin Krahl2018-05-21
| | | | | | NK_login used a string to identify the model to connect to. Since libnitrokey v3.3, we can use NK_login_enum together with an enum value as a more type-safe alternative.
* Add get_minor_firmware_version to DeviceRobin Krahl2018-05-21
| | | | Since libnitrokey v3.3, we can also access the minor firmware version.
* Update nitrokey-sys dependency to v3.3.0Robin Krahl2018-05-21
| | | | | | | Now libnitrokey v3.3 is compiled from source, fixing the problems with older libnitrokey versions (freeing strings, firmware version getter). Also, bindgen is no longer a build dependency. This makes the build process a lot faster.
* Initial commitRobin Krahl2018-05-19