| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
We introduced the AuthenticatedDevice::temp_password_ptr function to
reduce the number of casts needed in our code base. Since we switched
from Vec<u8> to CString, we no longer have to cast the return value of
as_ptr. Therefore we can remove the temp_password_ptr function to
reduce code complexity.
|
| |
|
|
|
|
|
| |
This patch changes the generate_password function and the User and Admin
structs to use a CString instead of a Vec<u8> when storing temporary
passwords. This makes sure that the strings that are passed to the C
API are properly null-terminated.
|
| |
|
|
|
|
| |
Previously, the RawConfig struct had a try_from function. As the
TryFrom trait has been stabilized with Rust 1.34.0, we can use it
instead.
|
| |
|
|
|
|
| |
This patch updates the documentation to reflect the latest changes to
connection handling. It also updates the doc tests to prefer the new
methods over the old ones.
|
| |
|
|
|
|
|
|
| |
To enable applications like nitrokey-test to go back to a manager
instance from a Device instance, we add the into_manager function to the
Device trait. To do that, we have to keep track of the Manager’s
lifetime by adding a lifetime to Device (and then to some other traits
that use Device).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In the last patches, we ensured that devices can only be obtained using
the Manager struct. But we did not ensure that there is only one device
at a time. This patch adds a mutable reference to the Manager instance
to the Device implementations. The borrow checker makes sure that there
is only one mutable reference at a time.
In this patch, we have to remove the old connect, Pro::connect and
Storage::connect functions as they do no longer compile. (They discard
the MutexGuard which invalidates the reference to the Manager.)
Therefore the tests do no longer compile.
|
| |
|
|
| |
This reverts commit 0972bbe82623c3d9649b6023d8f50d304aa0cde6.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In the initial nitrokey-rs implementation, the Admin and the User struct
take the Device by value to make sure that the user cannot initiate a
second authentication while this first is still active (which would
invalidate the temporary password). Now we realized that this is not
necessary – taking a mutable reference has the same effect, but leads to
a much cleaner API.
This patch refactors the Admin and User structs – and all dependent code
– to use a mutable reference instead of a Device value.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously, all methods that access a Nitrokey device took a reference
to the device as input. This method changes methods that change the
device state to require a mutable reference instead. In most case,
this is straightforward as the method writes data to the device (for
example write_config or change_user_pin). But there are two edge cases:
- Authenticating with a PIN changes the device state as it may decrease
the PIN retry counter if the authentication fails.
- Generating an HOTP code changes the device state as it increases the
HOTP counter.
|
| |
|
|
|
|
| |
As we want to change some methods to take a mutable reference to a
Device, we implement DerefMut for User<T> and Admin<T> so that users can
obtain a mutable reference to the wrapped device.
|
| | |
|
| |
|
|
|
|
|
| |
This patch adds license and copyright information to all files to make
nitrokey-rs compliant with the REUSE practices [0].
[0] https://reuse.software/practices/2.0/
|
| |
|
|
|
|
|
| |
This includes:
- using idiomatic Rust
- limiting the scope of unsafe blocks
- simplifying code
|
| |
|
|
|
|
| |
To reduce the number of casts, we introduce the temp_password_ptr method
that casts the pointer received from the Vec<u8> to a c_char pointer
that can be handled by libnitrokey.
|
| |
|
|
|
|
| |
Previously, library errors were part of the CommandError enum. As
command errors and library errors are two different error types, they
should be split into two enums.
|
| |
|
|
|
|
|
| |
An error code can not only indiciate a command error, but also a library
or device communication error. Therefore, the variant for an unknown
error code should be placed in the top-level Error enum instead of the
CommandError enum.
|
| |
|
|
|
|
|
|
|
|
| |
This patch changes all public functions to return the Error enum instead
of the CommandError enum. This breaks the tests which will be fixed
with the next patch.
This patch also adds a placeholder variant Error::CommandError and a
placeholder enum CommandError to make the transition to a new
nitrokey-test version easier.
|
| |
|
|
| |
This prepares the refactoring of util::CommandError into multiple enums.
|
| |
|
|
|
|
|
|
|
| |
The random number generator used for the temporary password produces a
Vec<u8>. The libnitrokey functions using the temporary password require
a pointer to a c_char. Previously, we cast the u8 pointer to the
Vec<u8> to a i8 pointer (unsigned to signed). This leads to a type
mismatch if the char type is not signed. Therefore we now cast to
c_char instead of i8.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The rand crate comes with a slew of dependencies to cover all sort of
randomness related tasks in various scenarios. However, this crate
really only requires a tiny subset of this functionality. As it turns
out, this core functionality is provided by the rand_os crate.
This change drops the dependency to rand in favor of rand_os. In order
to accomplish that, it brings back the RngError variant for the
CommandError enum to capture the possibility of the creation of the
random number generator failing.
|
| |
|
|
|
| |
We switched to rand::thread_rng() which cannot fail. Therefore the
CommandError::RngError is no longer needed and removed in this patch.
|
| | |
|
| |
|
|
|
|
| |
This patch changes use declarations for modules within this crate to use
the crate:: path qualifier. This will be mandatory in Rust edition
2018.
|
| |
|
|
|
| |
Most notably, for command errors, this will print a human-readable error
message instead of just the name of the enum.
|
| |
|
|
|
|
| |
The new get_cstring method in util returns a Result<CString,
CommandError>, so mast callers can just use the ? operator to unwrap the
result instead of cumbersome unwrapping code.
|
| |
|
|
|
|
| |
The Result enum is more idiomatic and easier to use than our custom
CommandStatus enum with the same structure. This is especially true for
the try operator ?.
|
| | |
|
| |
|
|
|
|
| |
Previously, the Authenticate implementation for DeviceWrapper paniced if
the wrapped device is a Nitrokey Storage. This patch implements
authentication for wrapped Storage devices.
|
| |
|
|
|
| |
This patch adds the Storage struct and the test-storage feature. It
also enables all currently supported Pro commands for the Storage.
|
| |
|
