aboutsummaryrefslogtreecommitdiff
path: root/src/device.rs
Commit message (Collapse)AuthorAge
* Refactor and clean up all codeRobin Krahl2019-01-23
| | | | | | | This includes: - using idiomatic Rust - limiting the scope of unsafe blocks - simplifying code
* Prevent direct instantiation of Pro and StorageRobin Krahl2019-01-23
| | | | | | The Pro and Storage structs may only be created using the connect functions. This patch adds a private PhantomData field to the structs to ensure that the compiler does not allow direct instantiation.
* Check specific error codes in the testsRobin Krahl2019-01-20
| | | | | | | | | | If possible, check specific error codes instead of `is_err()`. This makes the code more readable and catches bugs resulting in the wrong error code. Also, using the assert_*_err and assert_ok macros yields error messages containing the expected and the actual value. To be able to use these macros with the `get_password_safe` method, we also have to implement `Debug` for `PasswordSafe` and `Device`.
* Return CommunicationError::NotConnected from connect functionsRobin Krahl2019-01-20
| | | | | | | | | Previously, we returned a CommandError::Undefined if a connect function failed. A CommunicationError::NotConnected is a more specific and better fitting choice. Once the Try trait has been stabilized, we should return an Option<_> instead of a Result<_, Error> from the connect functions.
* Refactor library errors into LibraryError enumRobin Krahl2019-01-20
| | | | | | Previously, library errors were part of the CommandError enum. As command errors and library errors are two different error types, they should be split into two enums.
* Return Error instead of CommandErrorRobin Krahl2019-01-20
| | | | | | | | | | This patch changes all public functions to return the Error enum instead of the CommandError enum. This breaks the tests which will be fixed with the next patch. This patch also adds a placeholder variant Error::CommandError and a placeholder enum CommandError to make the transition to a new nitrokey-test version easier.
* Move util::CommandError to the new error moduleRobin Krahl2019-01-20
| | | | This prepares the refactoring of util::CommandError into multiple enums.
* Introduce the FirmwareVersion structRobin Krahl2019-01-17
| | | | | | The FirmwareVersion struct stores the major and minor firmware version of a Nitrokey device. We refactor the StorageProductionInfo and StorageStatus structs to use this new struct.
* Fix typo: destory -> destroyDaniel Mueller2019-01-16
|
* Add the clear_new_sd_card_warning method to StorageRobin Krahl2019-01-14
| | | | | | The clear_new_sd_card_warning method calls the libnitrokey NK_clear_new_sd_card_warning function to reset the corresponding flag in the Storage status.
* Add the get_production_info method to the Storage structRobin Krahl2019-01-14
| | | | | | | | | | | The get_production_info method maps to the NK_get_production_info function of libnitrokey. The Storage firmware supports two query modes: with or without a write test. libnitrokey only performs the query without write test, so the fields that are only set for the write test are ignored in our implementation. This affects: - user and admin retry counts - smart card ID - SD card size
* Add export_firmware method to StorageRobin Krahl2019-01-12
| | | | | | | The export_firmware method writes the firmware of the Nitrokey Storage to the unencrypted storage. We only test that the command succeeds as mounting the unencrypted storage and accessing the file is out of scope for the tests.
* Add set_unencrypted_volume_mode to StorageRobin Krahl2019-01-12
| | | | | | | | | | The new set_unencrypted_volume_mode method sets the access mode of the unencrypted volume on the Nitrokey Storage. Depending on the requested access mode, it calls either NK_set_unencrypted_read_only_admin or NK_set_unencrypted_read_write_admin. Note that this function requires firmware version 0.51 or later. (Earlier firmware versions used the user PIN.)
* Introduce VolumeMode enum in deviceRobin Krahl2019-01-12
| | | | | | The VolumeMode enum will be used when setting the access mode for the unencrypted volume. It can also be used when refactoring the VolumeStatus enum in a future release.
* Add the wink method to the Storage structRobin Krahl2019-01-11
| | | | | | This patch adds the wink method to the Storage struct that lets the Nitrokey device blink until reconnected. We do not test this method as it does not change the state that we can observe.
* Add the connect_model functionRobin Krahl2019-01-07
| | | | | | This patch adds the global connect_model function that can be used to connect to a Nitrokey device of a given model. Contrary to Pro::connect and Storage::connect, the model does not have to be set at compile time.
* Rename device::connect_model to device::connect_enumRobin Krahl2019-01-07
| | | | connect_model will be used for a public function with the next patch.
* Document the Undefined error for the connect methodsRobin Krahl2019-01-07
|
* Add support for the hidden volumes on a Nitrokey StorageRobin Krahl2019-01-06
| | | | | | | | | | This patch introduces the methods enable_hidden_volume, disable_hidden_volume and create_hidden_volume for the Storage struct to support the hidden volumes on the Nitrokey Storage. The enable and create methods require that the encrypted storage has been enabled. Contrary to authentication and password safe access, we do not enforce this requirement in the API as file system operations could have unwanted side effects and should not performed implicitly.
* Update documentation and test for factory_resetRobin Krahl2019-01-04
| | | | | | Contrary to my previous beliefs, build_aes_key has to be called even after a factory reset using the Nitrokey API. This patch updates the documentation and the unit tests based on this insight.
* Fix documentation test for Storage::change_update_pinRobin Krahl2019-01-04
|
* Add Storage::enable_firmware_update methodRobin Krahl2019-01-03
| | | | | | | | This patch adds the enable_firmware_update method to the Storage struct that uses NK_enable_firmware_update to put the Nitrokey Storage into update mode. This method is not tested as external tooling is required to resume normal operation and as it is hard to bail out if an error occurs.
* Add Device::build_aes_key methodRobin Krahl2019-01-03
| | | | | | | | This patch adds the build_aes_key method to the Device trait that uses the NK_build_aes_key function to build new AES keys on the device. This effectively resets the password safe and the encrypted storage. It is unclear whether other data (e. g. the one-time passwords) are affected too.
* Add Device::factory_reset methodRobin Krahl2019-01-03
| | | | | | | This patch adds the factory_reset_method to the Device trait that uses the NK_factory_reset function to perform a factory reset. The tests verify that the user and admin PIN are reset and that the OTP storage and the password safe are deleted.
* Add Storage::change_update_pin methodRobin Krahl2019-01-03
| | | | | | This patch adds the change_update_pin method to the Storage struct that uses the NK_change_update_password function to set the password required for firmware updates.
* Preserve unknown error code valuesDaniel Mueller2019-01-03
| | | | | | | | | | The CommandError::Unknown variant, which is used whenever a reported error code is not known, makes it close to impossible to determine the root cause of, say, a one-off error, because all information explaining what went wrong is discarded. With this change we adjust the Unknown variant to include the error report. In addition, we introduce a new CommandError variant, Undefined, that is used when no error code is available.
* Fix get_model implementation for StorageRobin Krahl2018-12-30
|
* Fix formatting using to rustfmtRobin Krahl2018-12-30
|
* Add function Device::get_modelRobin Krahl2018-12-30
| | | | | This patch adds the function Device::get_model that returns the model of the connected Nitrokey stick.
* Fix examples for {Pro, Storage}::connect()Robin Krahl2018-12-16
|
* Use the crate:: path qualifier for modulesRobin Krahl2018-12-16
| | | | | | This patch changes use declarations for modules within this crate to use the crate:: path qualifier. This will be mandatory in Rust edition 2018.
* Use the dyn syntax for trait objectsRobin Krahl2018-12-16
| | | | | This patch changes the type of trait objects from `Trait` to `dyn Trait`. This fixes bare-trait-object compiler warnings.
* Add documentation for {Pro, Storage}::connect()Robin Krahl2018-12-16
|
* Fix formatting according to Rust style guideRobin Krahl2018-12-16
|
* Provide access to the status of a Nitrokey StorageRobin Krahl2018-12-10
| | | | | | This patch adds a `get_status` method to the `Storage` structure. The returned structure `StorageStatus` is based on the structure provided by libnitrokey.
* Add a Storage-only example to the DeviceWrapper documentationRobin Krahl2018-12-10
| | | | | | | As connect() now returns DeviceWrappers of the correct type, this patch adds an example to the DeviceWrapper documentation that shows how to use type conditions, i. e. how to execute a command only for Nitrokey Storage devices.
* Fix generic connections (connect()) to return correct deviceRobin Krahl2018-12-10
| | | | | | This patch fixes the generic connect() method to return a DeviceWrapper of the correct type. This is enabled by the NK_get_device_model() method introduced in libnitrokey v3.4.
* Use {} instead of {:?} where possibleRobin Krahl2018-06-07
| | | | | Most notably, for command errors, this will print a human-readable error message instead of just the name of the enum.
* Implement easier CString creationRobin Krahl2018-06-07
| | | | | | The new get_cstring method in util returns a Result<CString, CommandError>, so mast callers can just use the ? operator to unwrap the result instead of cumbersome unwrapping code.
* Use Result<(), CommandError> instead of CommandStatusRobin Krahl2018-06-07
| | | | | | The Result enum is more idiomatic and easier to use than our custom CommandStatus enum with the same structure. This is especially true for the try operator ?.
* Add support for encrypted volumeRobin Krahl2018-06-07
| | | | | | | | | | | | | | | | | This patch adds support for the commands to enable or disable the encrypted volume on the Nitrokey Storage. To test these commands, the output of lsblk is parsed for the device model “Nitrokey Storage”. This is not perfect but seems to be the best solution for automated testing. As the effect of enabling and disabling volumes is not immediate, a delay of two seconds is added to the tests before checking lsblk. This is sufficient on my machine, yet it would be better to have a portable version of this check. This patch also adds a lock method to Device that executes the lock_device command. This command was previously only used to close the password safe. On the Nitrokey Storage, it also disables the encrypted and hidden volume.
* Add support for unlock_user_password commandRobin Krahl2018-05-31
|
* Fix formatting issuesRobin Krahl2018-05-31
|
* Add Authenticate to the common traits extended by DeviceRobin Krahl2018-05-29
| | | | | Authenticate is supported by both the Nitrokey Pro and the Nitrokey Storage. Therefore Device should extend it.
* Add support for password safesRobin Krahl2018-05-29
| | | | | | | | | A password safe (PWS) stores names, logins and passwords in slots. PWS are supported both by the Nitrokey Pro and the Nitrokey Storage. They are implemented as a struct wrapping a device as the device may not be disconnected while the password safe is alive. The creation of a password safe is handled by the GetPasswordSafe trait, implemented by DeviceWrapper, Pro and Storage.
* Add rudimentary support for the Nitrokey StorageRobin Krahl2018-05-29
| | | | | This patch adds the Storage struct and the test-storage feature. It also enables all currently supported Pro commands for the Storage.
* Move Admin, User and Authenticate to auth moduleRobin Krahl2018-05-28
|
* Restructure trait implementations for wrappersRobin Krahl2018-05-28
| | | | | | | For DeviceWrapper, the traits GenerateOtp and Device are now directly implemented instead of complicated template implementations. For User and Admin, the wrapper implementations are replaced with an implementation of the Deref trait for easier access.
* Move set_time from Device to GenerateOtpRobin Krahl2018-05-28
| | | | | | The set_time operation is only used with TOTP generation. Therefore it makes more sense to have it in the GenerateOtp trait than in the Device trait.
* Remove duplicated documentation commentRobin Krahl2018-05-28
| | | | | | The defnition of the ConfigureOtp trait already contains documentation comments, therefore the comments in the implementation for User<T> can be removed.