summaryrefslogtreecommitdiff
path: root/src/pws.rs
Commit message (Collapse)AuthorAge
* Remove unused importsRobin Krahl2020-07-08
|
* Update documentation for Manager refactoringRobin Krahl2019-07-09
| | | | | | This patch updates the documentation to reflect the latest changes to connection handling. It also updates the doc tests to prefer the new methods over the old ones.
* Introduce into_manager for DeviceRobin Krahl2019-07-09
| | | | | | | | To enable applications like nitrokey-test to go back to a manager instance from a Device instance, we add the into_manager function to the Device trait. To do that, we have to keep track of the Manager’s lifetime by adding a lifetime to Device (and then to some other traits that use Device).
* Store mutable reference to Manager in DeviceRobin Krahl2019-07-08
| | | | | | | | | | | | | In the last patches, we ensured that devices can only be obtained using the Manager struct. But we did not ensure that there is only one device at a time. This patch adds a mutable reference to the Manager instance to the Device implementations. The borrow checker makes sure that there is only one mutable reference at a time. In this patch, we have to remove the old connect, Pro::connect and Storage::connect functions as they do no longer compile. (They discard the MutexGuard which invalidates the reference to the Manager.) Therefore the tests do no longer compile.
* Revert "Store mutable reference to Device in PasswordSafe"Robin Krahl2019-02-05
| | | | This reverts commit 13006c00dcbd570cf8347d89557834e320427377.
* Store mutable reference to Device in PasswordSafeRobin Krahl2019-02-02
| | | | | | | | | The current implementation of PasswordSafe stored a normal reference to the Device. This patch changes the PasswordSafe struct to use a mutable reference instead. This allows the borrow checker to make sure that there is only one PasswordSafe instance at a time. While this is currently not needed, it will become important once we can lock the PWS on the Nitrokey when dropping the PasswordSafe instance.
* Require mutable reference if method changes device stateRobin Krahl2019-02-02
| | | | | | | | | | | | Previously, all methods that access a Nitrokey device took a reference to the device as input. This method changes methods that change the device state to require a mutable reference instead. In most case, this is straightforward as the method writes data to the device (for example write_config or change_user_pin). But there are two edge cases: - Authenticating with a PIN changes the device state as it may decrease the PIN retry counter if the authentication fails. - Generating an HOTP code changes the device state as it increases the HOTP counter.
* Prefer eprintln over println for error messagesRobin Krahl2019-01-28
|
* Add license and copyright informationRobin Krahl2019-01-23
| | | | | | | This patch adds license and copyright information to all files to make nitrokey-rs compliant with the REUSE practices [0]. [0] https://reuse.software/practices/2.0/
* Refactor and clean up all codeRobin Krahl2019-01-23
| | | | | | | This includes: - using idiomatic Rust - limiting the scope of unsafe blocks - simplifying code
* Check specific error codes in the testsRobin Krahl2019-01-20
| | | | | | | | | | If possible, check specific error codes instead of `is_err()`. This makes the code more readable and catches bugs resulting in the wrong error code. Also, using the assert_*_err and assert_ok macros yields error messages containing the expected and the actual value. To be able to use these macros with the `get_password_safe` method, we also have to implement `Debug` for `PasswordSafe` and `Device`.
* Refactor library errors into LibraryError enumRobin Krahl2019-01-20
| | | | | | Previously, library errors were part of the CommandError enum. As command errors and library errors are two different error types, they should be split into two enums.
* Return Error instead of CommandErrorRobin Krahl2019-01-20
| | | | | | | | | | This patch changes all public functions to return the Error enum instead of the CommandError enum. This breaks the tests which will be fixed with the next patch. This patch also adds a placeholder variant Error::CommandError and a placeholder enum CommandError to make the transition to a new nitrokey-test version easier.
* Move util::CommandError to the new error moduleRobin Krahl2019-01-20
| | | | This prepares the refactoring of util::CommandError into multiple enums.
* pws: Interpret empty strings as unprogrammed slotsRobin Krahl2019-01-16
| | | | | | | | | | | | Until the last commit, all empty strings returned by the library were interepreted as errors. As the PWS functions return empty strings for unprogrammed slots, the methods to access the PWS data returned an error when querying a slot that is not programmed. Since the last commit, they return an empty string instead. This patch restores the old behavior by returning an error instead of an empty string. Yet we change the error variant: SlotNotProgrammed instead of Undefined.
* Add Device::build_aes_key methodRobin Krahl2019-01-03
| | | | | | | | This patch adds the build_aes_key method to the Device trait that uses the NK_build_aes_key function to build new AES keys on the device. This effectively resets the password safe and the encrypted storage. It is unclear whether other data (e. g. the one-time passwords) are affected too.
* Document decryption failure for get_password_safeRobin Krahl2019-01-03
| | | | | | After a factory reset, the password safe cannot be accessed as its secret cannot be decrypted. This patch improves the documentation for GetPasswordSafe::get_password_safe to reflect this behavior.
* Update documentation for pws methodsRobin Krahl2019-01-03
|
* Fix formatting using to rustfmtRobin Krahl2018-12-30
|
* Use the crate:: path qualifier for modulesRobin Krahl2018-12-16
| | | | | | This patch changes use declarations for modules within this crate to use the crate:: path qualifier. This will be mandatory in Rust edition 2018.
* Use the dyn syntax for trait objectsRobin Krahl2018-12-16
| | | | | This patch changes the type of trait objects from `Trait` to `dyn Trait`. This fixes bare-trait-object compiler warnings.
* Make hidden life time parameters explicitRobin Krahl2018-12-16
| | | | | This patch makes hidden life time parameters explicit to fix elided-lifetime-in-path compiler warnings.
* Use {} instead of {:?} where possibleRobin Krahl2018-06-07
| | | | | Most notably, for command errors, this will print a human-readable error message instead of just the name of the enum.
* Implement easier CString creationRobin Krahl2018-06-07
| | | | | | The new get_cstring method in util returns a Result<CString, CommandError>, so mast callers can just use the ? operator to unwrap the result instead of cumbersome unwrapping code.
* Use Result<(), CommandError> instead of CommandStatusRobin Krahl2018-06-07
| | | | | | The Result enum is more idiomatic and easier to use than our custom CommandStatus enum with the same structure. This is especially true for the try operator ?.
* Remove NK_lock_device call from PasswordSafe::dropRobin Krahl2018-06-07
| | | | | | | | | | | | | | | | | | | When enabled, the password safe can be used without authentication. The lock device can be used to lock the password safe. Currently, PasswordSafe::drop calls this command to make sure that other applications cannot access the password safe without authentication. On the Nitrokey Storage, locking the device may also disable the encrypted or hidden volume. As using the password safe should not have side effects on the storage volumes, this patch removes the call to the lock device command from the Drop implementation. Instead, the user should call this method after making sure that it does not have side effects. A feature request for a command that only locks the password safe without side effects is submitted to the Nitrokey Storage firmware repository: https://github.com/Nitrokey/nitrokey-storage-firmware/issues/65
* Implement Drop for PasswordSafeRobin Krahl2018-06-05
| | | | | | By calling NK_lock_device when dropping a PasswordSafe instance, we can make sure that the password safe cannot be reused without authentication.
* Use a Device reference in PasswordSafeRobin Krahl2018-06-05
| | | | | | | | | Instead of wrapping an owned Device instance, PasswordSafe now only requires a reference to a Device. The lifetime parameter makes sure that the device lives at least as long as the password safe. Using a reference instead of an owned device allows us to implement Drop on PasswordSafe to make sure that the password safe is disabled once it is destructed.
* Add support for password safesRobin Krahl2018-05-29
A password safe (PWS) stores names, logins and passwords in slots. PWS are supported both by the Nitrokey Pro and the Nitrokey Storage. They are implemented as a struct wrapping a device as the device may not be disconnected while the password safe is alive. The creation of a password safe is handled by the GetPasswordSafe trait, implemented by DeviceWrapper, Pro and Storage.