summaryrefslogtreecommitdiff
path: root/src/util.rs
Commit message (Collapse)AuthorAge
* Refactor string handling in utilRobin Krahl2020-02-03
| | | | | | | | | | | | | The util module provides helper methods to deal with the C strings returned by libnitrokey. The current implementation has to problems: - It causes unnecessary allocations if we only want to look at the string, for example in get_serial_number. - If the conversion from a CStr to a String fails, the string pointer is not freed. Therefore this patch introduces the run_with_str function that executes a function with the string returned by libnitrokey and then makes sure that the pointer is freed correctly.
* Merge branch 'hotfix-0.5.2' into nextRobin Krahl2020-01-28
|\
| * Regenerate temporary passwords with null bytesRobin Krahl2020-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we silently cut off temporary passwords that contained a null byte. With the change to CString, we returned a LibraryError instead. With this patch, we change to generate_password function to continue generating passwords until we have a password without a null byte. The chance of generating a password with a null byte is ca. 10 % for our temporary password with 25 characters. Therefore the chance of having to re-generate the password multiple times is low enough that we don’t bother with re-generating only the null bytes of the password for the time being. This should be improved in the future.
| * Use CString to store temporary passwordsRobin Krahl2020-01-28
| | | | | | | | | | | | | | This patch changes the generate_password function and the User and Admin structs to use a CString instead of a Vec<u8> when storing temporary passwords. This makes sure that the strings that are passed to the C API are properly null-terminated.
* | Add String value to the Error::UnexpectedError variantRobin Krahl2020-01-28
|/ | | | | | To make debugging of unexpected errors easier, this patch adds an associated String value with a description of the unexpected behavior to the UnexpectedError variant of the Error enum.
* Replace rand_os::OsRng with rand_core::OsRngRobin Krahl2019-12-27
| | | | | rand_os::OsRng has been deprecated. Instead we can use rand_core with the getrandom feature.
* Update rand_{core,os} dependenciesRobin Krahl2019-07-16
| | | | | | | This patch updates the rand_core dependency to version 0.5 and the rand_os dependency to version 0.2. This causes a change in util.rs: Instead of constructing an OsRng instance using OsRng::new(), we can directly instantiate the (now empty) struct.
* Always return a Result when communicating with a deviceRobin Krahl2019-01-27
| | | | | | | | Previously, we sometimes returned a value without wrapping it in a result if the API method did not indicate errors in the return value. But we can detect errors using the NK_get_last_command_status function. This patch changes the return types of these methods to Result<_, Error> and adds error checks.
* Replace or with or_else in get_cstringRobin Krahl2019-01-27
| | | | | To avoid unnecessary function calls, we replace the or with an or_else in get_cstring.
* Remove rand_core::Error from public APIRobin Krahl2019-01-25
| | | | | | | rand_core does not have a stable release yet, and it is unlikely that there will be one soon. To be able to stabilize nitrokey without waiting for a stable rand_core version, we remove the rand_core::Error type from the public API and replace it with a Box<dyn error::Error>.
* Add license and copyright informationRobin Krahl2019-01-23
| | | | | | | This patch adds license and copyright information to all files to make nitrokey-rs compliant with the REUSE practices [0]. [0] https://reuse.software/practices/2.0/
* Return UTF-8 error if libnitrokey returns an invalid stringRobin Krahl2019-01-23
| | | | | | | Previously, we used lossy UTF-8 conversion. Yet the user should be notified if we have a problem instead of silently changing the data. Therefore, we now return an error if we enocunter an invalid UTF-8 string. This leads to a change in `get_library_version`’s signature.
* Refactor and clean up all codeRobin Krahl2019-01-23
| | | | | | | This includes: - using idiomatic Rust - limiting the scope of unsafe blocks - simplifying code
* Prefer into() over numeric castingRobin Krahl2019-01-23
| | | | | | Numeric casting might truncate an integer, while into() is only implemented for numeric types if the cast is possible without truncation.
* Introduce the Error::UnexpectedError variantRobin Krahl2019-01-20
| | | | | | | The UnexpectedError variant is used when a libnitrokey function returns a value that violates the function’s contract, for example if a function returns a null pointer although it guarantees to never return null. Previously, we returned a CommandError::Unspecified in these cases.
* Refactor library errors into LibraryError enumRobin Krahl2019-01-20
| | | | | | Previously, library errors were part of the CommandError enum. As command errors and library errors are two different error types, they should be split into two enums.
* Move the CommandError::Unknown to ErrorRobin Krahl2019-01-20
| | | | | | | An error code can not only indiciate a command error, but also a library or device communication error. Therefore, the variant for an unknown error code should be placed in the top-level Error enum instead of the CommandError enum.
* Refactor CommandError::RngError into Error::RandErrorRobin Krahl2019-01-20
| | | | | We reserve CommandError for errors returned by the Nitrokey device. Errors during random number generation should have their own type.
* Return Error instead of CommandErrorRobin Krahl2019-01-20
| | | | | | | | | | This patch changes all public functions to return the Error enum instead of the CommandError enum. This breaks the tests which will be fixed with the next patch. This patch also adds a placeholder variant Error::CommandError and a placeholder enum CommandError to make the transition to a new nitrokey-test version easier.
* Move util::CommandError to the new error moduleRobin Krahl2019-01-20
| | | | This prepares the refactoring of util::CommandError into multiple enums.
* Fix result_from_string for empty return valuesRobin Krahl2019-01-16
| | | | | | | | | | | An empty string returned from a libnitrokey function can either indicate an error or be a valid return value. Previously, we assumed that it indicates an error. But instead, we should check the last command status and use it to decide whether to return the empty string or an error code. This breaks the unit tests that assume that empty strings cause errors. These will be fixed in the next patches.
* Use rand_os for random data generationDaniel Mueller2019-01-14
| | | | | | | | | | | | The rand crate comes with a slew of dependencies to cover all sort of randomness related tasks in various scenarios. However, this crate really only requires a tiny subset of this functionality. As it turns out, this core functionality is provided by the rand_os crate. This change drops the dependency to rand in favor of rand_os. In order to accomplish that, it brings back the RngError variant for the CommandError enum to capture the possibility of the creation of the random number generator failing.
* Make three more error codes knownDaniel Mueller2019-01-09
| | | | | | | | | | | | | Three more error codes are defined in libnitrokey but currently reported as the CommandError::Unknown variant: 200: representing a string that exceeds a limit 202: indicating a string that is not in hexadecimal format when it should be 203: suggesting that the target buffer is smaller than the source buffer and, hence, too small This change introduces the CommandError variants StringTooLong, InvalidHexString and TargetBufferTooSmall, respectively, representing those errors.
* Preserve unknown error code valuesDaniel Mueller2019-01-03
| | | | | | | | | | The CommandError::Unknown variant, which is used whenever a reported error code is not known, makes it close to impossible to determine the root cause of, say, a one-off error, because all information explaining what went wrong is discarded. With this change we adjust the Unknown variant to include the error report. In addition, we introduce a new CommandError variant, Undefined, that is used when no error code is available.
* Fix typo: occured -> occurredDaniel Mueller2019-01-03
|
* Remove CommandError::RngErrorRobin Krahl2019-01-03
| | | | | We switched to rand::thread_rng() which cannot fail. Therefore the CommandError::RngError is no longer needed and removed in this patch.
* Derive Clone and Copy for CommandError, LogLevel, OtpModeRobin Krahl2018-12-30
| | | | | | As these three enums are scalar values, this patch derives the Clone and Copy traits for them. This should avoid unnecessary allocations and reduce the memory footprint.
* Update to rand v0.6Robin Krahl2018-12-16
| | | | | | | | This patch updates the rand dependecy to version 0.6. It also replaces the OsRng, which is guaranteed to use OS/hardware entropy, with the thread_rng, which is likely to use OS/hardware entropy as a seed. The choice of RNG and the handling of password should be reviewed at a later point.
* Make hidden life time parameters explicitRobin Krahl2018-12-16
| | | | | This patch makes hidden life time parameters explicit to fix elided-lifetime-in-path compiler warnings.
* Always free string pointers returned by libnitrokeyRobin Krahl2018-12-10
| | | | | | | | Old libnitrokey versions could return pointers to both statically and dynamically allocated strings for functions that return strings. This has been fixed in libnitrokey commit 7a8550d (included in v3.4). This patch removes the old workaround and always frees the return value of functions returning a string pointer.
* Implement std::fmt::Display for CommandErrorRobin Krahl2018-06-07
| | | | | | The std::fmt::Display implementation provides a human-readable error message for a CommandError. It is intended to be used in error messages displayed to the user.
* Implement easier CString creationRobin Krahl2018-06-07
| | | | | | The new get_cstring method in util returns a Result<CString, CommandError>, so mast callers can just use the ? operator to unwrap the result instead of cumbersome unwrapping code.
* Use Result<(), CommandError> instead of CommandStatusRobin Krahl2018-06-07
| | | | | | The Result enum is more idiomatic and easier to use than our custom CommandStatus enum with the same structure. This is especially true for the try operator ?.
* Add rudimentary support for the Nitrokey StorageRobin Krahl2018-05-29
| | | | | This patch adds the Storage struct and the test-storage feature. It also enables all currently supported Pro commands for the Storage.
* Rewrap documentation comments to 100 charactersRobin Krahl2018-05-28
|
* Improve log level documentationRobin Krahl2018-05-22
| | | | | | Now, the documentation clearly states the purpose of each log level. Also, the documentation for set_log_level is corrected: libnitrokey always prints to stderr.
* Restructure code by functionalityRobin Krahl2018-05-22
In future versions, we want to support not only the Nitrokey Pro, but also the Nitrokey Storage. This requires a better code layout. This patch introduces two main changes: First, the OTP-specific methods are moved from the Device trait and the AdminAuthenticatedDevice struct to the functionality-based traits ConfigureOtp and GenerateOtp. This will hopefully make it easier to integrate the Nitrokey Storage. Secondly, the code is split into separate modules. These modules are currently all private and re-exported in the lib module, but we can consider making them public in the future.