aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
* Add the connect_model functionRobin Krahl2019-01-07
| | | | | | This patch adds the global connect_model function that can be used to connect to a Nitrokey device of a given model. Contrary to Pro::connect and Storage::connect, the model does not have to be set at compile time.
* Rename device::connect_model to device::connect_enumRobin Krahl2019-01-07
| | | | connect_model will be used for a public function with the next patch.
* Document the Undefined error for the connect methodsRobin Krahl2019-01-07
|
* Add support for the hidden volumes on a Nitrokey StorageRobin Krahl2019-01-06
| | | | | | | | | | This patch introduces the methods enable_hidden_volume, disable_hidden_volume and create_hidden_volume for the Storage struct to support the hidden volumes on the Nitrokey Storage. The enable and create methods require that the encrypted storage has been enabled. Contrary to authentication and password safe access, we do not enforce this requirement in the API as file system operations could have unwanted side effects and should not performed implicitly.
* Fix example for GenerateOtp::get_totp_codeRobin Krahl2019-01-05
|
* Update documentation and test for factory_resetRobin Krahl2019-01-04
| | | | | | Contrary to my previous beliefs, build_aes_key has to be called even after a factory reset using the Nitrokey API. This patch updates the documentation and the unit tests based on this insight.
* Fix documentation test for Storage::change_update_pinRobin Krahl2019-01-04
|
* Add Storage::enable_firmware_update methodRobin Krahl2019-01-03
| | | | | | | | This patch adds the enable_firmware_update method to the Storage struct that uses NK_enable_firmware_update to put the Nitrokey Storage into update mode. This method is not tested as external tooling is required to resume normal operation and as it is hard to bail out if an error occurs.
* Add Device::build_aes_key methodRobin Krahl2019-01-03
| | | | | | | | This patch adds the build_aes_key method to the Device trait that uses the NK_build_aes_key function to build new AES keys on the device. This effectively resets the password safe and the encrypted storage. It is unclear whether other data (e. g. the one-time passwords) are affected too.
* Add Device::factory_reset methodRobin Krahl2019-01-03
| | | | | | | This patch adds the factory_reset_method to the Device trait that uses the NK_factory_reset function to perform a factory reset. The tests verify that the user and admin PIN are reset and that the OTP storage and the password safe are deleted.
* Add Storage::change_update_pin methodRobin Krahl2019-01-03
| | | | | | This patch adds the change_update_pin method to the Storage struct that uses the NK_change_update_password function to set the password required for firmware updates.
* Document decryption failure for get_password_safeRobin Krahl2019-01-03
| | | | | | After a factory reset, the password safe cannot be accessed as its secret cannot be decrypted. This patch improves the documentation for GetPasswordSafe::get_password_safe to reflect this behavior.
* Update documentation for pws methodsRobin Krahl2019-01-03
|
* Preserve unknown error code valuesDaniel Mueller2019-01-03
| | | | | | | | | | The CommandError::Unknown variant, which is used whenever a reported error code is not known, makes it close to impossible to determine the root cause of, say, a one-off error, because all information explaining what went wrong is discarded. With this change we adjust the Unknown variant to include the error report. In addition, we introduce a new CommandError variant, Undefined, that is used when no error code is available.
* Fix typo: occured -> occurredDaniel Mueller2019-01-03
|
* Remove CommandError::RngErrorRobin Krahl2019-01-03
| | | | | We switched to rand::thread_rng() which cannot fail. Therefore the CommandError::RngError is no longer needed and removed in this patch.
* Add force argument to ConfigureOtp::set_timeRobin Krahl2019-01-02
| | | | | | | | This patch adds the force argument to the set_time method in the ConfigureOtp trait that allows the user to choose whether jumps to the past are allowed when updating the time. It is implemented by using the NK_totp_set_time_soft function. Previously, jumps where unconditionally allowed.
* Fix get_model implementation for StorageRobin Krahl2018-12-30
|
* Derive Clone and Copy for CommandError, LogLevel, OtpModeRobin Krahl2018-12-30
| | | | | | As these three enums are scalar values, this patch derives the Clone and Copy traits for them. This should avoid unnecessary allocations and reduce the memory footprint.
* Fix formatting using to rustfmtRobin Krahl2018-12-30
|
* Add function Device::get_modelRobin Krahl2018-12-30
| | | | | This patch adds the function Device::get_model that returns the model of the connected Nitrokey stick.
* Update to rand v0.6Robin Krahl2018-12-16
| | | | | | | | This patch updates the rand dependecy to version 0.6. It also replaces the OsRng, which is guaranteed to use OS/hardware entropy, with the thread_rng, which is likely to use OS/hardware entropy as a seed. The choice of RNG and the handling of password should be reviewed at a later point.
* Fix examples for {Pro, Storage}::connect()Robin Krahl2018-12-16
|
* Refactor tests into the top-level tests directoryRobin Krahl2018-12-16
| | | | | | Newer Rust versions support integration tests in a top-level tests directory. This patch refactors the existing unit tests into integration tests.
* Remove redundant extern crate declarationsRobin Krahl2018-12-16
| | | | | | | With Rust edition 2018, it is no longer necessary to declare dependencies in the code using `extern crate`. Therefore, this patch removes these declarations and replaces them with `use` declarations if necessary.
* Use the crate:: path qualifier for modulesRobin Krahl2018-12-16
| | | | | | This patch changes use declarations for modules within this crate to use the crate:: path qualifier. This will be mandatory in Rust edition 2018.
* Use the dyn syntax for trait objectsRobin Krahl2018-12-16
| | | | | This patch changes the type of trait objects from `Trait` to `dyn Trait`. This fixes bare-trait-object compiler warnings.
* Make hidden life time parameters explicitRobin Krahl2018-12-16
| | | | | This patch makes hidden life time parameters explicit to fix elided-lifetime-in-path compiler warnings.
* Add documentation for {Pro, Storage}::connect()Robin Krahl2018-12-16
|
* Enable additional compiler warningsRobin Krahl2018-12-16
| | | | | | | | This patch enables the following compiler warnings: - missing_docs for public symbols without documentation - rust_2018_compatibility for Rust edition 2018 support - rust_2018_idioms for Rust edition 2018 support - unused for different types of unused code
* Fix formatting according to Rust style guideRobin Krahl2018-12-16
|
* Re-export device::{StorageStatus, VolumeStatus} in lib.rsRobin Krahl2018-12-10
|
* Provide access to the status of a Nitrokey StorageRobin Krahl2018-12-10
| | | | | | This patch adds a `get_status` method to the `Storage` structure. The returned structure `StorageStatus` is based on the structure provided by libnitrokey.
* Add a Storage-only example to the DeviceWrapper documentationRobin Krahl2018-12-10
| | | | | | | As connect() now returns DeviceWrappers of the correct type, this patch adds an example to the DeviceWrapper documentation that shows how to use type conditions, i. e. how to execute a command only for Nitrokey Storage devices.
* Fix generic connections (connect()) to return correct deviceRobin Krahl2018-12-10
| | | | | | This patch fixes the generic connect() method to return a DeviceWrapper of the correct type. This is enabled by the NK_get_device_model() method introduced in libnitrokey v3.4.
* Always free string pointers returned by libnitrokeyRobin Krahl2018-12-10
| | | | | | | | Old libnitrokey versions could return pointers to both statically and dynamically allocated strings for functions that return strings. This has been fixed in libnitrokey commit 7a8550d (included in v3.4). This patch removes the old workaround and always frees the return value of functions returning a string pointer.
* Use {} instead of {:?} where possibleRobin Krahl2018-06-07
| | | | | Most notably, for command errors, this will print a human-readable error message instead of just the name of the enum.
* Implement std::fmt::Display for CommandErrorRobin Krahl2018-06-07
| | | | | | The std::fmt::Display implementation provides a human-readable error message for a CommandError. It is intended to be used in error messages displayed to the user.
* Implement easier CString creationRobin Krahl2018-06-07
| | | | | | The new get_cstring method in util returns a Result<CString, CommandError>, so mast callers can just use the ? operator to unwrap the result instead of cumbersome unwrapping code.
* Use Result<(), CommandError> instead of CommandStatusRobin Krahl2018-06-07
| | | | | | The Result enum is more idiomatic and easier to use than our custom CommandStatus enum with the same structure. This is especially true for the try operator ?.
* Use Storage struct for Storage-specific testsRobin Krahl2018-06-07
|
* Remove NK_lock_device call from PasswordSafe::dropRobin Krahl2018-06-07
| | | | | | | | | | | | | | | | | | | When enabled, the password safe can be used without authentication. The lock device can be used to lock the password safe. Currently, PasswordSafe::drop calls this command to make sure that other applications cannot access the password safe without authentication. On the Nitrokey Storage, locking the device may also disable the encrypted or hidden volume. As using the password safe should not have side effects on the storage volumes, this patch removes the call to the lock device command from the Drop implementation. Instead, the user should call this method after making sure that it does not have side effects. A feature request for a command that only locks the password safe without side effects is submitted to the Nitrokey Storage firmware repository: https://github.com/Nitrokey/nitrokey-storage-firmware/issues/65
* Add support for encrypted volumeRobin Krahl2018-06-07
| | | | | | | | | | | | | | | | | This patch adds support for the commands to enable or disable the encrypted volume on the Nitrokey Storage. To test these commands, the output of lsblk is parsed for the device model “Nitrokey Storage”. This is not perfect but seems to be the best solution for automated testing. As the effect of enabling and disabling volumes is not immediate, a delay of two seconds is added to the tests before checking lsblk. This is sufficient on my machine, yet it would be better to have a portable version of this check. This patch also adds a lock method to Device that executes the lock_device command. This command was previously only used to close the password safe. On the Nitrokey Storage, it also disables the encrypted and hidden volume.
* Adapt TOTP test cases for Nitrokey StorageRobin Krahl2018-06-06
| | | | | | | | The current Nitrokey Storage firmware does not support timestamps that do not fit into an unsigned integer. Therefore, the tests totp_pin and totp_no_pin are restricted to 32-bit timestamps. New tests totp_pin_64 and totp_no_pin_64 are introduced for 64-bit timestamps. These are expected to panic for the Nitrokey Storage.
* Remove tests for specific firmware versionsRobin Krahl2018-06-06
| | | | | | The firmware version is too volatile to restrict it to certain values. Therefore, we only check that there is a non-zero version number instead of expecting specific values.
* Fix formatting in OTP test caseRobin Krahl2018-06-06
|
* Implement Drop for PasswordSafeRobin Krahl2018-06-05
| | | | | | By calling NK_lock_device when dropping a PasswordSafe instance, we can make sure that the password safe cannot be reused without authentication.
* Use a Device reference in PasswordSafeRobin Krahl2018-06-05
| | | | | | | | | Instead of wrapping an owned Device instance, PasswordSafe now only requires a reference to a Device. The lifetime parameter makes sure that the device lives at least as long as the password safe. Using a reference instead of an owned device allows us to implement Drop on PasswordSafe to make sure that the password safe is disabled once it is destructed.
* Add tests with different TOTP time windowsRobin Krahl2018-06-05
| | | | | | | | While 30 seconds is the default time step for TOTP, arbitrary values are possible. Yet the RFC does only provide test cases for the default time window. This patch adds tests where these test cases are applied for a time window of 60 seconds (if both the current time and the time window double, the resulting TOTP code is the same).
* Add support for unlock_user_password commandRobin Krahl2018-05-31
|