| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change is the first in a series to migrate the existing tests to
using the nitrokey-test crate. The crate provides a couple of benefits
over the existing way testing works:
- test execution is automatically serialized (i.e., no more need for
--test-threads)
- available devices are detected at runtime (i.e., no more need for
--features test-pro)
- tests capable of running only on a specific device are automatically
skipped if this device is not present
In addition to that, the crate also offers selection of particular
groups of tests by virtue of the NITROKEY_TEST_GROUP environment
variable. If set (valid values are "nodev", "pro", and "storage") only
tests of the particular group are run (those tests will fail if a
required precondition is not met, i.e., if a device is present but
"nodev" is set, or if the "pro" group is run but no device or a storage
device is present).
Unfortunately, it has some limitations as well. Most importantly Rust
does not allow us to indicate whether a test has been skipped or not.
While it has #[ignore] support, that strictly is a compile-time feature
and, hence, not usable.
This patch in particular pulls in the nitrokey-test crate and adjusts
the existing device tests to make use of it.
|
|
|
|
|
|
| |
Contrary to my previous beliefs, build_aes_key has to be called even
after a factory reset using the Nitrokey API. This patch updates the
documentation and the unit tests based on this insight.
|
|
|
|
|
|
|
|
| |
This patch adds the build_aes_key method to the Device trait that uses
the NK_build_aes_key function to build new AES keys on the device. This
effectively resets the password safe and the encrypted storage. It is
unclear whether other data (e. g. the one-time passwords) are affected
too.
|
|
|
|
|
|
|
| |
This patch adds the factory_reset_method to the Device trait that uses
the NK_factory_reset function to perform a factory reset. The tests
verify that the user and admin PIN are reset and that the OTP storage
and the password safe are deleted.
|
|
|
|
|
|
| |
This patch adds the change_update_pin method to the Storage struct that
uses the NK_change_update_password function to set the password required
for firmware updates.
|
|
|
|
|
|
|
|
|
|
| |
The CommandError::Unknown variant, which is used whenever a reported
error code is not known, makes it close to impossible to determine the
root cause of, say, a one-off error, because all information explaining
what went wrong is discarded.
With this change we adjust the Unknown variant to include the error
report. In addition, we introduce a new CommandError variant, Undefined,
that is used when no error code is available.
|
|
|
|
|
|
| |
This patch adds a test case that changes the PIN when calling
unlock_user_pin. The previous test case only unlocked the current user
PIN.
|
|
|
|
|
|
|
|
| |
This patch adds the force argument to the set_time method in the
ConfigureOtp trait that allows the user to choose whether jumps to the
past are allowed when updating the time. It is implemented by using the
NK_totp_set_time_soft function. Previously, jumps where unconditionally
allowed.
|
|
|
|
|
|
| |
It seems that with newer firmeware, the model string in the lsblk output
is Nitrokey_Storage instead of Nitrokey Storage. Therefore this patch
replaces underscores with spaces to account for both versions.
|
| |
|
|
|
|
|
| |
This patch adds the function Device::get_model that returns the model of
the connected Nitrokey stick.
|
|
|
|
|
|
|
| |
Currently, the test-no-device feature is used for tests that expect no
Nitrokey to be connected. Yet test-no-device is equivalent to not
test-pro and not test-storage. Therefore, this patch removes the
test-no-device feature.
|
|
Newer Rust versions support integration tests in a top-level tests
directory. This patch refactors the existing unit tests into
integration tests.
|