From 0ee7ef7705ebfc0d419bba9a61db55fccd14b638 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Sat, 12 Jan 2019 16:51:47 +0000
Subject: Add set_unencrypted_volume_mode to Storage

The new set_unencrypted_volume_mode method sets the access mode of the
unencrypted volume on the Nitrokey Storage.  Depending on the requested
access mode, it calls either NK_set_unencrypted_read_only_admin or
NK_set_unencrypted_read_write_admin.

Note that this function requires firmware version 0.51 or later.
(Earlier firmware versions used the user PIN.)
---
 src/device.rs | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

(limited to 'src')

diff --git a/src/device.rs b/src/device.rs
index 792ac2f..ee8e31c 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -1076,6 +1076,52 @@ impl Storage {
         }
     }
 
+    /// Sets the access mode of the unencrypted volume.
+    ///
+    /// This command will reconnect the unencrypted volume so buffers should be flushed before
+    /// calling it.  Since firmware version v0.51, this command requires the admin PIN.  Older
+    /// firmware versions are not supported.
+    ///
+    /// # Errors
+    ///
+    /// - [`InvalidString`][] if the provided password contains a null byte
+    /// - [`WrongPassword`][] if the provided admin password is wrong
+    ///
+    /// # Example
+    ///
+    /// ```no_run
+    /// # use nitrokey::CommandError;
+    /// use nitrokey::VolumeMode;
+    ///
+    /// # fn try_main() -> Result<(), CommandError> {
+    /// let device = nitrokey::Storage::connect()?;
+    /// match device.set_unencrypted_volume_mode("123456", VolumeMode::ReadWrite) {
+    ///     Ok(()) => println!("Set the unencrypted volume to read-write mode."),
+    ///     Err(err) => println!("Could not set the unencrypted volume to read-write mode: {}", err),
+    /// };
+    /// #     Ok(())
+    /// # }
+    /// ```
+    ///
+    /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString
+    /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword
+    pub fn set_unencrypted_volume_mode(
+        &self,
+        admin_pin: &str,
+        mode: VolumeMode,
+    ) -> Result<(), CommandError> {
+        let admin_pin = get_cstring(admin_pin)?;
+        let result = match mode {
+            VolumeMode::ReadOnly => unsafe {
+                nitrokey_sys::NK_set_unencrypted_read_only_admin(admin_pin.as_ptr())
+            },
+            VolumeMode::ReadWrite => unsafe {
+                nitrokey_sys::NK_set_unencrypted_read_write_admin(admin_pin.as_ptr())
+            },
+        };
+        get_command_result(result)
+    }
+
     /// Returns the status of the connected storage device.
     ///
     /// # Example
-- 
cgit v1.2.1