From c5d5ab12ab8ca6b9889550f050b859b76fa4bdd7 Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Thu, 3 Jan 2019 23:48:22 +0000 Subject: Update documentation and test for factory_reset Contrary to my previous beliefs, build_aes_key has to be called even after a factory reset using the Nitrokey API. This patch updates the documentation and the unit tests based on this insight. --- src/device.rs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/device.rs b/src/device.rs index aaf6283..78d0d82 100644 --- a/src/device.rs +++ b/src/device.rs @@ -515,6 +515,8 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp { /// /// This commands performs a factory reset on the smart card (like the factory reset via `gpg /// --card-edit`) and then clears the flash memory (password safe, one-time passwords etc.). + /// After a factory reset, [`build_aes_key`][] has to be called before the password safe or the + /// encrypted volume can be used. /// /// # Errors /// @@ -536,6 +538,8 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp { /// # Ok(()) /// # } /// ``` + /// + /// [`build_aes_key`]: #method.build_aes_key fn factory_reset(&self, admin_pin: &str) -> Result<(), CommandError> { let admin_pin_string = get_cstring(admin_pin)?; unsafe { get_command_result(nitrokey_sys::NK_factory_reset(admin_pin_string.as_ptr())) } @@ -544,8 +548,9 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp { /// Builds a new AES key on the Nitrokey. /// /// The AES key is used to encrypt the password safe and the encrypted volume. You may need - /// to call this method after a factory reset using `gpg --card-edit`. You can also use it to - /// destory the data stored in the password safe or on the encrypted volume. + /// to call this method after a factory reset, either using [`factory_reset`][] or using `gpg + /// --card-edit`. You can also use it to destory the data stored in the password safe or on + /// the encrypted volume. /// /// # Errors /// @@ -567,6 +572,8 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp { /// # Ok(()) /// # } /// ``` + /// + /// [`factory_reset`]: #method.factory_reset fn build_aes_key(&self, admin_pin: &str) -> Result<(), CommandError> { let admin_pin_string = get_cstring(admin_pin)?; unsafe { get_command_result(nitrokey_sys::NK_build_aes_key(admin_pin_string.as_ptr())) } -- cgit v1.2.3