From d60e03b46a6af75056f07394ef66ecaa35f32d77 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Thu, 3 Jan 2019 12:16:21 +0000
Subject: Add Storage::change_update_pin method

This patch adds the change_update_pin method to the Storage struct that
uses the NK_change_update_password function to set the password required
for firmware updates.
---
 src/device.rs | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

(limited to 'src')

diff --git a/src/device.rs b/src/device.rs
index 33e5410..4b8cc5c 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -667,6 +667,45 @@ impl Storage {
         }
     }
 
+    /// Changes the update PIN.
+    ///
+    /// The update PIN is used to enable firmware updates.  Unlike the user and the admin PIN, the
+    /// update PIN is not managed by the OpenPGP smart card but by the Nitrokey firmware.  There is
+    /// no retry counter as with the other PIN types.
+    ///
+    /// # Errors
+    ///
+    /// - [`InvalidString`][] if one of the provided passwords contains a null byte
+    /// - [`WrongPassword`][] if the current update password is wrong
+    ///
+    /// # Example
+    ///
+    /// ```no_run
+    /// # use nitrokey::CommandError;
+    ///
+    /// # fn try_main() -> Result<(), CommandError> {
+    /// let device = nitrokey::Storage::connect()?;
+    /// match device.change_storage_pin("12345678", "87654321") {
+    ///     Ok(()) => println!("Updated update PIN."),
+    ///     Err(err) => println!("Failed to update update PIN: {}", err),
+    /// };
+    /// #     Ok(())
+    /// # }
+    /// ```
+    ///
+    /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString
+    /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword
+    pub fn change_update_pin(&self, current: &str, new: &str) -> Result<(), CommandError> {
+        let current_string = get_cstring(current)?;
+        let new_string = get_cstring(new)?;
+        unsafe {
+            get_command_result(nitrokey_sys::NK_change_update_password(
+                    current_string.as_ptr(),
+                    new_string.as_ptr(),
+                    ))
+        }
+    }
+
     /// Enables the encrypted storage volume.
     ///
     /// Once the encrypted volume is enabled, it is presented to the operating system as a block
-- 
cgit v1.2.1