From d95355e3d76c0c0022629e635f36a2dc325c0af2 Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Tue, 5 Feb 2019 12:48:01 +0000 Subject: Revert "Store mutable reference to Device in PasswordSafe" This reverts commit 13006c00dcbd570cf8347d89557834e320427377. --- src/pws.rs | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/pws.rs b/src/pws.rs index a5b9d33..371de6e 100644 --- a/src/pws.rs +++ b/src/pws.rs @@ -18,7 +18,8 @@ pub const SLOT_COUNT: u8 = 16; /// The password safe stores a tuple consisting of a name, a login and a password on a slot. The /// number of available slots is [`SLOT_COUNT`][]. The slots are addressed starting with zero. To /// retrieve a password safe from a Nitrokey device, use the [`get_password_safe`][] method from -/// the [`GetPasswordSafe`][] trait. +/// the [`GetPasswordSafe`][] trait. Note that the device must live at least as long as the +/// password safe. /// /// Once the password safe has been unlocked, it can be accessed without a password. Therefore it /// is mandatory to call [`lock`][] on the corresponding device after the password store is used. @@ -57,17 +58,21 @@ pub const SLOT_COUNT: u8 = 16; /// [`GetPasswordSafe`]: trait.GetPasswordSafe.html #[derive(Debug)] pub struct PasswordSafe<'a> { - device: &'a mut dyn Device, + _device: &'a dyn Device, } /// Provides access to a [`PasswordSafe`][]. /// +/// The device that implements this trait must always live at least as long as a password safe +/// retrieved from it. +/// /// [`PasswordSafe`]: struct.PasswordSafe.html pub trait GetPasswordSafe { /// Enables and returns the password safe. /// - /// It is mandatory to lock the underlying device using [`lock`][] after the password safe has - /// been used. Otherwise, other applications can access the password store without + /// The underlying device must always live at least as long as a password safe retrieved from + /// it. It is mandatory to lock the underlying device using [`lock`][] after the password safe + /// has been used. Otherwise, other applications can access the password store without /// authentication. /// /// If this method returns an `AesDecryptionFailed` (Nitrokey Pro) or `Unknown` (Nitrokey @@ -116,17 +121,12 @@ pub trait GetPasswordSafe { } fn get_password_safe<'a>( - device: &'a mut dyn Device, + device: &'a dyn Device, user_pin: &str, ) -> Result, Error> { let user_pin_string = get_cstring(user_pin)?; - let result = get_command_result(unsafe { - nitrokey_sys::NK_enable_password_safe(user_pin_string.as_ptr()) - }); - match result { - Ok(()) => Ok(PasswordSafe { device }), - Err(err) => Err(err), - } + get_command_result(unsafe { nitrokey_sys::NK_enable_password_safe(user_pin_string.as_ptr()) }) + .map(|_| PasswordSafe { _device: device }) } fn get_pws_result(s: String) -> Result { -- cgit v1.2.3