From 30264131262d9e926d3c14b0c92760fdc15ba5c8 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Sun, 6 Jan 2019 22:56:27 +0000
Subject: Add support for the hidden volumes on a Nitrokey Storage

This patch introduces the methods enable_hidden_volume,
disable_hidden_volume and create_hidden_volume for the Storage struct to
support the hidden volumes on the Nitrokey Storage.  The enable and
create methods require that the encrypted storage has been enabled.
Contrary to authentication and password safe access, we do not enforce
this requirement in the API as file system operations could have
unwanted side effects and should not performed implicitly.
---
 tests/device.rs | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

(limited to 'tests/device.rs')

diff --git a/tests/device.rs b/tests/device.rs
index d6ed0c4..f7d8df3 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -348,6 +348,44 @@ fn encrypted_volume(device: Storage) {
     assert_eq!(1, count_nitrokey_block_devices());
 }
 
+#[test_device]
+fn hidden_volume(device: Storage) {
+    assert_eq!(Ok(()), device.lock());
+
+    assert_eq!(1, count_nitrokey_block_devices());
+    assert_eq!(Ok(()), device.disable_hidden_volume());
+    assert_eq!(1, count_nitrokey_block_devices());
+
+    assert_eq!(Ok(()), device.enable_encrypted_volume(USER_PASSWORD));
+    assert_eq!(2, count_nitrokey_block_devices());
+
+    // TODO: why this error code?
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.create_hidden_volume(5, 0, 100, "hiddenpw")
+    );
+    assert_eq!(Ok(()), device.create_hidden_volume(0, 20, 21, "hidden-pw"));
+    assert_eq!(
+        Ok(()),
+        device.create_hidden_volume(0, 20, 21, "hiddenpassword")
+    );
+    assert_eq!(Ok(()), device.create_hidden_volume(1, 0, 1, "otherpw"));
+    // TODO: test invalid range (not handled by libnitrokey)
+    assert_eq!(2, count_nitrokey_block_devices());
+
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.enable_hidden_volume("blubb")
+    );
+    assert_eq!(Ok(()), device.enable_hidden_volume("hiddenpassword"));
+    assert_eq!(2, count_nitrokey_block_devices());
+    assert_eq!(Ok(()), device.enable_hidden_volume("otherpw"));
+    assert_eq!(2, count_nitrokey_block_devices());
+
+    assert_eq!(Ok(()), device.disable_hidden_volume());
+    assert_eq!(1, count_nitrokey_block_devices());
+}
+
 #[test_device]
 fn lock(device: Storage) {
     assert_eq!(Ok(()), device.enable_encrypted_volume(USER_PASSWORD));
-- 
cgit v1.2.1