From 0ee7ef7705ebfc0d419bba9a61db55fccd14b638 Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Sat, 12 Jan 2019 16:51:47 +0000 Subject: Add set_unencrypted_volume_mode to Storage The new set_unencrypted_volume_mode method sets the access mode of the unencrypted volume on the Nitrokey Storage. Depending on the requested access mode, it calls either NK_set_unencrypted_read_only_admin or NK_set_unencrypted_read_write_admin. Note that this function requires firmware version 0.51 or later. (Earlier firmware versions used the user PIN.) --- tests/device.rs | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/device.rs b/tests/device.rs index 6f21dcb..9985e7a 100644 --- a/tests/device.rs +++ b/tests/device.rs @@ -6,7 +6,7 @@ use std::{thread, time}; use nitrokey::{ Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, GetPasswordSafe, - OtpMode, OtpSlotData, + OtpMode, OtpSlotData, Storage, VolumeMode, }; use nitrokey_test::test as test_device; @@ -398,6 +398,38 @@ fn lock(device: Storage) { assert_eq!(1, count_nitrokey_block_devices()); } +#[test_device] +fn set_unencrypted_volume_mode(device: Storage) { + fn assert_mode(device: &Storage, mode: VolumeMode) { + let status = device.get_status(); + assert!(status.is_ok()); + assert_eq!( + status.unwrap().unencrypted_volume.read_only, + mode == VolumeMode::ReadOnly + ); + } + + fn assert_success(device: &Storage, mode: VolumeMode) { + assert_eq!( + Ok(()), + device.set_unencrypted_volume_mode(ADMIN_PASSWORD, mode) + ); + assert_mode(&device, mode); + } + + assert_success(&device, VolumeMode::ReadOnly); + + assert_eq!( + Err(CommandError::WrongPassword), + device.set_unencrypted_volume_mode(USER_PASSWORD, VolumeMode::ReadOnly) + ); + assert_mode(&device, VolumeMode::ReadOnly); + + assert_success(&device, VolumeMode::ReadWrite); + assert_success(&device, VolumeMode::ReadWrite); + assert_success(&device, VolumeMode::ReadOnly); +} + #[test_device] fn get_storage_status(device: Storage) { let status = device.get_status().unwrap(); -- cgit v1.2.3