Add pws-cache extension #156
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To avoid reimplementing the device selection logic in extensions, we introduce a new environment variable NITROCLI_RESOLVED_USB_PATH that is set to the USB path of the single matching Nitrokey device. If no device matches, or if there are multiple matching devices, the variable is not set.
With upcoming changes we will have not only the main crate (comprised of two binaries), but an entire workspace containing extensions and other support crates. This change instructs the CI to build and test these crates as it does for the main crate.
This patch adds the extension support crate nitrocli-ext as a workspace member. This crate contains useful methods for extensions written in Rust, providing access to the nitrocli binary and to the nitrokey-rs library.
This patch adds the nitrocli-otp-cache extension that caches OTP data. The per-device cache stores the names, OTP algorithms and IDs of the slots It can be used to access the slots by name instead of slot index.
Fix compiler warnings for dynamic assert messages seen with rustc 1.51.
Some of our tests compare byte slices and are very hard to debug if the assertion fails due to they way these slices are printed. This patch adds assertion messages containing the (lossy) string representation of the byte slice to make it easier to debug errors. Fixes d-e-s-o#152
The format specifier we use for printing errors returned by the main program will include a backtrace in the output -- if one is available. That's not necessarily a feature that we need: the causal chain of errors should be sufficient and end users are unlikely to have use for a backtrace. This change adjusts the format specifier so that we only print the chain of errors, albeit in a slightly different format: - Previously: > Failed to generate OTP > > Caused by: > Command error: The given slot is not programmed - New: > Failed to generate OTP: Command error: The given slot is not programmed
This patch adds a configuration for GitHub Actions that builds and tests nitrocli with the MSRV, stable, beta and nightly Rust, calls clippy and rustfmt and checks the license annotations with reuse-tool.
With the addition of the GitHub Actions workflow we have found a better working replacement for the GitLab CI. To that end, we no longer want to use the latter. This change removes the corresponding configuration from the repository.
This patch adds an --only-aes-key option to the reset command to only build a new AES key without performing a full factory reset. Fixes d-e-s-o#69
This patch adds the pws-cache core extension that allows accessing the PWS slots by their name instead of the slot index. Fixes d-e-s-o#155.
|
Hi Robin, overall this pull request looks great, but I think we have to decide how to proceed with respect the PIN entry story that we discussed over in #155. Let me know how you want to proceed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch adds the pws-cache core extension that allows accessing the
PWS slots by their name instead of the slot index.
Fixes #155.
Open issues: How to query the PWS data (requires user PIN).