nitrokey-sys-3.4.3/.gitignore010064400017500001750000000000371340346457700144270ustar0000000000000000 /target **/*.rs.bk Cargo.lock nitrokey-sys-3.4.3/CHANGELOG.md010064400017500001750000000031531341637125100142400ustar0000000000000000# v3.4.3 (2019-10-12) - Link directly against `libnitrokey` if the `USE_SYSTEM_LIBNITROKEY` environment variable is set. # v3.4.2 (2019-01-01) - Use the -std=c++14 compiler flag. - Change the build script to link to `-lhidapi` on non-Linux operating systems (while still using `-lhidapi-libusb` on Linux). - Decouple the libnitrokey and nitrokey-sys-rs versions. # v3.4.1 (2018-12-10) - Update to libnitrokey 3.4.1. There are no changes affecting this crate. # v3.4.0 (2018-12-10) - Update to libnitrokey 3.4, causing all following changes. - New constant `NK_device_model_NK_DISCONNECTED` in the `NK_device_model` enumeration. - New structures: - `NK_storage_ProductionTest` - `NK_storage_status` - New functions: - `NK_get_device_model` - `NK_get_library_version` - `NK_get_major_library_version` - `NK_get_minor_libray_version` - `NK_get_status_storage` - `NK_get_storage_production_info` - `NK_totp_set_time_soft` - `NK_wink` - The function `NK_totp_get_time` is now deprecated. If applicable, `NK_totp_set_time_soft` should be used instead. See the [upstream pull request #114][] for details. - Strings are now returned as mutable instead of constant pointers. # v3.3.0 (2018-05-21) - Change the crate license to LGPL 3.0. - Adapt the crate version number according to the bundled `libnitrokey` version. - Include a copy of `libnitrokey`. - Compile `libnitrokey` from source. - Generate the `bindgen` bindings statically and add them to the repository. # v0.1.0 (2018-05-19) - Initial release. [upstream pull request #114]: https://github.com/Nitrokey/libnitrokey/pull/114 nitrokey-sys-3.4.3/Cargo.toml.orig010064400017500001750000000007161341637125100153200ustar0000000000000000[package] name = "nitrokey-sys" version = "3.4.3" authors = ["Robin Krahl "] edition = "2018" homepage = "https://code.ireas.org/nitrokey-rs/" repository = "https://git.ireas.org/nitrokey-sys-rs/" description = "Low-level bindings to libnitrokey for communication with Nitrokey devices" categories = ["external-ffi-bindings"] license = "LGPL-3.0" links = "nitrokey" build = "build.rs" readme = "README.md" [build-dependencies] cc = "1.0" nitrokey-sys-3.4.3/Cargo.toml0000644000000017410000000000000115630ustar00# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO # # When uploading crates to the registry Cargo will automatically # "normalize" Cargo.toml files for maximal compatibility # with all versions of Cargo and also rewrite `path` dependencies # to registry (e.g. crates.io) dependencies # # If you believe there's an error in this file please file an # issue against the rust-lang/cargo repository. If you're # editing this file be aware that the upstream Cargo.toml # will likely look very different (and much more reasonable) [package] edition = "2018" name = "nitrokey-sys" version = "3.4.3" authors = ["Robin Krahl "] build = "build.rs" links = "nitrokey" description = "Low-level bindings to libnitrokey for communication with Nitrokey devices" homepage = "https://code.ireas.org/nitrokey-rs/" readme = "README.md" categories = ["external-ffi-bindings"] license = "LGPL-3.0" repository = "https://git.ireas.org/nitrokey-sys-rs/" [build-dependencies.cc] version = "1.0" nitrokey-sys-3.4.3/Cargo.toml.orig0000644000000007160000000000000125230ustar00[package] name = "nitrokey-sys" version = "3.4.3" authors = ["Robin Krahl "] edition = "2018" homepage = "https://code.ireas.org/nitrokey-rs/" repository = "https://git.ireas.org/nitrokey-sys-rs/" description = "Low-level bindings to libnitrokey for communication with Nitrokey devices" categories = ["external-ffi-bindings"] license = "LGPL-3.0" links = "nitrokey" build = "build.rs" readme = "README.md" [build-dependencies] cc = "1.0" nitrokey-sys-3.4.3/LICENSE010064400017500001750000000167441330023674400134450ustar0000000000000000 GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. nitrokey-sys-3.4.3/README.md010064400017500001750000000022331341637075400137130ustar0000000000000000# nitrokey-sys-rs Low-level Rust bindings for `libnitrokey`, providing access to Nitrokey devices. This crate contains a copy of the [`libnitrokey`][] library, builds it from source and links it statically. The host system must provide its dependencies in the library search path: - `libhidapi-libusb0` (on Linux) - `libhidapi` (on non-Linux systems) If you set the `USE_SYSTEM_LIBNITROKEY` environment variable when building this crate, it links directly against `libnitrokey` instead of building it from source. In this case, `libnitrokey` must be available in the library search path. ## Versioning The major and minor version of the `nitrokey-sys` crate map to the major and minor version of `libnitrokey`. The `nitrokey-sys` patch version may be increased independently. ## Contact For bug reports, patches, feature requests or other messages, please send a mail to [nitrokey-rs-dev@ireas.org][]. ## License This project as well as `libnitrokey` are licensed under the [LGPL-3.0][]. [`libnitrokey`]: https://github.com/nitrokey/libnitrokey [nitrokey-rs-dev@ireas.org]: mailto:nitrokey-rs-dev@ireas.org [LGPL-3.0]: https://opensource.org/licenses/lgpl-3.0.html nitrokey-sys-3.4.3/build.rs010064400017500001750000000047041341636730400141030ustar0000000000000000use std::env; use std::fs; use std::io; use std::io::{Read, Write}; use std::path; use std::string; use cc; #[derive(Clone, Copy, Debug, PartialEq)] struct Version { major: u32, minor: u32, patch: Option, } impl string::ToString for Version { fn to_string(&self) -> String { match self.patch { Some(patch) => format!("v{}.{}.{}", self.major, self.minor, patch), None => format!("v{}.{}", self.major, self.minor), } } } const LIBNITROKEY_VERSION: Version = Version { major: 3, minor: 4, patch: Some(1), }; fn prepare_version_source( version: Version, out_path: &path::Path, library_path: &path::Path, ) -> io::Result { let out = out_path.join("version.cc"); let template = library_path.join("version.cc.in"); let mut file = fs::File::open(template)?; let mut data = String::new(); file.read_to_string(&mut data)?; drop(file); let data = data .replace("@PROJECT_VERSION_MAJOR@", &version.major.to_string()) .replace("@PROJECT_VERSION_MINOR@", &version.minor.to_string()) .replace("@PROJECT_VERSION_GIT@", &version.to_string()); let mut file = fs::File::create(&out)?; file.write_all(data.as_bytes())?; Ok(out) } fn main() { if env::var("USE_SYSTEM_LIBNITROKEY").is_ok() { println!("cargo:rustc-link-lib=nitrokey"); return; } let out_dir = env::var("OUT_DIR").expect("Environment variable OUT_DIR is not set"); let out_path = path::PathBuf::from(out_dir); let sources = [ "DeviceCommunicationExceptions.cpp", "NK_C_API.cc", "NitrokeyManager.cc", "command_id.cc", "device.cc", "log.cc", "misc.cc", ]; let library_dir = format!("libnitrokey-{}", LIBNITROKEY_VERSION.to_string()); let library_path = path::Path::new(&library_dir); let version_source = prepare_version_source(LIBNITROKEY_VERSION, &out_path, &library_path) .expect("Could not prepare the version source file"); cc::Build::new() .cpp(true) .flag("-std=c++14") .include(library_path.join("libnitrokey")) .files(sources.iter().map(|s| library_path.join(s))) .file(version_source) .compile("libnitrokey.a"); let hidapi_library_name = if cfg!(target_os = "linux") { "hidapi-libusb" } else { "hidapi" }; println!("cargo:rustc-link-lib={}", hidapi_library_name); } nitrokey-sys-3.4.3/src/ffi.rs010064400017500001750000001205421340346457700143440ustar0000000000000000/* automatically generated by rust-bindgen, manually modified */ /// Use, if no supported device is connected pub const NK_device_model_NK_DISCONNECTED: NK_device_model = 0; /// Nitrokey Pro. pub const NK_device_model_NK_PRO: NK_device_model = 1; /// Nitrokey Storage. pub const NK_device_model_NK_STORAGE: NK_device_model = 2; /// The Nitrokey device models supported by the API. pub type NK_device_model = u32; /// Stores the status of a Storage device. #[repr(C)] #[derive(Debug, Copy, Clone)] pub struct NK_storage_status { /// Indicates whether the unencrypted volume is read-only. pub unencrypted_volume_read_only: bool, /// Indicates whether the unencrypted volume is active. pub unencrypted_volume_active: bool, /// Indicates whether the encrypted volume is read-only. pub encrypted_volume_read_only: bool, /// Indicates whether the encrypted volume is active. pub encrypted_volume_active: bool, /// Indicates whether the hidden volume is read-only. pub hidden_volume_read_only: bool, /// Indicates whether the hidden volume is active. pub hidden_volume_active: bool, /// The major firmware version, e. g. 0 in v0.40. pub firmware_version_major: u8, /// The minor firmware version, e. g. 40 in v0.40. pub firmware_version_minor: u8, /// Indicates whether the firmware is locked. pub firmware_locked: bool, /// The serial number of the SD card in the Storage stick. pub serial_number_sd_card: u32, /// The serial number of the smart card in the Storage stick. pub serial_number_smart_card: u32, /// The number of remaining login attempts for the user PIN. pub user_retry_count: u8, /// The number of remaining login attempts for the admin PIN. pub admin_retry_count: u8, /// Indicates whether a new SD card was found. pub new_sd_card_found: bool, /// Indicates whether the SD card is filled with random characters. pub filled_with_random: bool, /// Indicates whether the stick has been initialized by generating /// the AES keys. pub stick_initialized: bool, } #[test] fn bindgen_test_layout_NK_storage_status() { assert_eq!( ::std::mem::size_of::(), 28usize, concat!("Size of: ", stringify!(NK_storage_status)) ); assert_eq!( ::std::mem::align_of::(), 4usize, concat!("Alignment of ", stringify!(NK_storage_status)) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).unencrypted_volume_read_only as *const _ as usize }, 0usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(unencrypted_volume_read_only) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).unencrypted_volume_active as *const _ as usize }, 1usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(unencrypted_volume_active) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).encrypted_volume_read_only as *const _ as usize }, 2usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(encrypted_volume_read_only) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).encrypted_volume_active as *const _ as usize }, 3usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(encrypted_volume_active) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).hidden_volume_read_only as *const _ as usize }, 4usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(hidden_volume_read_only) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).hidden_volume_active as *const _ as usize }, 5usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(hidden_volume_active) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).firmware_version_major as *const _ as usize }, 6usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(firmware_version_major) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).firmware_version_minor as *const _ as usize }, 7usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(firmware_version_minor) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).firmware_locked as *const _ as usize }, 8usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(firmware_locked) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).serial_number_sd_card as *const _ as usize }, 12usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(serial_number_sd_card) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).serial_number_smart_card as *const _ as usize }, 16usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(serial_number_smart_card) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).user_retry_count as *const _ as usize }, 20usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(user_retry_count) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).admin_retry_count as *const _ as usize }, 21usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(admin_retry_count) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).new_sd_card_found as *const _ as usize }, 22usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(new_sd_card_found) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).filled_with_random as *const _ as usize }, 23usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(filled_with_random) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).stick_initialized as *const _ as usize }, 24usize, concat!( "Offset of field: ", stringify!(NK_storage_status), "::", stringify!(stick_initialized) ) ); } #[repr(C)] #[derive(Debug, Copy, Clone)] pub struct NK_storage_ProductionTest { pub FirmwareVersion_au8: [u8; 2usize], pub FirmwareVersionInternal_u8: u8, pub SD_Card_Size_u8: u8, pub CPU_CardID_u32: u32, pub SmartCardID_u32: u32, pub SD_CardID_u32: u32, pub SC_UserPwRetryCount: u8, pub SC_AdminPwRetryCount: u8, pub SD_Card_ManufacturingYear_u8: u8, pub SD_Card_ManufacturingMonth_u8: u8, pub SD_Card_OEM_u16: u16, pub SD_WriteSpeed_u16: u16, pub SD_Card_Manufacturer_u8: u8, } #[test] fn bindgen_test_layout_NK_storage_ProductionTest() { assert_eq!( ::std::mem::size_of::(), 28usize, concat!("Size of: ", stringify!(NK_storage_ProductionTest)) ); assert_eq!( ::std::mem::align_of::(), 4usize, concat!("Alignment of ", stringify!(NK_storage_ProductionTest)) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).FirmwareVersion_au8 as *const _ as usize }, 0usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(FirmwareVersion_au8) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).FirmwareVersionInternal_u8 as *const _ as usize }, 2usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(FirmwareVersionInternal_u8) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_Card_Size_u8 as *const _ as usize }, 3usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_Card_Size_u8) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).CPU_CardID_u32 as *const _ as usize }, 4usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(CPU_CardID_u32) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SmartCardID_u32 as *const _ as usize }, 8usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SmartCardID_u32) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_CardID_u32 as *const _ as usize }, 12usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_CardID_u32) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SC_UserPwRetryCount as *const _ as usize }, 16usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SC_UserPwRetryCount) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SC_AdminPwRetryCount as *const _ as usize }, 17usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SC_AdminPwRetryCount) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_Card_ManufacturingYear_u8 as *const _ as usize }, 18usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_Card_ManufacturingYear_u8) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_Card_ManufacturingMonth_u8 as *const _ as usize }, 19usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_Card_ManufacturingMonth_u8) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_Card_OEM_u16 as *const _ as usize }, 20usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_Card_OEM_u16) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_WriteSpeed_u16 as *const _ as usize }, 22usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_WriteSpeed_u16) ) ); assert_eq!( unsafe { &(*(::std::ptr::null::())).SD_Card_Manufacturer_u8 as *const _ as usize }, 24usize, concat!( "Offset of field: ", stringify!(NK_storage_ProductionTest), "::", stringify!(SD_Card_Manufacturer_u8) ) ); } extern "C" { pub fn NK_get_storage_production_info( out: *mut NK_storage_ProductionTest, ) -> ::std::os::raw::c_int; } extern "C" { /// Set debug level of messages written on stderr /// @param state state=True - most messages, state=False - only errors level pub fn NK_set_debug(state: bool); } extern "C" { /// Set debug level of messages written on stderr /// @param level (int) 0-lowest verbosity, 5-highest verbosity pub fn NK_set_debug_level(level: ::std::os::raw::c_int); } extern "C" { /// Get the major library version, e. g. the 3 in v3.2. /// @return the major library version pub fn NK_get_major_library_version() -> ::std::os::raw::c_uint; } extern "C" { /// Get the minor library version, e. g. the 2 in v3.2. /// @return the minor library version pub fn NK_get_minor_library_version() -> ::std::os::raw::c_uint; } extern "C" { /// Get the library version as a string. This is the output of /// `git describe --always` at compile time, for example "v3.3" or /// "v3.3-19-gaee920b". /// The return value is a string literal and must not be freed. /// @return the library version as a string pub fn NK_get_library_version() -> *const ::std::os::raw::c_char; } extern "C" { /// Connect to device of given model. Currently library can be connected only to one device at once. /// @param device_model char 'S': Nitrokey Storage, 'P': Nitrokey Pro /// @return 1 if connected, 0 if wrong model or cannot connect pub fn NK_login(device_model: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int; } extern "C" { /// Connect to device of given model. Currently library can be connected only to one device at once. /// @param device_model NK_device_model: NK_PRO: Nitrokey Pro, NK_STORAGE: Nitrokey Storage /// @return 1 if connected, 0 if wrong model or cannot connect pub fn NK_login_enum(device_model: NK_device_model) -> ::std::os::raw::c_int; } extern "C" { /// Connect to first available device, starting checking from Pro 1st to Storage 2nd. /// @return 1 if connected, 0 if wrong model or cannot connect pub fn NK_login_auto() -> ::std::os::raw::c_int; } extern "C" { /// Disconnect from the device. /// @return command processing error code pub fn NK_logout() -> ::std::os::raw::c_int; } extern "C" { /// Query the model of the connected device. /// Returns the model of the connected device or NK_DISCONNECTED. /// /// @return true if a device is connected and the out argument has been set pub fn NK_get_device_model() -> NK_device_model; } extern "C" { /// Return the debug status string. Debug purposes. /// @return command processing error code pub fn NK_status() -> *mut ::std::os::raw::c_char; } extern "C" { /// Return the device's serial number string in hex. /// @return string device's serial number in hex pub fn NK_device_serial_number() -> *mut ::std::os::raw::c_char; } extern "C" { /// Get last command processing status. Useful for commands which returns the results of their own and could not return /// an error code. /// @return previous command processing error code pub fn NK_get_last_command_status() -> u8; } extern "C" { /// Lock device - cancel any user device unlocking. /// @return command processing error code pub fn NK_lock_device() -> ::std::os::raw::c_int; } extern "C" { /// Authenticates the user on USER privilages with user_password and sets user's temporary password on device to user_temporary_password. /// @param user_password char[25] current user password /// @param user_temporary_password char[25] user temporary password to be set on device for further communication (authentication command) /// @return command processing error code pub fn NK_user_authenticate( user_password: *const ::std::os::raw::c_char, user_temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Authenticates the user on ADMIN privilages with admin_password and sets user's temporary password on device to admin_temporary_password. /// @param admin_password char[25] current administrator PIN /// @param admin_temporary_password char[25] admin temporary password to be set on device for further communication (authentication command) /// @return command processing error code pub fn NK_first_authenticate( admin_password: *const ::std::os::raw::c_char, admin_temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Execute a factory reset. /// @param admin_password char[20] current administrator PIN /// @return command processing error code pub fn NK_factory_reset(admin_password: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int; } extern "C" { /// Generates AES key on the device /// @param admin_password char[20] current administrator PIN /// @return command processing error code pub fn NK_build_aes_key(admin_password: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int; } extern "C" { /// Unlock user PIN locked after 3 incorrect codes tries. /// @param admin_password char[20] current administrator PIN /// @return command processing error code pub fn NK_unlock_user_password( admin_password: *const ::std::os::raw::c_char, new_user_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Write general config to the device /// @param numlock set value in range [0-1] to send HOTP code from slot 'numlock' after double pressing numlock /// or outside the range to disable this function /// @param capslock similar to numlock but with capslock /// @param scrolllock similar to numlock but with scrolllock /// @param enable_user_password set True to enable OTP PIN protection (require PIN each OTP code request) /// @param delete_user_password (unused) /// @param admin_temporary_password current admin temporary password /// @return command processing error code pub fn NK_write_config( numlock: u8, capslock: u8, scrolllock: u8, enable_user_password: bool, delete_user_password: bool, admin_temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Get currently set config - status of function Numlock/Capslock/Scrollock OTP sending and is enabled PIN protected OTP /// @see NK_write_config /// @return uint8_t general_config[5]: /// uint8_t numlock; /// uint8_t capslock; /// uint8_t scrolllock; /// uint8_t enable_user_password; /// uint8_t delete_user_password; pub fn NK_read_config() -> *mut u8; } extern "C" { /// Get name of given TOTP slot /// @param slot_number TOTP slot number, slot_number<15 /// @return char[20] the name of the slot pub fn NK_get_totp_slot_name(slot_number: u8) -> *mut ::std::os::raw::c_char; } extern "C" { /// @param slot_number HOTP slot number, slot_number<3 /// @return char[20] the name of the slot pub fn NK_get_hotp_slot_name(slot_number: u8) -> *mut ::std::os::raw::c_char; } extern "C" { /// Erase HOTP slot data from the device /// @param slot_number HOTP slot number, slot_number<3 /// @param temporary_password admin temporary password /// @return command processing error code pub fn NK_erase_hotp_slot( slot_number: u8, temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Erase TOTP slot data from the device /// @param slot_number TOTP slot number, slot_number<15 /// @param temporary_password admin temporary password /// @return command processing error code pub fn NK_erase_totp_slot( slot_number: u8, temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Write HOTP slot data to the device /// @param slot_number HOTP slot number, slot_number<3, 0-numbered /// @param slot_name char[15] desired slot name. C string (requires ending '\0'; 16 bytes). /// @param secret char[40] 160-bit or 320-bit (currently Pro v0.8 only) secret as a hex string. C string (requires ending '\0'; 41 bytes). /// See NitrokeyManager::is_320_OTP_secret_supported. /// @param hotp_counter uint32_t starting value of HOTP counter /// @param use_8_digits should returned codes be 6 (false) or 8 digits (true) /// @param use_enter press ENTER key after sending OTP code using double-pressed scroll/num/capslock /// @param use_tokenID @see token_ID /// @param token_ID @see https://openauthentication.org/token-specs/, 'Class A' section /// @param temporary_password char[25] admin temporary password /// @return command processing error code pub fn NK_write_hotp_slot( slot_number: u8, slot_name: *const ::std::os::raw::c_char, secret: *const ::std::os::raw::c_char, hotp_counter: u64, use_8_digits: bool, use_enter: bool, use_tokenID: bool, token_ID: *const ::std::os::raw::c_char, temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Write TOTP slot data to the device /// @param slot_number TOTP slot number, slot_number<15, 0-numbered /// @param slot_name char[15] desired slot name. C string (requires ending '\0'; 16 bytes). /// @param secret char[40] 160-bit or 320-bit (currently Pro v0.8 only) secret as a hex string. C string (requires ending '\0'; 41 bytes). /// See NitrokeyManager::is_320_OTP_secret_supported. /// @param time_window uint16_t time window for this TOTP /// @param use_8_digits should returned codes be 6 (false) or 8 digits (true) /// @param use_enter press ENTER key after sending OTP code using double-pressed scroll/num/capslock /// @param use_tokenID @see token_ID /// @param token_ID @see https://openauthentication.org/token-specs/, 'Class A' section /// @param temporary_password char[20] admin temporary password /// @return command processing error code pub fn NK_write_totp_slot( slot_number: u8, slot_name: *const ::std::os::raw::c_char, secret: *const ::std::os::raw::c_char, time_window: u16, use_8_digits: bool, use_enter: bool, use_tokenID: bool, token_ID: *const ::std::os::raw::c_char, temporary_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Get HOTP code from the device /// @param slot_number HOTP slot number, slot_number<3 /// @return HOTP code pub fn NK_get_hotp_code(slot_number: u8) -> *mut ::std::os::raw::c_char; } extern "C" { /// Get HOTP code from the device (PIN protected) /// @param slot_number HOTP slot number, slot_number<3 /// @param user_temporary_password char[25] user temporary password if PIN protected OTP codes are enabled, /// otherwise should be set to empty string - '' /// @return HOTP code pub fn NK_get_hotp_code_PIN( slot_number: u8, user_temporary_password: *const ::std::os::raw::c_char, ) -> *mut ::std::os::raw::c_char; } extern "C" { /// Get TOTP code from the device /// @param slot_number TOTP slot number, slot_number<15 /// @param challenge TOTP challenge -- unused /// @param last_totp_time last time -- unused /// @param last_interval last interval --unused /// @return TOTP code pub fn NK_get_totp_code( slot_number: u8, challenge: u64, last_totp_time: u64, last_interval: u8, ) -> *mut ::std::os::raw::c_char; } extern "C" { /// Get TOTP code from the device (PIN protected) /// @param slot_number TOTP slot number, slot_number<15 /// @param challenge TOTP challenge -- unused /// @param last_totp_time last time -- unused /// @param last_interval last interval -- unused /// @param user_temporary_password char[25] user temporary password if PIN protected OTP codes are enabled, /// otherwise should be set to empty string - '' /// @return TOTP code pub fn NK_get_totp_code_PIN( slot_number: u8, challenge: u64, last_totp_time: u64, last_interval: u8, user_temporary_password: *const ::std::os::raw::c_char, ) -> *mut ::std::os::raw::c_char; } extern "C" { /// Set time on the device (for TOTP requests) /// @param time seconds in unix epoch (from 01.01.1970) /// @return command processing error code pub fn NK_totp_set_time(time: u64) -> ::std::os::raw::c_int; } extern "C" { /// Set the device time used for TOTP to the given time. Contrary to /// {@code set_time(uint64_t)}, this command fails if {@code old_time} /// > {@code time} or if {@code old_time} is zero (where {@code /// old_time} is the current time on the device). /// /// @param time new device time as Unix timestamp (seconds since /// 1970-01-01) /// @return command processing error code pub fn NK_totp_set_time_soft(time: u64) -> ::std::os::raw::c_int; } extern "C" { pub fn NK_totp_get_time() -> ::std::os::raw::c_int; } extern "C" { /// Change administrator PIN /// @param current_PIN char[25] current PIN /// @param new_PIN char[25] new PIN /// @return command processing error code pub fn NK_change_admin_PIN( current_PIN: *const ::std::os::raw::c_char, new_PIN: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Change user PIN /// @param current_PIN char[25] current PIN /// @param new_PIN char[25] new PIN /// @return command processing error code pub fn NK_change_user_PIN( current_PIN: *const ::std::os::raw::c_char, new_PIN: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Get retry count of user PIN /// @return user PIN retry count pub fn NK_get_user_retry_count() -> u8; } extern "C" { /// Get retry count of admin PIN /// @return admin PIN retry count pub fn NK_get_admin_retry_count() -> u8; } extern "C" { /// Enable password safe access /// @param user_pin char[30] current user PIN /// @return command processing error code pub fn NK_enable_password_safe( user_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Get password safe slots' status /// @return uint8_t[16] slot statuses - each byte represents one slot with 0 (not programmed) and 1 (programmed) pub fn NK_get_password_safe_slot_status() -> *mut u8; } extern "C" { /// Get password safe slot name /// @param slot_number password safe slot number, slot_number<16 /// @return slot name pub fn NK_get_password_safe_slot_name(slot_number: u8) -> *mut ::std::os::raw::c_char; } extern "C" { /// Get password safe slot login /// @param slot_number password safe slot number, slot_number<16 /// @return login from the PWS slot pub fn NK_get_password_safe_slot_login(slot_number: u8) -> *mut ::std::os::raw::c_char; } extern "C" { /// Get the password safe slot password /// @param slot_number password safe slot number, slot_number<16 /// @return password from the PWS slot pub fn NK_get_password_safe_slot_password(slot_number: u8) -> *mut ::std::os::raw::c_char; } extern "C" { /// Write password safe data to the slot /// @param slot_number password safe slot number, slot_number<16 /// @param slot_name char[11] name of the slot /// @param slot_login char[32] login string /// @param slot_password char[20] password string /// @return command processing error code pub fn NK_write_password_safe_slot( slot_number: u8, slot_name: *const ::std::os::raw::c_char, slot_login: *const ::std::os::raw::c_char, slot_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Erase the password safe slot from the device /// @param slot_number password safe slot number, slot_number<16 /// @return command processing error code pub fn NK_erase_password_safe_slot(slot_number: u8) -> ::std::os::raw::c_int; } extern "C" { /// Check whether AES is supported by the device /// @return 0 for no and 1 for yes pub fn NK_is_AES_supported( user_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Get device's major firmware version /// @return major part of the version number (e.g. 0 from 0.48, 0 from 0.7 etc.) pub fn NK_get_major_firmware_version() -> ::std::os::raw::c_int; } extern "C" { /// Get device's minor firmware version /// @return minor part of the version number (e.g. 7 from 0.7, 48 from 0.48 etc.) pub fn NK_get_minor_firmware_version() -> ::std::os::raw::c_int; } extern "C" { /// Function to determine unencrypted volume PIN type /// @param minor_firmware_version /// @return Returns 1, if set unencrypted volume ro/rw pin type is User, 0 otherwise. pub fn NK_set_unencrypted_volume_rorw_pin_type_user() -> ::std::os::raw::c_int; } extern "C" { /// This command is typically run to initiate /// communication with the device (altough not required). /// It sets time on device and returns its current status /// - a combination of set_time and get_status_storage commands /// Storage only /// @param seconds_from_epoch date and time expressed in seconds pub fn NK_send_startup(seconds_from_epoch: u64) -> ::std::os::raw::c_int; } extern "C" { /// Unlock encrypted volume. /// Storage only /// @param user_pin user pin 20 characters /// @return command processing error code pub fn NK_unlock_encrypted_volume( user_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Locks encrypted volume /// @return command processing error code pub fn NK_lock_encrypted_volume() -> ::std::os::raw::c_int; } extern "C" { /// Unlock hidden volume and lock encrypted volume. /// Requires encrypted volume to be unlocked. /// Storage only /// @param hidden_volume_password 20 characters /// @return command processing error code pub fn NK_unlock_hidden_volume( hidden_volume_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Locks hidden volume /// @return command processing error code pub fn NK_lock_hidden_volume() -> ::std::os::raw::c_int; } extern "C" { /// Create hidden volume. /// Requires encrypted volume to be unlocked. /// Storage only /// @param slot_nr slot number in range 0-3 /// @param start_percent volume begin expressed in percent of total available storage, int in range 0-99 /// @param end_percent volume end expressed in percent of total available storage, int in range 1-100 /// @param hidden_volume_password 20 characters /// @return command processing error code pub fn NK_create_hidden_volume( slot_nr: u8, start_percent: u8, end_percent: u8, hidden_volume_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Make unencrypted volume read-only. /// Device hides unencrypted volume for a second therefore make sure /// buffers are flushed before running. /// Does nothing if firmware version is not matched /// Firmware range: Storage v0.50, v0.48 and below /// Storage only /// @param user_pin 20 characters User PIN /// @return command processing error code pub fn NK_set_unencrypted_read_only( user_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Make unencrypted volume read-write. /// Device hides unencrypted volume for a second therefore make sure /// buffers are flushed before running. /// Does nothing if firmware version is not matched /// Firmware range: Storage v0.50, v0.48 and below /// Storage only /// @param user_pin 20 characters User PIN /// @return command processing error code pub fn NK_set_unencrypted_read_write( user_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Make unencrypted volume read-only. /// Device hides unencrypted volume for a second therefore make sure /// buffers are flushed before running. /// Does nothing if firmware version is not matched /// Firmware range: Storage v0.49, v0.51+ /// Storage only /// @param admin_pin 20 characters Admin PIN /// @return command processing error code pub fn NK_set_unencrypted_read_only_admin( admin_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Make unencrypted volume read-write. /// Device hides unencrypted volume for a second therefore make sure /// buffers are flushed before running. /// Does nothing if firmware version is not matched /// Firmware range: Storage v0.49, v0.51+ /// Storage only /// @param admin_pin 20 characters Admin PIN /// @return command processing error code pub fn NK_set_unencrypted_read_write_admin( admin_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Make encrypted volume read-only. /// Device hides encrypted volume for a second therefore make sure /// buffers are flushed before running. /// Firmware range: v0.49 only, future (see firmware release notes) /// Storage only /// @param admin_pin 20 characters /// @return command processing error code pub fn NK_set_encrypted_read_only( admin_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Make encrypted volume read-write. /// Device hides encrypted volume for a second therefore make sure /// buffers are flushed before running. /// Firmware range: v0.49 only, future (see firmware release notes) /// Storage only /// @param admin_pin 20 characters /// @return command processing error code pub fn NK_set_encrypted_read_write( admin_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Exports device's firmware to unencrypted volume. /// Storage only /// @param admin_pin 20 characters /// @return command processing error code pub fn NK_export_firmware(admin_pin: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int; } extern "C" { /// Clear new SD card notification. It is set after factory reset. /// Storage only /// @param admin_pin 20 characters /// @return command processing error code pub fn NK_clear_new_sd_card_warning( admin_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Fill SD card with random data. /// Should be done on first stick initialization after creating keys. /// Storage only /// @param admin_pin 20 characters /// @return command processing error code pub fn NK_fill_SD_card_with_random_data( admin_pin: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Change update password. /// Update password is used for entering update mode, where firmware /// could be uploaded using dfu-programmer or other means. /// Storage only /// @param current_update_password 20 characters /// @param new_update_password 20 characters /// @return command processing error code pub fn NK_change_update_password( current_update_password: *const ::std::os::raw::c_char, new_update_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Enter update mode. Needs update password. /// When device is in update mode it no longer accepts any HID commands until /// firmware is launched (regardless of being updated or not). /// Smartcard (through CCID interface) and its all volumes are not visible as well. /// Its VID and PID are changed to factory-default (03eb:2ff1 Atmel Corp.) /// to be detected by flashing software. Result of this command can be reversed /// by using 'launch' command. /// For dfu-programmer it would be: 'dfu-programmer at32uc3a3256s launch'. /// Storage only /// @param update_password 20 characters /// @return command processing error code pub fn NK_enable_firmware_update( update_password: *const ::std::os::raw::c_char, ) -> ::std::os::raw::c_int; } extern "C" { /// Get Storage stick status as string. /// Storage only /// @return string with devices attributes pub fn NK_get_status_storage_as_string() -> *mut ::std::os::raw::c_char; } extern "C" { /// Get the Storage stick status and return the command processing /// error code. If the code is zero, i. e. the command was successful, /// the storage status is written to the output pointer's target. /// The output pointer must not be null. /// /// @param out the output pointer for the storage status /// @return command processing error code pub fn NK_get_status_storage(out: *mut NK_storage_status) -> ::std::os::raw::c_int; } extern "C" { /// Get SD card usage attributes as string. /// Usable during hidden volumes creation. /// Storage only /// @return string with SD card usage attributes pub fn NK_get_SD_usage_data_as_string() -> *mut ::std::os::raw::c_char; } extern "C" { /// Get progress value of current long operation. /// Storage only /// @return int in range 0-100 or -1 if device is not busy pub fn NK_get_progress_bar_value() -> ::std::os::raw::c_int; } extern "C" { /// Returns a list of connected devices' id's, delimited by ';' character. Empty string is returned on no device found. /// Each ID could consist of: /// 1. SC_id:SD_id_p_path (about 40 bytes) /// 2. path (about 10 bytes) /// where 'path' is USB path (bus:num), 'SC_id' is smartcard ID, 'SD_id' is storage card ID and /// '_p_' and ':' are field delimiters. /// Case 2 (USB path only) is used, when the device cannot be asked about its status data (e.g. during a long operation, /// like clearing SD card. /// Internally connects to all available devices and creates a map between ids and connection objects. /// Side effects: changes active device to last detected Storage device. /// Storage only /// @example Example of returned data: '00005d19:dacc2cb4_p_0001:0010:02;000037c7:4cf12445_p_0001:000f:02;0001:000c:02' /// @return string delimited id's of connected devices pub fn NK_list_devices_by_cpuID() -> *mut ::std::os::raw::c_char; } extern "C" { /// Connects to the device with given ID. ID's list could be created with NK_list_devices_by_cpuID. /// Requires calling to NK_list_devices_by_cpuID first. Connecting to arbitrary ID/USB path is not handled. /// On connection requests status from device and disconnects it / removes from map on connection failure. /// Storage only /// @param id Target device ID (example: '00005d19:dacc2cb4_p_0001:0010:02') /// @return 1 on successful connection, 0 otherwise pub fn NK_connect_with_ID(id: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int; } extern "C" { /// Blink red and green LED alternatively and infinitely (until device is reconnected). /// @return command processing error code pub fn NK_wink() -> ::std::os::raw::c_int; } nitrokey-sys-3.4.3/src/lib.rs010064400017500001750000000012201341276255400143310ustar0000000000000000#![allow(non_upper_case_globals)] #![allow(non_camel_case_types)] #![allow(non_snake_case)] mod ffi; pub use crate::ffi::*; #[cfg(test)] mod tests { use super::*; use std::ffi::CString; #[test] fn login_auto() { unsafe { assert_eq!(0, NK_login_auto()); } } #[test] fn login() { unsafe { // Unconnected assert_eq!(0, NK_login(CString::new("S").unwrap().as_ptr())); assert_eq!(0, NK_login(CString::new("P").unwrap().as_ptr())); // Unsupported model assert_eq!(0, NK_login(CString::new("T").unwrap().as_ptr())); } } } nitrokey-sys-3.4.3/.cargo_vcs_info.json0000644000000001120000000000000135540ustar00{ "git": { "sha1": "fe86df47853718983e1f45d6a4289a1d93ace45c" } }